r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 30c30d01178fc74ac5266ee64c3ee85b
c0c2af8a864c00aa85a8775d55f85ab107150a3b
c15644f69fbfeb99074c7e9711dfc9452ee164fa78eb981b6bae4fb7e3585f2a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C15644F69FBFEB99074C7E9711DFC9452EE164FA78EB981B6BAE4FB7E3585F2A"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4944
Expires: Fri, 18 Nov 2022 10:02:05 GMT
Date: Fri, 18 Nov 2022 08:39:41 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash be1be806b5dca7facbb45a6c3db44652
7ae9380a2f3eca959fe6ff6b3832a17cffd12cf4
1f3338058f8e9cae5c9fdd733c74564312726b01c6efdcd628d851d0c99876b0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6499
Cache-Control: max-age=99601
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 08:39:41 GMT
Etag: "63760d7b-1d7"
Expires: Sat, 19 Nov 2022 12:19:42 GMT
Last-Modified: Thu, 17 Nov 2022 10:31:23 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3a38b6dd8a4cc335c026aebf2ed348b6
8a386e0ccb0ca4dc502746c45b2ebc3aa3f83cf8
8b4040a645cec1841a00a22765eb3a74978559daf15c54bd4b41b6b48aab7f95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B4040A645CEC1841A00A22765EB3A74978559DAF15C54BD4B41B6B48AAB7F95"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8614
Expires: Fri, 18 Nov 2022 11:03:15 GMT
Date: Fri, 18 Nov 2022 08:39:41 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 18 Nov 2022 07:45:02 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3279
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: KJdqUQToo0OJHG2eVNqj5q1IhbUoanvK5YX+4nO6n+WQq7oZ/CN07sVhHhR2+AamLNPC5RSeih4=
x-amz-request-id: ZRJ2SWX7REGX2FRR
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 18 Nov 2022 07:52:48 GMT
age: 2813
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 18 Nov 2022 08:39:41 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.uib.agency/
50.87.153.183301 Moved Permanently 0 B IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 18 Nov 2022 08:39:41 GMT
Server: Apache
X-Redirect-By: WordPress
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: http://uib.agency/
Content-Length: 0
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 18 Nov 2022 07:44:49 GMT
cache-control: public,max-age=3600
age: 3293
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c10055ce87434f700ff8b20e3be1f919
477b3c9f1da0c464282bb54572737e76b6e346da
4d78eb296876122e5ff40fcd7667adf1bf8a4b1ee4c8203c88a63ce8d7910a57
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2835
Cache-Control: max-age=90868
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 08:39:42 GMT
Etag: "6375f9af-1d7"
Expires: Sat, 19 Nov 2022 09:54:10 GMT
Last-Modified: Thu, 17 Nov 2022 09:06:55 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.89.114.252101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.114.252:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: m7yWSr8uw2pA7Y1yxoxwrA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Ez7I/r9IEqRAG1iZk69riWlrSh4=
uib.agency/
50.87.153.183200 OK 19 kB IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (9381), with CRLF, LF line terminators
Hash 9cd5cb4cdb2fc2db8cb06baf172e5e38
ce086770dfdb6a2b1be80fbbe72888c9f8baa368
f64c83ce3125469d5c199c456617c58bd9cb02b052d41fb8694500b93b9ee3fc
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:39:42 GMT
Server: Apache
Link: <https://uib.agency/wp-json/>; rel="https://api.w.org/"
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash feaeba711c7421b074e726f89ff34e0b
c590c0b76a7a78ab51a4dabcd8f20a1b172b02fb
ebe6e312ea7116713547fbd756805843b1c242ad22269158a79305f1819fa990
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 08:39:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
uib.agency/wp-includes/css/classic-themes.min.css?ver=1
50.87.153.183200 OK 189 B URL HTTP/1.1 uib.agency/wp-includes/css/classic-themes.min.css?ver=1
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:39:43 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 02 Nov 2022 07:14:58 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 189
Keep-Alive: timeout=5, max=75
Content-Type: text/css
uib.agency/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=7.1.0
50.87.153.183200 OK 3.1 kB URL HTTP/1.1 uib.agency/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=7.1.0
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (17809), with no line terminators
Hash 97f3e7860b3e0d99f3c0327b0045363a
885af5049143e765b7fd0f3a0a860613b05d12d1
ff05d291dd422f8bee80e816eb1480c67fb3e0d6071bebd8f04c86de87a70080
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=7.1.0 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:39:43 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 09 Nov 2022 07:19:10 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3086
Keep-Alive: timeout=5, max=75
Content-Type: text/css
uib.agency/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=7.1.0
50.87.153.183200 OK 13 kB URL HTTP/1.1 uib.agency/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=7.1.0
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (62781), with no line terminators
Hash 506114e76608d2cb13e2ae2bcf067c7e
7ea05a51a05343a1b32e7c886add36971a788133
0b16be7c9d35f598d1cb5b6c9a42088aac3245180430e6583984f03b1ff16bd6
GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=7.1.0 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:39:43 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 09 Nov 2022 07:19:10 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 13258
Keep-Alive: timeout=5, max=75
Content-Type: text/css
uib.agency/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
50.87.153.183409 Conflict 83 B URL HTTP/1.1 uib.agency/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
HTTP/1.1 409 Conflict
Date: Fri, 18 Nov 2022 08:39:43 GMT
Server: Apache
Content-Length: 83
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
fonts.googleapis.com/css?family=Oswald%3A200%2C300%2C400%2C600%2C700%2C800%7COpen+Sans%3A300%2C400%2C600%2C700%2C800&subset=latin%2Clatin-ext
142.250.74.10200 OK 1.4 kB URL HTTP/2 fonts.googleapis.com/css?family=Oswald%3A200%2C300%2C400%2C600%2C700%2C800%7COpen+Sans%3A300%2C400%2C600%2C700%2C800&subset=latin%2Clatin-ext
IP 142.250.74.10:0
Hash d3da9464165f218ea3df76a6b9ce95d0
29e0653bb5cefe9868b8b0a3ddb6796897313699
9c248b6ed1e339bce020c96f745c7084baa742bab1772ef2048b1e8e6deb8523
GET /css?family=Oswald%3A200%2C300%2C400%2C600%2C700%2C800%7COpen+Sans%3A300%2C400%2C600%2C700%2C800&subset=latin%2Clatin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uib.agency/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 18 Nov 2022 08:39:43 GMT
date: Fri, 18 Nov 2022 08:39:43 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
uib.agency/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
50.87.153.183200 OK 7.1 kB URL HTTP/1.1 uib.agency/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (30837)
Hash 09b8b6cbc1b0486aa66786792e8c6984
73a077a16ce58b6b5c7169a61989f7421a913936
a8e462cb54773ddf7cd4fdc03715c0cd12a537c633c026635d5810b621246db6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:39:43 GMT
Server: Apache
Last-Modified: Sun, 13 Nov 2022 19:12:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7112
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css
uib.agency/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.7.5
50.87.153.183200 OK 50 kB URL HTTP/1.1 uib.agency/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.7.5
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Hash 5804b0e0c7c88d6c00e4fd0cb5d7cd05
81a6abb3403b3852796051bf82f1cbc6411d45cb
e79c03ed91601cbe74b8fe9442ce25ec0348c03bfee0f0fe5612f164ce164bc1
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.7.5 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:39:43 GMT
Server: Apache
Last-Modified: Wed, 09 Nov 2022 07:19:10 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
uib.agency/wp-content/plugins/sina-extension-for-elementor/admin/assets/css/icofont.min.css?ver=3.4.4
50.87.153.183200 OK 15 kB URL HTTP/1.1 uib.agency/wp-content/plugins/sina-extension-for-elementor/admin/assets/css/icofont.min.css?ver=3.4.4
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65354), with CRLF line terminators
Hash 3a410afdd90e35cf465f5618a60da711
a623969960c88e0705a194dea8d19a1d3345babc
08f3e67875bd329c2c48c16434cc7c71144d048ce4e96a9649b65ff2f1a22207
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/sina-extension-for-elementor/admin/assets/css/icofont.min.css?ver=3.4.4 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:39:43 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 08 Nov 2022 19:15:08 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 14957
Keep-Alive: timeout=5, max=75
Content-Type: text/css
uib.agency/wp-content/themes/construction-light/assets/library/fontawesome/css/all.min.css?ver=6.1.1
50.87.153.183200 OK 12 kB URL HTTP/1.1 uib.agency/wp-content/themes/construction-light/assets/library/fontawesome/css/all.min.css?ver=6.1.1
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (56656)
Hash 343c45da71f9d25ca4cf1e89e44dce1d
55b838d2ea45e9c7a30072acf6f429850263e179
58f004b7dc171a0d7abf44edafc53ebcabd4b52d1e385fbf99814db246374b5c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/construction-light/assets/library/fontawesome/css/all.min.css?ver=6.1.1 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:39:43 GMT
Server: Apache
Last-Modified: Sun, 06 Nov 2022 19:15:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12311
