Overview

URL lmbuildergroup.com/wp-includes/taxon/app/login.php?mty2nduymdc2ntjkmmfmntuxmzbintuyzwe2nty2m2yxodk5ztm0ztm5mtm3otk4n2y3otrin2y1ytvizgyzmdm2zmi3mdllowu1owzioge0za==
IP209.182.204.66
ASNIMH-IAD
Location United States
Report completed2022-09-30 18:56:36 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-30 2 www.lmbuildergroup.com/wp-includes/taxon/app/login.php?mty2nduymdc2ntjkmmfm (...) Phishing
2022-09-30 2 www.lmbuildergroup.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp Phishing
2022-09-30 2 www.lmbuildergroup.com/wp-includes/js/wp-emoji-release.min.js?ver=5.4.11 Phishing
2022-09-30 2 www.lmbuildergroup.com/wp-content/cache/autoptimize/js/autoptimize_7375966c (...) Phishing
2022-09-30 2 www.lmbuildergroup.com/wp-content/themes/Divi/core/admin/fonts/modules.ttf Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (13)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-30 05:12:28 UTC 54.202.70.174
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-09-30 14:22:12 UTC 142.250.74.10
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-09-30 17:00:01 UTC 143.204.55.35
mnemonic passive DNS lmbuildergroup.com (2) 0 2016-11-06 14:14:09 UTC 2022-09-30 15:46:46 UTC 209.182.204.66 Unknown ranking
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-30 04:56:26 UTC 34.117.237.239
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-09-30 15:21:19 UTC 93.184.220.29
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-30 13:49:02 UTC 34.120.237.76
mnemonic passive DNS www.lmbuildergroup.com (9) 0 2019-05-28 19:50:56 UTC 2022-09-30 15:46:46 UTC 209.182.204.66 Unknown ranking
mnemonic passive DNS ocsp.pki.goog (4) 175 2017-06-14 07:23:31 UTC 2022-09-30 04:55:27 UTC 142.250.74.3
mnemonic passive DNS www.googletagmanager.com (1) 75 2012-12-25 14:52:06 UTC 2022-09-30 04:55:45 UTC 142.250.74.72
mnemonic passive DNS r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-09-30 04:55:29 UTC 23.36.76.226
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-30 05:34:07 UTC 143.204.55.49
mnemonic passive DNS www.google-analytics.com (2) 40 2012-10-03 01:04:21 UTC 2022-09-30 17:50:54 UTC 142.250.74.174


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 209.182.204.66

Date UQ / IDS / BL URL IP
2022-10-02 12:42:06 +0000
0 - 0 - 5 www.lmbuildergroup.com/wp-includes/taxon/app/ (...) 209.182.204.66
2022-10-01 22:24:23 +0000
0 - 0 - 5 www.lmbuildergroup.com/wp-includes/taxon/app/ (...) 209.182.204.66
2022-09-30 19:13:23 +0000
0 - 0 - 6 www.lmbuildergroup.com/wp-includes/taxon/app/ (...) 209.182.204.66
2022-09-30 19:12:17 +0000
0 - 0 - 6 www.lmbuildergroup.com/wp-includes/taxon/app/ (...) 209.182.204.66
2022-09-30 18:56:46 +0000
0 - 0 - 5 lmbuildergroup.com/wp-includes/taxon/app/logi (...) 209.182.204.66

Last 5 reports on ASN: IMH-IAD

Date UQ / IDS / BL URL IP
2022-12-05 23:30:06 +0000
0 - 0 - 2 amps-bahrain.com/nmn/draeger 198.46.90.148
2022-12-05 11:32:43 +0000
0 - 0 - 89 bigshottoken.io/wp-includes/css/lev/origajo.exe 173.231.216.188
2022-12-05 11:24:03 +0000
0 - 0 - 1 www.salwangurgaon.com/files/descargar-coin-ma (...) 69.174.115.195
2022-12-05 04:58:49 +0000
0 - 0 - 1 bfcghana.com/wpi/aeyon/csymber@slurpmail.net 173.231.243.188
2022-12-05 04:58:48 +0000
0 - 0 - 1 bfcghana.com/wpi/aeyon/ 173.231.243.188