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css
uib.agency/wp-content/themes/construction-light/assets/css/animate.css?ver=6.1.1
50.87.153.183200 OK 9.1 kB URL HTTP/1.1 uib.agency/wp-content/themes/construction-light/assets/css/animate.css?ver=6.1.1
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 3366b6b9e28f6011e32287694fa05bb2
13c9c9cc10cd7898367093e2518dfb6f56b15fd4
97c38e72d5673c7896f1c038a0b9027fb0e9a84e56722bf3f21eafa084ddf84f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/construction-light/assets/css/animate.css?ver=6.1.1 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:39:43 GMT
Server: Apache
Last-Modified: Sun, 06 Nov 2022 19:15:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 9066
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/css
uib.agency/wp-content/themes/construction-light/assets/library/bootstrap/css/bootstrap.min.css?ver=6.1.1
50.87.153.183200 OK 35 kB URL HTTP/1.1 uib.agency/wp-content/themes/construction-light/assets/library/bootstrap/css/bootstrap.min.css?ver=6.1.1
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65324)
Hash 3b42bfa4f91fe5e2e03d216fc4c5335b
e0f383b017ebd7569df4beb55d7af7548634c73d
95baa9e47c6ec54c866aae22c1378efefe7712eb1cde6a24a9885d60bbeb3fd4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/construction-light/assets/library/bootstrap/css/bootstrap.min.css?ver=6.1.1 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:39:43 GMT
Server: Apache
Last-Modified: Sun, 06 Nov 2022 19:15:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7911
Expires: Fri, 18 Nov 2022 10:51:34 GMT
Date: Fri, 18 Nov 2022 08:39:43 GMT
Connection: keep-alive
uib.agency/wp-content/themes/construction-light/assets/css/responsive.css?ver=6.1.1
50.87.153.183200 OK 3.0 kB URL HTTP/1.1 uib.agency/wp-content/themes/construction-light/assets/css/responsive.css?ver=6.1.1
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash eededf6ad92aaf33195583567c5da56c
e6708eb6b9d4db07cf4ee5bdb1a953dcf00729e2
f309d44f44672efc9ac4a17c1e5e0e61f3fc186a7755c457ab28463cf230bbd5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/construction-light/assets/css/responsive.css?ver=6.1.1 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:39:43 GMT
Server: Apache
Last-Modified: Sun, 06 Nov 2022 19:15:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2973
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7911
Expires: Fri, 18 Nov 2022 10:51:34 GMT
Date: Fri, 18 Nov 2022 08:39:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7911
Expires: Fri, 18 Nov 2022 10:51:34 GMT
Date: Fri, 18 Nov 2022 08:39:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7911
Expires: Fri, 18 Nov 2022 10:51:34 GMT
Date: Fri, 18 Nov 2022 08:39:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7911
Expires: Fri, 18 Nov 2022 10:51:34 GMT
Date: Fri, 18 Nov 2022 08:39:43 GMT
Connection: keep-alive
stats.wp.com/e-202246.js
192.0.76.3200 OK 12 kB IP 192.0.76.3:0
File type ASCII text, with very long lines (2690)
Hash 4656100d6d89bf1eaf3e016d5be19408
b0e77545baa477e5932ede3068e0c165a475d619
dcfbc8ee2f81bd7a4d289dba8ec5baefd3983f033efe644bb056b9a13a28ad8e
GET /e-202246.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uib.agency/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 18 Nov 2022 08:39:43 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6197c5cf-3508"
content-encoding: br
expires: Sun, 05 Nov 2023 21:02:58 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
uib.agency/wp-content/themes/construction-light/assets/library/magnific-popup/magnefic.min.css?ver=6.1.1
50.87.153.183200 OK 1.9 kB URL HTTP/1.1 uib.agency/wp-content/themes/construction-light/assets/library/magnific-popup/magnefic.min.css?ver=6.1.1
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (5172), with CRLF line terminators
Hash 5e53d06ce06d21719dabe87f8b298aa1
658d73cb59a6d10bf9e11b7c690b5f8403417370
58872a7fc198b4f88a11b00eb823fe4195c2b9e6c01736cf3a4f4b0a0b5a55f6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/construction-light/assets/library/magnific-popup/magnefic.min.css?ver=6.1.1 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:39:43 GMT
Server: Apache
Last-Modified: Sun, 06 Nov 2022 19:15:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1922
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/css
uib.agency/wp-content/themes/construction-light/assets/library/prettyphoto/css/prettyPhoto.css?ver=6.1.1
50.87.153.183200 OK 5.6 kB URL HTTP/1.1 uib.agency/wp-content/themes/construction-light/assets/library/prettyphoto/css/prettyPhoto.css?ver=6.1.1
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash acbe58f6bdbfbad6d72e8c1812e595d7
b833ca03ace8e3e26935f559f12f3c053fae0d1b
91b6e97ff10c7f94d03aa738d7cdd7a749b908b864a1dcb140e64c4248bb7f5c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/construction-light/assets/library/prettyphoto/css/prettyPhoto.css?ver=6.1.1 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:39:43 GMT
Server: Apache
Last-Modified: Sun, 06 Nov 2022 19:15:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5646
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/css
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57ba71d8-c0f3-4d43-a49a-3576bdcfb322.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57ba71d8-c0f3-4d43-a49a-3576bdcfb322.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 292dc2edef978e128f70b96ee4b2b3e2
1530f860e2b54b7b382f59654db63eaed59c5f95
f74b08f1bdd35ea7ebb6e2887fc6c02abc76f9e276cd30d1d7d6475e667b5624
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57ba71d8-c0f3-4d43-a49a-3576bdcfb322.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4310
x-amzn-requestid: 6452483a-f96e-4f27-a18e-55e9206e7be6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-78FiToAMFQag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab7f-4e366d3612f39c5c421e864e;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:45:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0biXrpW2TGcLKgAOqLdsgFkZ5lKewM0VFGeNTTrmHX7QEcuNzuwnvQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 22:14:32 GMT
age: 37511
etag: "1530f860e2b54b7b382f59654db63eaed59c5f95"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba67d881-b66a-4d3d-a1fb-5b40b0fb4d73.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba67d881-b66a-4d3d-a1fb-5b40b0fb4d73.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 68f1108f39ac986b01f33d8eac79ba6b
c15c148b0dcfbe7c3b6e092cc43a432a7f6f4d82
0c54b6fcdc7e48c1cd524d2f17a3be086025a5e2442456e3a85319a9b7d7286c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba67d881-b66a-4d3d-a1fb-5b40b0fb4d73.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6212
x-amzn-requestid: 9152d3e0-b1bc-43ed-ae38-071a9e8bb0b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: brs5xGOCoAMFSjA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63748ea4-4e9fffa852f3f96e36d74db0;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 07:17:56 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MEBITIt7acjXZQ5B4mUVOqQc83x_zlceVBHfiegp80lpc1enmYphBA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 06:27:37 GMT
age: 7926
etag: "c15c148b0dcfbe7c3b6e092cc43a432a7f6f4d82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb1ea6fe-f968-42eb-9bb6-5965ae4e6ce6.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb1ea6fe-f968-42eb-9bb6-5965ae4e6ce6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e5fb6d72b647aabea33ab4017f4a0847
ed93ac946111340a254b92f8ce27e8be93ae87e8
0782ed4ffaea8f9487461d5a9b0c241d30dfe057676753b24e180d0a94efad99
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb1ea6fe-f968-42eb-9bb6-5965ae4e6ce6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7045
x-amzn-requestid: e8dace8b-0cc8-4ea0-b47a-e42a66576f72
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-K3EuCIAMFsmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376aa45-71c191e462be52006858817b;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: S0Sq8vuP-MbcuYVx_WFXTkmrY966mBTY1Qpowx_E_to1tDk1b8R-Bw==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:52:11 GMT
age: 38852
etag: "ed93ac946111340a254b92f8ce27e8be93ae87e8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08ef698a-56d7-4f19-be41-17c1eca0ce7b.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08ef698a-56d7-4f19-be41-17c1eca0ce7b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6672a5b26995975d4c7a589daf121490
b48bffb7c716db7c05dc2e74ffbc49f89e7f4c24
8d23d01e100d958dc1ae0f8f3cd39c2bc40c19c75a560c4df5ba9ce1de247615
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08ef698a-56d7-4f19-be41-17c1eca0ce7b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8644
x-amzn-requestid: 989e9461-ddcc-4a41-8d88-d86dfa891899
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw9UqERtoAMFUow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376a8ea-40b5695c1a052c3a0bd03458;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: j-FsOPbQyKGUzW06HOBWpRb-VIB6dSNf2Dja2ZwtbQaOFs6aJ7MXqw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:55:43 GMT
age: 38640
etag: "b48bffb7c716db7c05dc2e74ffbc49f89e7f4c24"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd5bdc050716bb76afe8090fc81617e7
5109c156b180727767fc03c411190ccc0d3fb5fc
9b13e7838946c6654dda17886c2ca8d42de934acb93f4bddb1008dfa1bd1ea99
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11715
x-amzn-requestid: 20e508bd-6568-4225-9bee-c683a49d44f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhUHkpIAMFfJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-7dc726b94a37fc667e2e6646;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZLWa-RphwZqiAmeqffmEE8Mmfsfs9ZYz0bmANBEc5Ru1--VKDL4Fsw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 15:59:54 GMT
age: 59989
etag: "5109c156b180727767fc03c411190ccc0d3fb5fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
uib.agency/wp-content/plugins/sina-extension-for-elementor/assets/css/owl.carousel.min.css?ver=3.4.4
50.87.153.183200 OK 1.1 kB URL HTTP/1.1 uib.agency/wp-content/plugins/sina-extension-for-elementor/assets/css/owl.carousel.min.css?ver=3.4.4
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3052), with CRLF line terminators
Hash f138edae6d24b77b2093699bff1ae4c5
c4f794ea1db4612247bc42af3fb7700be93c9d9c
50bdc4f10399727a31c167867f7a603436f7fa5b1e2bab89bf0c955e1308682e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/sina-extension-for-elementor/assets/css/owl.carousel.min.css?ver=3.4.4 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:39:43 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 08 Nov 2022 19:15:08 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1098
Keep-Alive: timeout=5, max=75
Content-Type: text/css
uib.agency/wp-content/themes/construction-light/inc/mobile-menu/mobile-menu.css?ver=1
50.87.153.183200 OK 1.6 kB URL HTTP/1.1 uib.agency/wp-content/themes/construction-light/inc/mobile-menu/mobile-menu.css?ver=1
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash a7b355fafc901bc400bf8a46971de985
a80700f5f5b33394bc7d1e0e3fc087e0b125f584
529f0a756a8ab93f1e0243209507bc298d9cd0773ba5a710e9ccec32ad38a575
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/construction-light/inc/mobile-menu/mobile-menu.css?ver=1 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:39:43 GMT
Server: Apache
Last-Modified: Sun, 06 Nov 2022 19:15:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1591
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: text/css
uib.agency/wp-content/themes/insurance-lite/style.css?ver=6.1.1
50.87.153.183200 OK 5.2 kB URL HTTP/1.1 uib.agency/wp-content/themes/insurance-lite/style.css?ver=6.1.1
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (842), with CRLF line terminators
Hash 75cdce83fd68090986b8a051f040d184
a5070439718c652542aa9cf98992dd8175cc451e
ea329d12d58081bb6750d4e6a812cc2f1f23cb06c4ae71945f0dce472574f556
GET /wp-content/themes/insurance-lite/style.css?ver=6.1.1 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:39:43 GMT
Server: Apache
Last-Modified: Tue, 08 Nov 2022 19:15:09 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5199
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/css
uib.agency/wp-content/themes/construction-light/style.css?ver=1.0.3
50.87.153.183200 OK 39 kB URL HTTP/1.1 uib.agency/wp-content/themes/construction-light/style.css?ver=1.0.3
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1443)
Hash 5494f2f60592eb0886731c074832f6ff
f790c080caf29400bfd9f2439a7b21877595c2b8
fe99a88181df5f00180cbca58dea7c600cc55d8b69b2c7a5cd2e9c25a6224a62
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/construction-light/style.css?ver=1.0.3 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:39:43 GMT
Server: Apache
Last-Modified: Sun, 06 Nov 2022 19:15:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
uib.agency/wp-content/plugins/jetpack/css/jetpack.css?ver=11.5.1
50.87.153.183200 OK 24 kB URL HTTP/1.1 uib.agency/wp-content/plugins/jetpack/css/jetpack.css?ver=11.5.1
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 7b13f42af549f07aa1f05656aa6fccd0
bb380ac1498c4a79020879693821448177b257d1
6e6851c82661c5a68956678e3fd1a0c11f4d298d8659898fe75d54bfbed4b8e6
GET /wp-content/plugins/jetpack/css/jetpack.css?ver=11.5.1 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:39:43 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 19:20:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
uib.agency/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
50.87.153.183200 OK 4.6 kB URL HTTP/1.1 uib.agency/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11126)
Hash acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:39:43 GMT
Server: Apache
Last-Modified: Wed, 18 Nov 2020 19:36:06 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4618
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: application/javascript
uib.agency/wp-includes/js/imagesloaded.min.js?ver=4.1.4
50.87.153.183200 OK 2.1 kB URL HTTP/1.1 uib.agency/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (5477)
Hash f0bd7ad12acdee26cbb2701c1ba3610b
53c5d15129860868b60b74cb010b2c6050a64f69
e6d0cb19e56d22e8e511c23ca2bd233bedb40e3c7cf4ff38fe6f059bc7e0c64f
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:39:43 GMT
Server: Apache
Last-Modified: Sun, 14 Jun 2020 04:23:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2103
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: application/javascript
uib.agency/wp-content/themes/construction-light/assets/js/wow.js?ver=1
50.87.153.183200 OK 4.7 kB URL HTTP/1.1 uib.agency/wp-content/themes/construction-light/assets/js/wow.js?ver=1
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 1afb4741d9494659540db4ea6b67c5ae
7c2f89feb4a480944dd1a5a1671d34be47d70926
38cb8c534d670149af14529ee6f40f883567c7a7243b7a6209e8f300eac7d373
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/construction-light/assets/js/wow.js?ver=1 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:39:44 GMT
Server: Apache
Last-Modified: Sun, 06 Nov 2022 19:15:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4656
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: application/javascript
uib.agency/wp-content/themes/construction-light/assets//library/waypoints/waypoints.min.js?ver=1
50.87.153.183200 OK 3.1 kB URL HTTP/1.1 uib.agency/wp-content/themes/construction-light/assets//library/waypoints/waypoints.min.js?ver=1
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (7808), with CRLF line terminators
Hash 45fda2fdd11881e12211a82cf8fd012c
5e7cb001e83175dcbc6b52245d9b9f0fe68f1796
5816aaae9224136c044cadc2b769136375c2e74533e3ff6de07feb5e45605550
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/construction-light/assets//library/waypoints/waypoints.min.js?ver=1 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:39:44 GMT
Server: Apache
Last-Modified: Sun, 06 Nov 2022 19:15:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3137
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: application/javascript
uib.agency/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
50.87.153.183200 OK 39 kB URL HTTP/1.1 uib.agency/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65447)
Hash 32f58a61f7c5a7e10f8b2dcf8e9a8e34
865c25589283ab1debd45bdfa6c4d8c6ecf15ad3
481cb2216fbdb0797af8c61b69c0bda2c10d025f7b11f2cdfac382d35dc45d63
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:39:43 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 07:14:58 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
uib.agency/wp-content/themes/construction-light/assets/library/counter/jquery.counterup.min.js?ver=1
50.87.153.183200 OK 577 B URL HTTP/1.1 uib.agency/wp-content/themes/construction-light/assets/library/counter/jquery.counterup.min.js?ver=1
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (917), with CRLF line terminators
Hash 0dd5217dcac58144556939cd15d820b8
d8d7cf7d6426e44861c912cfce5561e919284ea2
842b56cf5b97ee3fbaddb276e3be4e2c59a85514de5bcd39a8d09caad65e366a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/construction-light/assets/library/counter/jquery.counterup.min.js?ver=1 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:39:44 GMT
Server: Apache
Last-Modified: Sun, 06 Nov 2022 19:15:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 577
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: application/javascript
uib.agency/wp-content/themes/construction-light/assets/library/theia-sticky-sidebar/js/theia-sticky-sidebar.min.js?ver=1
50.87.153.183200 OK 1.9 kB URL HTTP/1.1 uib.agency/wp-content/themes/construction-light/assets/library/theia-sticky-sidebar/js/theia-sticky-sidebar.min.js?ver=1
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (5088)
Hash 0570d6677b3dcb385837369ce83f1369
073a8a375c1d6abbc60208d897d7490c6177a934
3397b345a0f8dc1ddf549a5702237eede0ed1d2ec413ef967a4912739cf26f9c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/construction-light/assets/library/theia-sticky-sidebar/js/theia-sticky-sidebar.min.js?ver=1 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:39:44 GMT
Server: Apache
Last-Modified: Sun, 06 Nov 2022 19:15:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1909
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: application/javascript
uib.agency/wp-includes/js/masonry.min.js?ver=4.2.2
50.87.153.183200 OK 9.2 kB URL HTTP/1.1 uib.agency/wp-includes/js/masonry.min.js?ver=4.2.2
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (23966)
Hash 2a730dafa34e6ff81513d31e486cdbdb
1fce17d256f67ae086d74092a03006997d9b0add
7a5fd36a453a3a7471fa93b8169579f9a98e2df7a262c44d28d3de41a0f7ae1c
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/masonry.min.js?ver=4.2.2 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:39:44 GMT
Server: Apache
Last-Modified: Sun, 14 Jun 2020 04:23:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 9216
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: application/javascript