Last 5 reports on domain: lmbuildergroup.com

Date UQ / IDS / BL URL IP
2022-10-02 12:42:06 +0000
0 - 0 - 5 www.lmbuildergroup.com/wp-includes/taxon/app/ (...) 209.182.204.66
2022-10-01 22:24:23 +0000
0 - 0 - 5 www.lmbuildergroup.com/wp-includes/taxon/app/ (...) 209.182.204.66
2022-09-30 19:13:23 +0000
0 - 0 - 6 www.lmbuildergroup.com/wp-includes/taxon/app/ (...) 209.182.204.66
2022-09-30 19:12:17 +0000
0 - 0 - 6 www.lmbuildergroup.com/wp-includes/taxon/app/ (...) 209.182.204.66
2022-09-30 18:56:46 +0000
0 - 0 - 5 lmbuildergroup.com/wp-includes/taxon/app/logi (...) 209.182.204.66

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-09-30 19:13:23 +0000
0 - 0 - 6 www.lmbuildergroup.com/wp-includes/taxon/app/ (...) 209.182.204.66
2022-09-30 19:12:17 +0000
0 - 0 - 6 www.lmbuildergroup.com/wp-includes/taxon/app/ (...) 209.182.204.66
2022-09-30 18:56:46 +0000
0 - 0 - 5 lmbuildergroup.com/wp-includes/taxon/app/logi (...) 209.182.204.66
2022-09-30 18:56:13 +0000
0 - 0 - 5 lmbuildergroup.com/wp-includes/taxon/app/logi (...) 209.182.204.66
2022-09-30 18:28:18 +0000
0 - 0 - 6 lmbuildergroup.com/wp-includes/taxon/app/logi (...) 209.182.204.66


JavaScript

Executed Scripts (11)


Executed Evals (1)

#1 JavaScript::Eval (size: 8509, repeated: 1) - SHA256: bffafb30adf0c09bfbf909eaa779391296499123dc3d90e429056ec896b2ebb9

                                        /*!
 * Salvattore 1.0.5 by @rnmp and @ppold
 * https://github.com/rnmp/salvattore
 * Licensed under the MIT license.
 * Copyright (c) 2013-2014 Rolando Murillo and Giorgio Leveroni
 */

/*
Permission is hereby granted, free of charge, to any person obtaining a copy of
this software and associated documentation files (the "Software"), to deal in
the Software without restriction, including without limitation the rights to
use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
the Software, and to permit persons to whom the Software is furnished to do so,
subject to the following conditions:

The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

 */
! function(e, t) {
    "function" == typeof define && define.amd ? define([], t) : "object" == typeof exports ? module.exports = t() : e.salvattore = t()
}(this, function() { /*! matchMedia() polyfill - Test a CSS media type/query in JS. Authors & copyright (c) 2012: Scott Jehl, Paul Irish, Nicholas Zakas, David Knight. Dual MIT/BSD license */
    window.matchMedia || (window.matchMedia = function() {
            "use strict";
            var e = window.styleMedia || window.media;
            if (!e) {
                var t = document.createElement("style"),
                    n = document.getElementsByTagName("script")[0],
                    r = null;
                t.type = "text/css", t.id = "matchmediajs-test", n.parentNode.insertBefore(t, n), r = "getComputedStyle" in window && window.getComputedStyle(t, null) || t.currentStyle, e = {
                    matchMedium: function(e) {
                        var n = "@media " + e + "{ #matchmediajs-test { width: 1px; } }";
                        return t.styleSheet ? t.styleSheet.cssText = n : t.textContent = n, "1px" === r.width
                    }
                }
            }
            return function(t) {
                return {
                    matches: e.matchMedium(t || "all"),
                    media: t || "all"
                }
            }
        }()), /*! matchMedia() polyfill addListener/removeListener extension. Author & copyright (c) 2012: Scott Jehl. Dual MIT/BSD license */
        function() {
            "use strict";
            if (window.matchMedia && window.matchMedia("all").addListener) return !1;
            var e = window.matchMedia,
                t = e("only all").matches,
                n = !1,
                r = 0,
                a = [],
                i = function() {
                    clearTimeout(r), r = setTimeout(function() {
                        for (var t = 0, n = a.length; n > t; t++) {
                            var r = a[t].mql,
                                i = a[t].listeners || [],
                                o = e(r.media).matches;
                            if (o !== r.matches) {
                                r.matches = o;
                                for (var c = 0, l = i.length; l > c; c++) i[c].call(window, r)
                            }
                        }
                    }, 30)
                };
            window.matchMedia = function(r) {
                var o = e(r),
                    c = [],
                    l = 0;
                return o.addListener = function(e) {
                    t && (n || (n = !0, window.addEventListener("resize", i, !0)), 0 === l && (l = a.push({
                        mql: o,
                        listeners: c
                    })), c.push(e))
                }, o.removeListener = function(e) {
                    for (var t = 0, n = c.length; n > t; t++) c[t] === e && c.splice(t, 1)
                }, o
            }
        }(),
        function() {
            "use strict";
            for (var e = 0, t = ["ms", "moz", "webkit", "o"], n = 0; n < t.length && !window.requestAnimationFrame; ++n) window.requestAnimationFrame = window[t[n] + "RequestAnimationFrame"], window.cancelAnimationFrame = window[t[n] + "CancelAnimationFrame"] || window[t[n] + "CancelRequestAnimationFrame"];
            window.requestAnimationFrame || (window.requestAnimationFrame = function(t) {
                var n = (new Date).getTime(),
                    r = Math.max(0, 16 - (n - e)),
                    a = window.setTimeout(function() {
                        t(n + r)
                    }, r);
                return e = n + r, a
            }), window.cancelAnimationFrame || (window.cancelAnimationFrame = function(e) {
                clearTimeout(e)
            })
        }(), "function" != typeof window.CustomEvent && ! function() {
            "use strict";

            function e(e, t) {
                t = t || {
                    bubbles: !1,
                    cancelable: !1,
                    detail: void 0
                };
                var n = document.createEvent("CustomEvent");
                return n.initCustomEvent(e, t.bubbles, t.cancelable, t.detail), n
            }
            e.prototype = window.Event.prototype, window.CustomEvent = e
        }();
    var e = function(e, t) {
        "use strict";
        var n = {},
            r = [],
            a = [],
            i = [],
            o = function(e, t, n) {
                e.dataset ? e.dataset[t] = n : e.setAttribute("data-" + t, n)
            };
        return n.obtainGridSettings = function(t) {
            var n = e.getComputedStyle(t, ":before"),
                r = n.getPropertyValue("content").slice(1, -1),
                a = r.match(/^\s*(\d+)(?:\s?\.(.+))?\s*$/),
                i = 1,
                o = [];
            return a ? (i = a[1], o = a[2], o = o ? o.split(".") : ["column"]) : (a = r.match(/^\s*\.(.+)\s+(\d+)\s*$/), a && (o = a[1], i = a[2], i && (i = i.split(".")))), {
                numberOfColumns: i,
                columnClasses: o
            }
        }, n.addColumns = function(e, r) {
            for (var a, i = n.obtainGridSettings(e), c = i.numberOfColumns, l = i.columnClasses, s = new Array(+c), u = t.createDocumentFragment(), d = c; 0 !== d--;) a = "[data-columns] > *:nth-child(" + c + "n-" + d + ")", s.push(r.querySelectorAll(a));
            s.forEach(function(e) {
                var n = t.createElement("div"),
                    r = t.createDocumentFragment();
                n.className = l.join(" "), Array.prototype.forEach.call(e, function(e) {
                    r.appendChild(e)
                }), n.appendChild(r), u.appendChild(n)
            }), e.appendChild(u), o(e, "columns", c)
        }, n.removeColumns = function(n) {
            var r = t.createRange();
            r.selectNodeContents(n);
            var a = Array.prototype.filter.call(r.extractContents().childNodes, function(t) {
                    return t instanceof e.HTMLElement
                }),
                i = a.length,
                c = a[0].childNodes.length,
                l = new Array(c * i);
            Array.prototype.forEach.call(a, function(e, t) {
                Array.prototype.forEach.call(e.children, function(e, n) {
                    l[n * i + t] = e
                })
            });
            var s = t.createElement("div");
            return o(s, "columns", 0), l.filter(function(e) {
                return !!e
            }).forEach(function(e) {
                s.appendChild(e)
            }), s
        }, n.recreateColumns = function(t) {
            e.requestAnimationFrame(function() {
                n.addColumns(t, n.removeColumns(t));
                var e = new CustomEvent("columnsChange");
                t.dispatchEvent(e)
            })
        }, n.mediaQueryChange = function(e) {
            e.matches && Array.prototype.forEach.call(r, n.recreateColumns)
        }, n.getCSSRules = function(e) {
            var t;
            try {
                t = e.sheet.cssRules || e.sheet.rules
            } catch (n) {
                return []
            }
            return t || []
        }, n.getStylesheets = function() {
            return Array.prototype.concat.call(Array.prototype.slice.call(t.querySelectorAll("style[type='text/css']")), Array.prototype.slice.call(t.querySelectorAll("link[rel='stylesheet']")))
        }, n.mediaRuleHasColumnsSelector = function(e) {
            var t, n;
            try {
                t = e.length
            } catch (r) {
                t = 0
            }
            for (; t--;)
                if (n = e[t], n.selectorText && n.selectorText.match(/\[data-columns\](.*)::?before$/)) return !0;
            return !1
        }, n.scanMediaQueries = function() {
            var t = [];
            if (e.matchMedia) {
                n.getStylesheets().forEach(function(e) {
                    Array.prototype.forEach.call(n.getCSSRules(e), function(e) {
                        e.media && e.cssRules && n.mediaRuleHasColumnsSelector(e.cssRules) && t.push(e)
                    })
                });
                var r = a.filter(function(e) {
                    return -1 === t.indexOf(e)
                });
                i.filter(function(e) {
                    return -1 !== r.indexOf(e.rule)
                }).forEach(function(e) {
                    e.mql.removeListener(n.mediaQueryChange)
                }), i = i.filter(function(e) {
                    return -1 === r.indexOf(e.rule)
                }), t.filter(function(e) {
                    return -1 == a.indexOf(e)
                }).forEach(function(t) {
                    var r = e.matchMedia(t.media.mediaText);
                    r.addListener(n.mediaQueryChange), i.push({
                        rule: t,
                        mql: r
                    })
                }), a.length = 0, a = t
            }
        }, n.rescanMediaQueries = function() {
            n.scanMediaQueries(), Array.prototype.forEach.call(r, n.recreateColumns)
        }, n.nextElementColumnIndex = function(e, t) {
            var n, r, a, i = e.children,
                o = i.length,
                c = 0,
                l = 0;
            for (a = 0; o > a; a++) n = i[a], r = n.children.length + (t[a].children || t[a].childNodes).length, 0 === c && (c = r), c > r && (l = a, c = r);
            return l
        }, n.createFragmentsList = function(e) {
            for (var n = new Array(e), r = 0; r !== e;) n[r] = t.createDocumentFragment(), r++;
            return n
        }, n.appendElements = function(e, t) {
            var r = e.children,
                a = r.length,
                i = n.createFragmentsList(a);
            Array.prototype.forEach.call(t, function(t) {
                var r = n.nextElementColumnIndex(e, i);
                i[r].appendChild(t)
            }), Array.prototype.forEach.call(r, function(e, t) {
                e.appendChild(i[t])
            })
        }, n.prependElements = function(e, r) {
            var a = e.children,
                i = a.length,
                o = n.createFragmentsList(i),
                c = i - 1;
            r.forEach(function(e) {
                var t = o[c];
                t.insertBefore(e, t.firstChild), 0 === c ? c = i - 1 : c--
            }), Array.prototype.forEach.call(a, function(e, t) {
                e.insertBefore(o[t], e.firstChild)
            });
            for (var l = t.createDocumentFragment(), s = r.length % i; 0 !== s--;) l.appendChild(e.lastChild);
            e.insertBefore(l, e.firstChild)
        }, n.registerGrid = function(a) {
            if ("none" !== e.getComputedStyle(a).display) {
                var i = t.createRange();
                i.selectNodeContents(a);
                var c = t.createElement("div");
                c.appendChild(i.extractContents()), o(c, "columns", 0), n.addColumns(a, c), r.push(a)
            }
        }, n.init = function() {
            var e = t.createElement("style");
            e.innerHTML = "[data-columns]::before{visibility:hidden;position:absolute;font-size:1px;}", t.head.appendChild(e);
            var r = t.querySelectorAll("[data-columns]");
            Array.prototype.forEach.call(r, n.registerGrid), n.scanMediaQueries()
        }, n.init(), {
            appendElements: n.appendElements,
            prependElements: n.prependElements,
            registerGrid: n.registerGrid,
            recreateColumns: n.recreateColumns,
            rescanMediaQueries: n.rescanMediaQueries,
            append_elements: n.appendElements,
            prepend_elements: n.prependElements,
            register_grid: n.registerGrid,
            recreate_columns: n.recreateColumns,
            rescan_media_queries: n.rescanMediaQueries
        }
    }(window, window.document);
    return e
});
                                    