uib.agency/wp-content/themes/construction-light/assets/js/jquery.countdown.js?ver=1.0.0
50.87.153.183200 OK 1.2 kB URL HTTP/1.1 uib.agency/wp-content/themes/construction-light/assets/js/jquery.countdown.js?ver=1.0.0
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash f069000e63b11464ddfbd54d9d339def
a25b3b9f688566186cb96ab862b7bacd924d4dac
ada3aadc6d68ec4bad3c838cfdf404e290dec3132a9bf4295a695a6949bd5e58
GET /wp-content/themes/construction-light/assets/js/jquery.countdown.js?ver=1.0.0 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:39:44 GMT
Server: Apache
Last-Modified: Sun, 06 Nov 2022 19:15:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1212
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: application/javascript
uib.agency/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
50.87.153.183200 OK 8.3 kB URL HTTP/1.1 uib.agency/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 838560e989767f2ef5951b9eeee20352
6bf8419cb4d68d9beced9e4b79b22b347ae16a46
72e6d275c5229613a59aef94523fc6a96330553976aee003d8544d5806fa0c3d
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:39:44 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 07:14:58 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8344
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: application/javascript
uib.agency/wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.2
50.87.153.183200 OK 3.3 kB URL HTTP/1.1 uib.agency/wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.2
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (8632)
Hash e8af26f5a22eb62ad27874116cada315
214892e681c0f790cb83f73014ef0ef7978e66f7
72ef107cbc2423e7c13d9f309541fa393ed413458f9b054d099769d6bfa33422
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.2 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:39:44 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 07:14:58 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3297
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: application/javascript
uib.agency/wp-content/themes/construction-light/assets/js/construction-light.js?ver=1
50.87.153.183200 OK 5.3 kB URL HTTP/1.1 uib.agency/wp-content/themes/construction-light/assets/js/construction-light.js?ver=1
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash e8575ac7b96a57e85ffc187a0067664b
dcc6526314a17ec2feaafc3896736f43b8c05f55
ed89ef5b8d951e68230fb17d97351ad0958e4b7d1f779a0e90d0007070443c44
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/construction-light/assets/js/construction-light.js?ver=1 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:39:44 GMT
Server: Apache
Last-Modified: Sun, 06 Nov 2022 19:15:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5344
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: application/javascript
uib.agency/wp-content/themes/construction-light/inc/mobile-menu/navigation.js?ver=1
50.87.153.183200 OK 8.0 kB URL HTTP/1.1 uib.agency/wp-content/themes/construction-light/inc/mobile-menu/navigation.js?ver=1
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 8fbf5db18cd8436f30539cce47486957
1e1fdd0678dc00b6a6ea47852eb44d54c94a8288
2321d3e23937150e8887a693a94fbba42ce74dd79ef4d47a21479bf467935505
GET /wp-content/themes/construction-light/inc/mobile-menu/navigation.js?ver=1 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:39:44 GMT
Server: Apache
Last-Modified: Sun, 06 Nov 2022 19:15:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8033
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: application/javascript
uib.agency/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
50.87.153.183200 OK 5.3 kB URL HTTP/1.1 uib.agency/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (15660)
Hash 710f8b142ea44c0682dc2c30f318f065
49144e9b3a76d3d383b1d4359cf7a25e947f4233
708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:39:44 GMT
Server: Apache
Last-Modified: Tue, 12 Apr 2022 15:26:24 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5321
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: application/javascript
uib.agency/wp-content/plugins/sina-extension-for-elementor/assets/css/sina-morphing.min.css?ver=3.4.4
50.87.153.183200 OK 346 B URL HTTP/1.1 uib.agency/wp-content/plugins/sina-extension-for-elementor/assets/css/sina-morphing.min.css?ver=3.4.4
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1847), with no line terminators
Hash 9fee81132b3df359545cbc55108b60d5
bf61df5ddf9814808012b24e6a9d60fb15dfb7e2
7c5d2bd36ac31a6b45e2641b38ddf9884aaa271169aabec8206dd037c33351e5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/sina-extension-for-elementor/assets/css/sina-morphing.min.css?ver=3.4.4 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:39:44 GMT
Server: Apache
Last-Modified: Tue, 08 Nov 2022 19:15:08 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 346
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: text/css
uib.agency/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
50.87.153.183200 OK 18 kB URL HTTP/1.1 uib.agency/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (47826)
Hash 9415c9562591af7a582c29139621505f
0b12eecf36a48b871a3198550f4f65bb4a6d9b1b
06c70d3232c2ae3ed2aa259eb7a1beb329b654926813935fffa8902cd5ebaa4a
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:39:44 GMT
Server: Apache
Last-Modified: Wed, 16 Nov 2022 07:14:51 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
uib.agency/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
50.87.153.183200 OK 3.2 kB URL HTTP/1.1 uib.agency/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11256), with no line terminators
Hash 1054d0d53548e8bae51665b11acc6413
2eea6a05fe18db61fff58c431d34a86b3e0b7ade
cb8b0f0f3f871d9776da32ee6d9e1af9277a211be61e97a831c7f8c98fbebfae
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:39:44 GMT
Server: Apache
Last-Modified: Wed, 30 Sep 2020 01:23:06 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3239
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: text/css
uib.agency/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1
50.87.153.183200 OK 1.3 kB URL HTTP/1.1 uib.agency/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4186), with no line terminators
Hash 91bab39b98d7e5c1632717b9ebe349e4
e639a447d06fc7827be5b5b35d603ff16b5f7bb1
47ff151faeb23a5654f6ec58b404e51193f6714849a69de241c2ee79662f74c6
GET /wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:39:44 GMT
Server: Apache
Last-Modified: Sat, 08 Jun 2019 06:15:02 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1298
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: text/css
uib.agency/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.7.5
50.87.153.183200 OK 3.0 kB URL HTTP/1.1 uib.agency/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.7.5
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (10435), with no line terminators
Hash a6099ee677b6d930b6b878cf0cb08422
a2eb69454196d4250d624d25aaec587e97686642
755acd6dc98e63baff6d8b105b1bcaf63b79f935381fb3f32a79dace7faae0ac
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.7.5 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:39:44 GMT
Server: Apache
Last-Modified: Wed, 09 Nov 2022 07:19:10 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2985
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: text/css
uib.agency/wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20191001
50.87.153.183200 OK 369 B URL HTTP/1.1 uib.agency/wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20191001
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (685), with no line terminators
Hash accd80b294f42169b1e447e68bacfffe
40847092d82d78897a8219b270b22838fcc0bb95
35e8294d38f054cd6fbcdef72076443685888546d93b41a596e981a5e9a61552
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20191001 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:39:44 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 19:20:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 369
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: application/javascript
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4013df591f6594a909a0ff844436f4a4
227e8f031e0f2d3c7af02ee446b241b11058bba4
2bc312d353f38b0f59a8f6e494b6a57a8af34d552a1ea3d0b19ab6255f3cf273
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2BC312D353F38B0F59A8F6E494B6A57A8AF34D552A1EA3D0B19AB6255F3CF273"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13126
Expires: Fri, 18 Nov 2022 12:18:30 GMT
Date: Fri, 18 Nov 2022 08:39:44 GMT
Connection: keep-alive
uib.agency/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
50.87.153.183409 Conflict 83 B URL HTTP/1.1 uib.agency/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
HTTP/1.1 409 Conflict
Date: Fri, 18 Nov 2022 08:39:44 GMT
Server: Apache
Content-Length: 83
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
uib.agency/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
50.87.153.183409 Conflict 83 B URL HTTP/1.1 uib.agency/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
HTTP/1.1 409 Conflict
Date: Fri, 18 Nov 2022 08:39:44 GMT
Server: Apache
Content-Length: 83
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
uib.agency/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.1.0
50.87.153.183200 OK 3.9 kB URL HTTP/1.1 uib.agency/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.1.0
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (9111)
Hash a9d79ad492f5d209828cf75ff095edb0
b969ee59c642ce462a2cea6b487f2b1d57a8a18a