Executed Writes (0)



HTTP Transactions (37)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 30 Sep 2022 18:16:09 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: viL_pO8gKAilL7oJNqyvYz1sLWyf7YhhsfmkbPUGZ_EkZfGKGOMBiA==
Age: 2416


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    1b3053fa528e28810f8a2cc9284cc921
Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a
Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "763E2DADFDD286A51327CD2000CA335E30CD0B9B7267875D22CA33F7556BA200"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15412
Expires: Fri, 30 Sep 2022 23:13:17 GMT
Date: Fri, 30 Sep 2022 18:56:25 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.49
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 30 Sep 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Z0SATnLY3l0awWyDK7lvg5QkTEiZz8hkfm2aQPMFXNdeFdktBOmyXw==
age: 48478
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 30 Sep 2022 18:56:25 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 30 Sep 2022 18:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Fri, 30 Sep 2022 18:54:34 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -aoLsbyEGZDFBl8y_F7kzOBQBLCWh-hs9qpXkMC-LMIacJPvslvxgw==
Age: 1612


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /wp-includes/taxon/app/login.php?mty2nduymdc2ntjkmmfmntuxmzbintuyzwe2nty2m2yxodk5ztm0ztm5mtm3otk4n2y3otrin2y1ytvizgyzmdm2zmi3mdllowu1owzioge0za== HTTP/1.1 
Host: lmbuildergroup.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         209.182.204.66
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Fri, 30 Sep 2022 18:56:25 GMT
Server: Apache
Vary: Accept-Encoding,Cookie
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://lmbuildergroup.com/wp-includes/taxon/app/login.php?mty2nduymdc2ntjkmmfmntuxmzbintuyzwe2nty2m2yxodk5ztm0ztm5mtm3otk4n2y3otrin2y1ytvizgyzmdm2zmi3mdllowu1owzioge0za==
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4553
Cache-Control: 'max-age=158059'
Date: Fri, 30 Sep 2022 18:56:26 GMT
Last-Modified: Fri, 30 Sep 2022 17:40:33 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +1miCT0PueTqaEZt+uFrJg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         54.202.70.174
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: zOCZRMxSrE0ksl779qNz8QD5+Ok=