c362ad1758080d8a6214b29639dd88f082394a603d4afa9f12d8a037f55f94e5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.1.0 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:39:44 GMT
Server: Apache
Last-Modified: Wed, 09 Nov 2022 07:19:10 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3949
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 71821131fa0825a241bb6f95ad63a26a
4c676dbf861c2fca225bd1b9620237246ddfc724
f2dbe2a5c73657c35a660931a44cda1c1641c5b277ceea3d8fd7b4bfcacaf5ce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 08:39:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 71821131fa0825a241bb6f95ad63a26a
4c676dbf861c2fca225bd1b9620237246ddfc724
f2dbe2a5c73657c35a660931a44cda1c1641c5b277ceea3d8fd7b4bfcacaf5ce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 08:39:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 71821131fa0825a241bb6f95ad63a26a
4c676dbf861c2fca225bd1b9620237246ddfc724
f2dbe2a5c73657c35a660931a44cda1c1641c5b277ceea3d8fd7b4bfcacaf5ce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 08:39:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 71821131fa0825a241bb6f95ad63a26a
4c676dbf861c2fca225bd1b9620237246ddfc724
f2dbe2a5c73657c35a660931a44cda1c1641c5b277ceea3d8fd7b4bfcacaf5ce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 08:39:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
uib.agency/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.1.0
50.87.153.183200 OK 1.2 kB URL HTTP/1.1 uib.agency/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.1.0
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (3029), with no line terminators
Hash 1d43db37790e13f685a3c696579e3b2c
ecd7d8bcf06c069e2f296726649b6959608abfbe
4207a6e0849fcaec34e8b6de5931cf3158aca1121c232039654b4144aea9552e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.1.0 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:39:44 GMT
Server: Apache
Last-Modified: Wed, 09 Nov 2022 07:19:10 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1203
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: application/javascript
fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2
216.58.207.195200 OK 25 kB URL HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 25372, version 1.0\012- data
Hash fe424f96cb627d8b835cb001af17f56e
c5b4368fed99812a99036fba86d01367b5549505
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
GET /s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://uib.agency
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25372
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Nov 2022 21:14:39 GMT
expires: Tue, 14 Nov 2023 21:14:39 GMT
cache-control: public, max-age=31536000
age: 300305
last-modified: Mon, 18 Jul 2022 19:24:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
uib.agency/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.1.0
50.87.153.183200 OK 1.0 kB URL HTTP/1.1 uib.agency/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.1.0
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1668)
Hash 0bebfb5722cbc8ac04e62aa40698be49
3bc5e4f29cb19a2d80d46dee242dabf7e42c0fd3
70d02eabbadbe176455a2bb53d8d567feca69847c067a5274987a8bdc65e3c05
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.1.0 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:39:44 GMT
Server: Apache
Last-Modified: Wed, 09 Nov 2022 07:19:10 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1000
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: application/javascript
i0.wp.com/uib.agency/wp-content/uploads/2022/07/mother-daughter-beach.jpg?w=1280&ssl=1
192.0.77.2200 OK 60 kB URL HTTP/2 i0.wp.com/uib.agency/wp-content/uploads/2022/07/mother-daughter-beach.jpg?w=1280&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x853, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 634563a1c51e45cb2f5d20821093c0fb
12e902b145f989554c58f5c74d2eee37950a0f1b
d0558c3dbb07ec03a900a36dc3f66f28fcb7d42623ee5c48b181a0fbb1fb59ad
GET /uib.agency/wp-content/uploads/2022/07/mother-daughter-beach.jpg?w=1280&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uib.agency/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 18 Nov 2022 08:39:44 GMT
content-type: image/webp
content-length: 59686
last-modified: Fri, 18 Nov 2022 08:39:44 GMT
expires: Sun, 17 Nov 2024 20:39:44 GMT
cache-control: public, max-age=63115200
link: <https://uib.agency/wp-content/uploads/2022/07/mother-daughter-beach.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "ed3a34c8ae642b60"
vary: Accept
x-nc: MISS arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 71821131fa0825a241bb6f95ad63a26a
4c676dbf861c2fca225bd1b9620237246ddfc724
f2dbe2a5c73657c35a660931a44cda1c1641c5b277ceea3d8fd7b4bfcacaf5ce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 08:39:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i0.wp.com/uib.agency/wp-content/uploads/2022/07/about@2x.png?w=334&ssl=1
192.0.77.2200 OK 110 kB URL HTTP/2 i0.wp.com/uib.agency/wp-content/uploads/2022/07/about@2x.png?w=334&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 110 kB (110248 bytes)
Hash 0c939a0a901dca6e19296916f41e9548
24d407cce2fd05838bd242063511e3b1e4ee8f9d
7ef958156d23f1a7694e5ef91ef1980f21e214dd93c343e88f3b8cfa7a390110
GET /uib.agency/wp-content/uploads/2022/07/about@2x.png?w=334&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uib.agency/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 18 Nov 2022 08:39:44 GMT
content-type: image/webp
content-length: 110248
last-modified: Thu, 17 Nov 2022 23:23:43 GMT
expires: Sun, 17 Nov 2024 11:23:43 GMT
cache-control: public, max-age=63115200
link: <https://uib.agency/wp-content/uploads/2022/07/about@2x.png>; rel="canonical"
x-content-type-options: nosniff
etag: "c06c231afed7c517"
vary: Accept
x-nc: MISS arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
uib.agency/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.1.0
50.87.153.183200 OK 792 B URL HTTP/1.1 uib.agency/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.1.0
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2139), with no line terminators
Hash 1ca3f41c13e0027acc45f0601f8b640f
cced34af0c6a59e9cee4229faa66ab39c7031506
d3bc5eaf4c6be9473dbba690825cce9a1a6f4accb6721dae7875efef54942f41
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.1.0 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:39:44 GMT
Server: Apache
Last-Modified: Wed, 09 Nov 2022 07:19:10 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 792
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Content-Type: application/javascript
i0.wp.com/uib.agency/wp-content/uploads/2022/07/doctor-filling-up-life-insurance-form.jpg?w=1280&ssl=1
192.0.77.2200 OK 75 kB URL HTTP/2 i0.wp.com/uib.agency/wp-content/uploads/2022/07/doctor-filling-up-life-insurance-form.jpg?w=1280&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x788, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash abc43bdbb10ca93873ddd38279585bcb
31ef08366d0837f0f22052d2d0a4cbb6c3c1e4b5
5ace291905724ce145ea2944d53f9546b89279ae81474ed4a9faf41240190e43
GET /uib.agency/wp-content/uploads/2022/07/doctor-filling-up-life-insurance-form.jpg?w=1280&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uib.agency/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 18 Nov 2022 08:39:44 GMT
content-type: image/webp
content-length: 74894
last-modified: Fri, 18 Nov 2022 08:39:44 GMT
expires: Sun, 17 Nov 2024 20:39:44 GMT
cache-control: public, max-age=63115200
link: <https://uib.agency/wp-content/uploads/2022/07/doctor-filling-up-life-insurance-form.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "4448662ecd460164"
vary: Accept
x-nc: MISS arn 6
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
uib.agency/wp-content/themes/construction-light/assets/js/odometer.js?ver=1.0.0
50.87.153.183200 OK 6.9 kB URL HTTP/1.1 uib.agency/wp-content/themes/construction-light/assets/js/odometer.js?ver=1.0.0
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (447)
Hash 9c2c33fbd915965b022c372c8c0d4062
504617ecf651c2cfce8511fef016042084702540
c9fc7c8beb85ef8375d5b89042fd5bf2070c5d42cd1ad840805bd875c54c4533
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/construction-light/assets/js/odometer.js?ver=1.0.0 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:39:44 GMT
Server: Apache
Last-Modified: Sun, 06 Nov 2022 19:15:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6888
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: application/javascript
uib.agency/wp-content/themes/construction-light/assets/library/bootstrap/js/bootstrap.min.js?ver=2.0.3
50.87.153.183200 OK 22 kB URL HTTP/1.1 uib.agency/wp-content/themes/construction-light/assets/library/bootstrap/js/bootstrap.min.js?ver=2.0.3
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (56011)
Hash f2145752fcb2b9da121164cb143420ee
7d05ea5ba13b11e933f7eefccc0378b70b94d77b
0cee5fd70d5107d39d851c23a23420d07bfda6a4fbef2fa1cb8cfad2959a7609
GET /wp-content/themes/construction-light/assets/library/bootstrap/js/bootstrap.min.js?ver=2.0.3 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:39:44 GMT
Server: Apache
Last-Modified: Sun, 06 Nov 2022 19:15:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
uib.agency/wp-content/themes/construction-light/assets/library/owlcarousel/js/owl.carousel.min.js?ver=2.3.4
50.87.153.183200 OK 16 kB URL HTTP/1.1 uib.agency/wp-content/themes/construction-light/assets/library/owlcarousel/js/owl.carousel.min.js?ver=2.3.4
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (31997)
Hash 8a2ba9702fb3cca3c84924959fff383d
ec7e32b952d84e211870dd0e9f1520582e3b4270
ebcdf76e9e513c320785d95cbfa122a4aaa6143fc8ea69a2ea0dedf0277828b8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/construction-light/assets/library/owlcarousel/js/owl.carousel.min.js?ver=2.3.4 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:39:44 GMT
Server: Apache
Last-Modified: Sun, 06 Nov 2022 19:15:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 15883
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: application/javascript
uib.agency/wp-content/themes/construction-light/assets/library/magnific-popup/magnific-popup.min.js?ver=1.1.0
50.87.153.183200 OK 9.2 kB URL HTTP/1.1 uib.agency/wp-content/themes/construction-light/assets/library/magnific-popup/magnific-popup.min.js?ver=1.1.0
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (20099), with CRLF line terminators
Hash 5047e2f9eee662935c58d77fffb4b604
cd7df4d0a1dc0e1beea00657c66b8b310ba13b36
eda3d123931709053329e6da39966792dec964573cae1068b766f5f7ff4b0b61
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/construction-light/assets/library/magnific-popup/magnific-popup.min.js?ver=1.1.0 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:39:44 GMT
Server: Apache
Last-Modified: Sun, 06 Nov 2022 19:15:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 9218
Keep-Alive: timeout=5, max=66
Connection: Keep-Alive
Content-Type: application/javascript
uib.agency/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.1.0
50.87.153.183200 OK 1.1 kB URL HTTP/1.1 uib.agency/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.1.0
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2938), with no line terminators
Hash 769e9d3f7fc383ec1a02024e39730474
4f5a5edf28ed19b48c5e40747ec6896f0df8f09e
4636689d57889e984a7a1a1c6e2516b7a2d951407ca826aaf505c50002e2b486
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.1.0 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:39:44 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 09 Nov 2022 07:19:10 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1093
Keep-Alive: timeout=5, max=75
Content-Type: application/javascript
uib.agency/wp-content/themes/construction-light/assets/js/skip-link-focus-fix.js?ver=20151215
50.87.153.183200 OK 417 B URL HTTP/1.1 uib.agency/wp-content/themes/construction-light/assets/js/skip-link-focus-fix.js?ver=20151215
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 73f7704398d8f6be9748d30791950984
3231f3786c364c7665cd7123d8fae0f42bbfd836
c1d9b23aff05fb52e5d6e68aff86d808097185c6dbaac6c3fc3ec6e5bea31ef4
GET /wp-content/themes/construction-light/assets/js/skip-link-focus-fix.js?ver=20151215 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:39:44 GMT
Server: Apache
Last-Modified: Sun, 06 Nov 2022 19:15:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 417
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Content-Type: application/javascript
uib.agency/wp-content/themes/construction-light/assets/library/prettyphoto/js/jquery.prettyPhoto.js?ver=3.1.6
50.87.153.183200 OK 12 kB URL HTTP/1.1 uib.agency/wp-content/themes/construction-light/assets/library/prettyphoto/js/jquery.prettyPhoto.js?ver=3.1.6
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (613)
Hash 7259cd251ce8404452c7426c0a494de5
0f97062b45836ed827c57f7093cb3fa972936c6b
3a1e08440c7edb084879ad1603817827f0e7d5a27c997775312f099e90683ada
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/construction-light/assets/library/prettyphoto/js/jquery.prettyPhoto.js?ver=3.1.6 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:39:45 GMT
Server: Apache
Last-Modified: Sun, 06 Nov 2022 19:15:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12173
Keep-Alive: timeout=5, max=66
Connection: Keep-Alive
Content-Type: application/javascript
uib.agency/wp-content/themes/insurance-lite/js/insurance-lite.js?ver=1.0.3
50.87.153.183200 OK 974 B URL HTTP/1.1 uib.agency/wp-content/themes/insurance-lite/js/insurance-lite.js?ver=1.0.3
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash bf3efa15451e06a4598acd898d554e49
916c554c4699faee4bea1c3ec5d494b2f03bef9b
6f39af8aaf5fcbfd458e410ef3a914620476fa2512f1c8205e49d34aec5a319a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/insurance-lite/js/insurance-lite.js?ver=1.0.3 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:39:45 GMT
Server: Apache
Last-Modified: Tue, 08 Nov 2022 19:15:09 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 974
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: application/javascript
uib.agency/wp-content/plugins/optinmonster/assets/dist/js/helper.min.js?ver=2.11.0
50.87.153.183200 OK 1.0 kB URL HTTP/1.1 uib.agency/wp-content/plugins/optinmonster/assets/dist/js/helper.min.js?ver=2.11.0
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2086), with no line terminators
Hash 0ce2a932eefe1cda0ad8599b273e1bb0
d4d97b79972d7aa6901f65356294180599acce1e
c6091eb670c7df18cc9b16300496e46b91611b0bdc92686625e6a45b9d130888
GET /wp-content/plugins/optinmonster/assets/dist/js/helper.min.js?ver=2.11.0 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:39:45 GMT
Server: Apache
Last-Modified: Sat, 05 Nov 2022 07:11:36 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1017
Keep-Alive: timeout=5, max=65
Connection: Keep-Alive
Content-Type: application/javascript
uib.agency/wp-content/themes/construction-light/assets/js/isotope.pkgd.js?ver=1.0.0
50.87.153.183200 OK 39 kB URL HTTP/1.1 uib.agency/wp-content/themes/construction-light/assets/js/isotope.pkgd.js?ver=1.0.0
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 45d99d1ca836b035119b0490194e2c1a
1634a81fd6a5eeb76fc9d1c5fac226092bc2d885
c5306d0881d4473785cd4f93e616c6493d294f42b4dc2a763aba08042300556e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/construction-light/assets/js/isotope.pkgd.js?ver=1.0.0 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:39:44 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sun, 06 Nov 2022 19:15:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: application/javascript
uib.agency/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
50.87.153.183409 Conflict 83 B URL HTTP/1.1 uib.agency/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
Cookie: _omappvp=K7h4okNMkkfM1piOpIpBROPE7kzslWnQNgztXzKH0rClt5dOJ90zTcYFjmCiAB2dp02jqyoKukxYo3Zbd3F9ELy44aOZKPmi; _omappvs=1668760783107
HTTP/1.1 409 Conflict
Date: Fri, 18 Nov 2022 08:39:45 GMT
Server: Apache
Content-Length: 83
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
uib.agency/wp-content/themes/construction-light/assets/library/fontawesome/webfonts/fa-regular-400.woff2
50.87.153.183200 OK 14 kB URL HTTP/1.1 uib.agency/wp-content/themes/construction-light/assets/library/fontawesome/webfonts/fa-regular-400.woff2
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 13584, version 330.32636\012- data
Hash f5f2566b93e89391da4db79462b8078b
be142af0f56062f6e864de121b98054c7b5954fd
0fc0a22e5e67c95d02c389a1454acc67df53e2f6a46af739f3eac7e352644751
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/construction-light/assets/library/fontawesome/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://uib.agency/wp-content/themes/construction-light/assets/library/fontawesome/css/all.min.css?ver=6.1.1
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:39:45 GMT
Server: Apache
Last-Modified: Sun, 06 Nov 2022 19:15:00 GMT
Accept-Ranges: bytes
Content-Length: 13584
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Content-Type: font/woff2
uib.agency/wp-content/themes/construction-light/assets/library/fontawesome/webfonts/fa-brands-400.woff2
50.87.153.183200 OK 75 kB URL HTTP/1.1 uib.agency/wp-content/themes/construction-light/assets/library/fontawesome/webfonts/fa-brands-400.woff2
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 75336, version 330.32636\012- data
Hash cccc9d29470e879e40eb70249d9a2705
5fe986cda635681b4b6bbd6111df2f26d7fca286
d3caf12591d194712facd10bca14f0a924edb59c24447a3fd994a48286db8843
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/construction-light/assets/library/fontawesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://uib.agency/wp-content/themes/construction-light/assets/library/fontawesome/css/all.min.css?ver=6.1.1
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:39:45 GMT
Server: Apache
Last-Modified: Sun, 06 Nov 2022 19:15:00 GMT
Accept-Ranges: bytes
Content-Length: 75336
Keep-Alive: timeout=5, max=65
Connection: Keep-Alive
Content-Type: font/woff2
uib.agency/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=7.1.0
50.87.153.183200 OK 1.3 kB URL HTTP/1.1 uib.agency/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=7.1.0
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (7043), with no line terminators
Hash 23030da399d26bb36e2effda3c58d488
2480e4b14c65a29b6013515cea8a55a6646aa85a
026d41f0bbec9c4116e05c06d43d3bbae4e9ec0975f84140565760431eaa88d7
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=7.1.0 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:39:45 GMT
Server: Apache
Last-Modified: Wed, 09 Nov 2022 07:19:11 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1294
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css
uib.agency/wp-content/uploads/2022/10/cropped-slider1@2x.jpeg
50.87.153.183200 OK 39 kB URL HTTP/1.1 uib.agency/wp-content/uploads/2022/10/cropped-slider1@2x.jpeg
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1000x250, components 3\012- data
Hash 9a13d811cdb4e5bd37f739e6e67f400d
b84ac7b9263c0dfd42f04e8aba67186bcba526dc
64b1a0d515beb6ff57a493ca97890ddc7cc3fdbded81dbdc26379a4c6658cadc
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/cropped-slider1@2x.jpeg HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:39:45 GMT
Server: Apache
Last-Modified: Tue, 25 Oct 2022 02:10:44 GMT
Accept-Ranges: bytes
Content-Length: 38635
Keep-Alive: timeout=5, max=64
Connection: Keep-Alive
Content-Type: image/jpeg
a.omappapi.com/app/js/5.cadaa863.min.js
194.242.11.186200 OK 10 kB URL HTTP/2 a.omappapi.com/app/js/5.cadaa863.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type ASCII text, with very long lines (9420)
Hash 9eae570126d4e315794499c72643bd63
ef0c3d27217f3b1b342e5bd36daffd4b1cf3ef52
9671cbcbb56f111d91c58f618a22a1c34bcda92ada587263109cc00f41313dad
GET /app/js/5.cadaa863.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uib.agency/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 08:39:45 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"4017efb268dbc129b41902e366e827e6"
last-modified: Tue, 15 Nov 2022 20:54:55 GMT
perma-cache: MISS
x-amz-id-2: eBOEEbQorZSFhXRE8/ZlZI0FjpfstF/OovNeiDm2la1b+/n4fpDu9Da1DzsLBRqMY2sCJQUsbms=
x-amz-request-id: 69TMBZT6YE7D1PRN
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 11/15/2022 20:55:04
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 2cfc5aa5eb6923e3844bf4ac3617106e
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
uib.agency/wp-content/themes/construction-light/assets/library/fontawesome/webfonts/fa-solid-900.woff2
50.87.153.183200 OK 76 kB URL HTTP/1.1 uib.agency/wp-content/themes/construction-light/assets/library/fontawesome/webfonts/fa-solid-900.woff2
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 75728, version 330.32636\012- data
Hash 44d537ab79f921fde5a28b2c1636f397
b2879f9e1d0985a96842bf7f55a2b2cc4c636d04
3d1080625d3030e88357b3ac9aa377dcec23f1b529c4ad03f7a9a435ccae04be
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/construction-light/assets/library/fontawesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://uib.agency/wp-content/themes/construction-light/assets/library/fontawesome/css/all.min.css?ver=6.1.1
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:39:45 GMT
Server: Apache
Last-Modified: Sun, 06 Nov 2022 19:15:00 GMT
Accept-Ranges: bytes
Content-Length: 75728
Keep-Alive: timeout=5, max=66
Connection: Keep-Alive
Content-Type: font/woff2
pixel.wp.com/g.gif?v=ext&blog=97881760&post=0&tz=0&srv=uib.agency&j=1%3A11.5.1&host=uib.agency&ref=&fcp=3328&rand=0.3505151166719852
192.0.76.3200 OK 50 B URL HTTP/1.1 pixel.wp.com/g.gif?v=ext&blog=97881760&post=0&tz=0&srv=uib.agency&j=1%3A11.5.1&host=uib.agency&ref=&fcp=3328&rand=0.3505151166719852
IP 192.0.76.3:0
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&blog=97881760&post=0&tz=0&srv=uib.agency&j=1%3A11.5.1&host=uib.agency&ref=&fcp=3328&rand=0.3505151166719852 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 18 Nov 2022 08:39:45 GMT
Content-Type: image/gif
Content-Length: 50
Connection: keep-alive
Cache-Control: no-cache
Access-Control-Allow-Origin: *
i0.wp.com/uib.agency/wp-content/uploads/2022/07/cropped-slider3@2x.jpeg?fit=32%2C32&ssl=1
192.0.77.2200 OK 400 B URL HTTP/2 i0.wp.com/uib.agency/wp-content/uploads/2022/07/cropped-slider3@2x.jpeg?fit=32%2C32&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 32x32, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 947094d79f98e3f0dc41de9b1f9a580a
571f8d7af91bb993dc5af10ee55c1ea1fe80029b
1b161f47aec6dd413ea75bbb183bca4d3c5e01ae6ae6cfba07dfdf0fbd0d877f
GET /uib.agency/wp-content/uploads/2022/07/cropped-slider3@2x.jpeg?fit=32%2C32&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uib.agency/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 18 Nov 2022 08:39:45 GMT
content-type: image/webp
content-length: 400
last-modified: Fri, 18 Nov 2022 08:39:45 GMT
expires: Sun, 17 Nov 2024 20:39:45 GMT
cache-control: public, max-age=63115200
link: <https://uib.agency/wp-content/uploads/2022/07/cropped-slider3@2x.jpeg>; rel="canonical"
x-content-type-options: nosniff
etag: "f744ff8873da99f4"
vary: Accept
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/uib.agency/wp-content/uploads/2022/07/cropped-slider3@2x.jpeg?fit=192%2C192&ssl=1
192.0.77.2200 OK 4.3 kB URL HTTP/2 i0.wp.com/uib.agency/wp-content/uploads/2022/07/cropped-slider3@2x.jpeg?fit=192%2C192&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 192x192, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 599f2609fd69931d1189122444dfdea5
f9533320e4f063bc9b720d8652d7fb9e7514134e
5add15ac72bc46a875e7e30c37fb42eccb5a12ea7de2ecb70aa287b13018575d
GET /uib.agency/wp-content/uploads/2022/07/cropped-slider3@2x.jpeg?fit=192%2C192&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uib.agency/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 18 Nov 2022 08:39:45 GMT
content-type: image/webp
content-length: 4284
last-modified: Fri, 18 Nov 2022 08:39:45 GMT
expires: Sun, 17 Nov 2024 20:39:45 GMT
cache-control: public, max-age=63115200
link: <https://uib.agency/wp-content/uploads/2022/07/cropped-slider3@2x.jpeg>; rel="canonical"
x-content-type-options: nosniff
etag: "c3cce1db4ed4c3bb"
vary: Accept
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
demo.sparklewpthemes.com/constructionlight/insurance/wp-content/uploads/sites/49/2022/07/slider2@2x.jpeg
104.21.22.105301 Moved Permanently 0 B URL HTTP/1.1 demo.sparklewpthemes.com/constructionlight/insurance/wp-content/uploads/sites/49/2022/07/slider2@2x.jpeg
IP 104.21.22.105:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /constructionlight/insurance/wp-content/uploads/sites/49/2022/07/slider2@2x.jpeg HTTP/1.1
Host: demo.sparklewpthemes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uib.agency/
HTTP/1.1 301 Moved Permanently
Date: Fri, 18 Nov 2022 08:39:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 18 Nov 2022 09:39:45 GMT
Location: https://demo.sparklewpthemes.com/constructionlight/insurance/wp-content/uploads/sites/49/2022/07/slider2@2x.jpeg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FJ7Kl8rohQ%2B577WmN0eWuk%2BNPxdJf0bdj504bnROrrAuLvGieijFyQsgS0O%2FO9u13jRlQCefrPAlzvnpLCD3LsD2ejHQd0SzrU67FLicVy6uET22zFXj4k6S7M3CFr5j0NFK7l8yNpQd7b4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76bf65be8ddbb527-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash a86355d19854e215456bce7e3fc6392e
802d2fba582996cded83c46b1e2295fa8ee6fbc4
2a0568cf803eb04cd312cc27daafe454b8ed5bfa39e6ff517f198bc4f5917e4f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=108567
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 08:39:45 GMT
Etag: "637649e8-116"
Expires: Sat, 19 Nov 2022 14:49:12 GMT
Last-Modified: Thu, 17 Nov 2022 14:49:12 GMT
Server: nginx
Content-Length: 278
uib.agency/?wc-ajax=get_refreshed_fragments
50.87.153.183200 OK 306 B URL HTTP/1.1 uib.agency/?wc-ajax=get_refreshed_fragments
IP 50.87.153.183:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JSON data\012- , ASCII text, with very long lines (554), with no line terminators
Hash dc8e96fb0c60c4685f3a8fa86a2c9088
fc4719ca3dac88dfc3ba4891365bb22ebe995f77
00fc4f21960f3dbeb35814d8178b20322e23d01d760ef213f92a6bba362e5417
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: uib.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: http://uib.agency
Connection: keep-alive
Referer: http://uib.agency/
Cookie: _omappvp=K7h4okNMkkfM1piOpIpBROPE7kzslWnQNgztXzKH0rClt5dOJ90zTcYFjmCiAB2dp02jqyoKukxYo3Zbd3F9ELy44aOZKPmi; _omappvs=1668760783107; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:39:45 GMT
Server: Apache
Access-Control-Allow-Origin: http://uib.agency
Access-Control-Allow-Credentials: true
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 306
Keep-Alive: timeout=5, max=65
Connection: Keep-Alive
Content-Type: application/json; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash a86355d19854e215456bce7e3fc6392e
802d2fba582996cded83c46b1e2295fa8ee6fbc4
2a0568cf803eb04cd312cc27daafe454b8ed5bfa39e6ff517f198bc4f5917e4f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=108567
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 08:39:46 GMT
Etag: "637649e8-116"
Expires: Sat, 19 Nov 2022 14:49:13 GMT
Last-Modified: Thu, 17 Nov 2022 14:49:12 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 278
a.omappapi.com/app/js/26.9d5adc06.min.js
194.242.11.186200 OK 180 kB URL HTTP/2 a.omappapi.com/app/js/26.9d5adc06.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type ASCII text, with very long lines (2788)
Size 180 kB (179502 bytes)
Hash 0522480554d1201f4b37188bf389dacb
c3b01c8329a5b970e598d2946cae529544e34d25
95bbae023795766f917a285ffb98586d8eca88c5fb119cbaf37d06ec0f4d503c
GET /app/js/26.9d5adc06.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uib.agency/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 08:39:45 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"da265e75ae4ae48843994ca20a167e59"
last-modified: Mon, 14 Nov 2022 18:32:56 GMT
perma-cache: MISS
x-amz-id-2: gtloRNSE328xSM21Y8eQrG6XqXR6+j8tl031+H8wSDI2FOaux3+/pWRs+EKegeDnMcOovgDKuFg=
x-amz-request-id: J1NV5HS491EZMCG8
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 11/14/2022 18:33:07
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 84716848585df88f23d08caff50bbe19
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
a.omappapi.com/app/js/4.f2ffe9e7.min.js
194.242.11.186200 OK 61 kB URL HTTP/2 a.omappapi.com/app/js/4.f2ffe9e7.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type ASCII text, with very long lines (20291)
Hash 4fa7364593a79a3bbd574760a9a10798
abb0cac57a9e4e5b4a153d5e8269d29158a67621
7c80c8b38cfcafe96a04aff9c798b06c797ef83c751cfce1df2a37be230dbc24
GET /app/js/4.f2ffe9e7.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uib.agency/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 08:39:45 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"a5db76a7098cd882d7cc8b1ac89a04b0"
last-modified: Mon, 14 Nov 2022 18:32:56 GMT
perma-cache: MISS
x-amz-id-2: +xhN6dnNvMi81iLH684/pxon5dbBfCRQIleiMT39rmch08hqC86ncwL+i+NHLUb8w+ROfI2VWP8=
x-amz-request-id: 65TDY9W74ZS494XE
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 11/14/2022 18:33:06
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 8eb50ccd712b1050ebd615c1937a2ac4
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 44c0170a7d9ce7beaac67074da16d9ba
6aaefe29ffa7873cba33b760ab2547c5ff608092
79a6848811edbf755b0d4f8e72e83fe74e33c7de59b078202f977ac91c06d948
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "79A6848811EDBF755B0D4F8E72E83FE74E33C7DE59B078202F977AC91C06D948"
Last-Modified: Wed, 16 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8794
Expires: Fri, 18 Nov 2022 11:06:24 GMT
Date: Fri, 18 Nov 2022 08:39:50 GMT
Connection: keep-alive
z.omappapi.com/v3/i?aid=148458&cid=lkqzwsswaze81maym8jy&sid=61842a1a37bff&rt=false&dv=desktop&cty=slide&url=&v=5
178.128.135.232204 No Content 0 B URL HTTP/1.1 z.omappapi.com/v3/i?aid=148458&cid=lkqzwsswaze81maym8jy&sid=61842a1a37bff&rt=false&dv=desktop&cty=slide&url=&v=5
IP 178.128.135.232:0
ASN #14061 DIGITALOCEAN-ASN
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/i?aid=148458&cid=lkqzwsswaze81maym8jy&sid=61842a1a37bff&rt=false&dv=desktop&cty=slide&url=&v=5 HTTP/1.1
Host: z.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://uib.agency
Connection: keep-alive
Referer: http://uib.agency/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Fri, 18 Nov 2022 08:39:50 GMT
Connection: keep-alive
Access-Control-Allow-Origin: http://uib.agency
Access-Control-Allow-Credentials: true
Server: kong/0.14.1
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F591858fd-bcb1-4a79-bff2-51b044b4fbb0.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F591858fd-bcb1-4a79-bff2-51b044b4fbb0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 58e93b8944e96f1c5cd61caa7829ca96
c90e73a1a1ecf67e5e0bd374ae37d04caa3bb1c1
b38ee82e01744e77f69be21470d7a864a366a9c94c6c8dd9adf1877ad99199ab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F591858fd-bcb1-4a79-bff2-51b044b4fbb0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8108
x-amzn-requestid: b0579a2a-5b57-40cb-9ab5-1ed1a58ca1fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-MNGLUIAMFp7A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376aa4d-6aeb306b0e99303639416188;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:40:29 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5nocBDggKFVpnZaJj3Mr3iRTKBMSk81Y7FUQ05QHhwTWr9BmrFdOuQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:51:56 GMT
age: 38874
etag: "c90e73a1a1ecf67e5e0bd374ae37d04caa3bb1c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
a.omappapi.com/app/js/api.min.css
194.242.11.186200 OK 0 B URL HTTP/2 a.omappapi.com/app/js/api.min.css
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /app/js/api.min.css HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uib.agency/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 08:39:44 GMT
content-type: text/css
server: BunnyCDN-NO-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"63751b22-464c"
last-modified: Wed, 16 Nov 2022 17:17:22 GMT
cdn-storageserver: DE-198
cdn-requestpullsuccess: True
cdn-fileserver: 490
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/16/2022 17:18:02
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: a89b41be84054ecb475000bcef4f874a
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
a.omappapi.com/app/js/0.81ef4a11.min.js
194.242.11.186200 OK 0 B URL HTTP/2 a.omappapi.com/app/js/0.81ef4a11.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /app/js/0.81ef4a11.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uib.agency/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 08:39:45 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"bd640a339a9a349fe01b49f13b2699a0"
last-modified: Mon, 14 Nov 2022 18:32:56 GMT
perma-cache: MISS
x-amz-id-2: yX2PWTJ0vmBeLULlMjPYaOVAatjwjln6vqm4ms5ymAGKAH/dmdP4S6XIYZK1Z9BAbP/7+PqIe68=
x-amz-request-id: J1NMKG0EV8EST65X
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 11/14/2022 18:33:07
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 15fe235f72fb4f2afb150ab1e56cbbe6
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
stats.wp.com/s-202246.js
192.0.76.3200 OK 0 B IP 192.0.76.3:0
GET /s-202246.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uib.agency/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 18 Nov 2022 08:39:43 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"62f6b688-2494"
content-encoding: br
expires: Mon, 13 Nov 2023 23:50:14 GMT
cache-control: max-age=31536000
x-nc: HIT arn
X-Firefox-Spdy: h2
api.omappapi.com/v2/embed/148458/lkqzwsswaze81maym8jy
54.230.111.48200 OK 0 B URL HTTP/2 api.omappapi.com/v2/embed/148458/lkqzwsswaze81maym8jy
IP 54.230.111.48:0
GET /v2/embed/148458/lkqzwsswaze81maym8jy HTTP/1.1
Host: api.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://uib.agency
Connection: keep-alive
Referer: http://uib.agency/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
date: Fri, 18 Nov 2022 08:39:44 GMT
access-control-allow-origin: *
access-control-allow-headers: X-CSRF-Token
expires: Fri, 18 Nov 2022 08:40:14 GMT
cache-control: public, max-age=30, stale-while-revalidate=1800
last-modified: Thu, 04 Nov 2021 20:08:05 GMT
etag: W/"cfd194946bc28713d0aaae5b931b5b2f"
x-optinmonster-campaign: lkqzwsswaze81maym8jy
access-control-expose-headers: X-OptinMonster-Campaign, X-User-Agent
x-user-agent: standard--
x-cache-config: 0 0
vary: Accept-Encoding, User-Agent
x-cache-status: MISS
content-encoding: gzip
server: Pagely Gateway/1.5.1
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Xuc95dFe8TlQstPk2-M1i5JfoZn0hSf0kimgXD0ekCv78GUzoPpqlg==
X-Firefox-Spdy: h2
a.omappapi.com/app/js/10.0f634e82.min.js
194.242.11.186200 OK 0 B URL HTTP/2 a.omappapi.com/app/js/10.0f634e82.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /app/js/10.0f634e82.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uib.agency/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 08:39:45 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"e9f90b475163d5cd7a60c21d172b4241"
last-modified: Mon, 14 Nov 2022 18:32:56 GMT
perma-cache: MISS
x-amz-id-2: 3FDjSeo4/8PDnCo6GRJ+isc0pNWW6DePJeNSRFaib8I+7mzLLgf/DR2XEKuMtsnqcSYV+GByEZI=
x-amz-request-id: J1NG51RF917QSDV2
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 11/14/2022 18:33:07
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 434d355e32b2efecd4a9268971930167
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
a.omappapi.com/app/js/16.53ab7a19.min.js
194.242.11.186200 OK 0 B URL HTTP/2 a.omappapi.com/app/js/16.53ab7a19.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /app/js/16.53ab7a19.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uib.agency/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 08:39:45 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"c74f2ba4756b39ee78caba3e79d91793"
last-modified: Mon, 14 Nov 2022 18:32:56 GMT
perma-cache: MISS
x-amz-id-2: lLGLiQhIkwkyeKjELm5kFJ/khJO7OpaAfxI4iBxKUP1IFyFOcNv6uHdP8hGuvJhPfUvDmNmRB3U=
x-amz-request-id: J1NS3653SCWRWQXH
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 11/14/2022 18:33:07
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: e59f80d0c1e993b17333be879ff00c4d
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
a.omappapi.com/app/js/1.12278d6a.min.js
194.242.11.186200 OK 0 B URL HTTP/2 a.omappapi.com/app/js/1.12278d6a.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /app/js/1.12278d6a.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uib.agency/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 08:39:45 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"590c552a9ca45379a23c6081b5cb4898"
last-modified: Mon, 14 Nov 2022 18:32:56 GMT
perma-cache: MISS
x-amz-id-2: e1klb5oFfj2AaHUm9armHom8YCINfDCGJkRdkK72vnVFX078QXhlBldPaunu3DYg0y3SMULSg6o=
x-amz-request-id: J1NNBBZTFRAXB81Z
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 11/14/2022 18:33:07
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 6af2328838c5070386bb13a0032723ae
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
a.omappapi.com/app/js/api.min.js
194.242.11.186200 OK 0 B URL HTTP/2 a.omappapi.com/app/js/api.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /app/js/api.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uib.agency/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 18 Nov 2022 08:39:44 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"63751b21-13f0f"
last-modified: Wed, 16 Nov 2022 17:17:21 GMT
cdn-storageserver: DE-199
cdn-requestpullsuccess: True
cdn-fileserver: 510
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/16/2022 17:18:24
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: f237f202e5043d6f115e2d3173ecac02
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2