                                        
                                            GET /wp-includes/taxon/app/login.php?mty2nduymdc2ntjkmmfmntuxmzbintuyzwe2nty2m2yxodk5ztm0ztm5mtm3otk4n2y3otrin2y1ytvizgyzmdm2zmi3mdllowu1owzioge0za== HTTP/1.1 
Host: lmbuildergroup.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         209.182.204.66
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Fri, 30 Sep 2022 18:56:26 GMT
Server: Apache
Vary: Accept-Encoding,Cookie
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://www.lmbuildergroup.com/wp-includes/taxon/app/login.php?mty2nduymdc2ntjkmmfmntuxmzbintuyzwe2nty2m2yxodk5ztm0ztm5mtm3otk4n2y3otrin2y1ytvizgyzmdm2zmi3mdllowu1owzioge0za==
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9492
Expires: Fri, 30 Sep 2022 21:34:39 GMT
Date: Fri, 30 Sep 2022 18:56:27 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9492
Expires: Fri, 30 Sep 2022 21:34:39 GMT
Date: Fri, 30 Sep 2022 18:56:27 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9492
Expires: Fri, 30 Sep 2022 21:34:39 GMT
Date: Fri, 30 Sep 2022 18:56:27 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9492
Expires: Fri, 30 Sep 2022 21:34:39 GMT
Date: Fri, 30 Sep 2022 18:56:27 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9492
Expires: Fri, 30 Sep 2022 21:34:39 GMT
Date: Fri, 30 Sep 2022 18:56:27 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59da9c68-5ffa-4dc1-adf8-645278cd60ca.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10380
x-amzn-requestid: 35ee2a77-159c-4bb4-a825-98c638398586
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPdZYHsTIAMFQNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63360f6f-4f68073432bcea371c7b8f03;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 21:34:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: IENB0e-e13ywHJKPgyLWn1bGPMMxFLUu3cIUcREjGhxDEMROEL1jBg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 21:45:15 GMT
age: 76272
etag: "265840b2d2fc6eb764cc6409b05deee8d77a19c2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10380
Md5:    139a144f8cb04ac8aae65f4bad1473e7
Sha1:   265840b2d2fc6eb764cc6409b05deee8d77a19c2
Sha256: 6e0f01b6bdd5a92e92c7b29a6172a2900c68900afd2abba948940621252e0fd8
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98c23448-09e3-4c05-86c5-dafbe6ca8a0e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8059
x-amzn-requestid: f8bb9e4b-9f3c-47ba-8524-de16155e536d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZNepwHAVoAMFvNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633544a4-5d884e29378635b60592b618;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 07:09:24 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: NMiKZSkokVXNTV76vsVJ7VEu6YFfT9MqL7tHtT8CwZq0BwTbXOpm6Q==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 06:34:26 GMT
age: 44521
etag: "86dd3bf133e9eddf8852f39e1ee695ee599ac886"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8059
Md5:    d21d2bdcedbd619a80017054076319f9
Sha1:   86dd3bf133e9eddf8852f39e1ee695ee599ac886
Sha256: fc5672d5a8e9c6a5ec531f7ba05b65c192af37edf6c3a48105df3685de44ec0d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d906d66-cd90-4963-827e-8d0564c0f787.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5106
x-amzn-requestid: a906507c-8820-489c-9978-7d0fd026c862
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPd5PE0MIAMF3DA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6336103a-49eb3879088f17bc01d177c7;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 21:38:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: op_2CSOAx9-hqXvj1nOyitq0UXqIyItmquWjMkmMdKWnwoTIA_SA6A==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 21:45:26 GMT
age: 76261
etag: "3481dce8ab711111fc8863d88bee1a887cfd43ac"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5106
Md5:    13a12db696bc2bf6a6ea2f48f4c1428e
Sha1:   3481dce8ab711111fc8863d88bee1a887cfd43ac
Sha256: 6dae6c9e5de4146e1f528a36a1795225c9731385f13927fc001fb3f9842fe8f1
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2016911-a1a6-4bdf-a8f3-89e94a0aaff7.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7810
x-amzn-requestid: 7f6d92e1-c7b1-4dd2-9efa-52ad324ca19d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMK6pFvkoAMF_yA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334beaa-362b7368566955966db78385;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:37:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TbPFEVDpMOjK26iu1UGcx56vtP7Pywq05VAylNubOIfbMgo1qGsA-w==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 23:45:42 GMT
age: 69045
etag: "31b8538deb0f00d5b4182739a4a2fcc1b956a998"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7810
Md5:    456968f691ae9464d69a37bffe9bd7ce
Sha1:   31b8538deb0f00d5b4182739a4a2fcc1b956a998
Sha256: 5cde1e3158e6c6c0b7a01d3bd32f2aa292b3b205f604e5c4ed71cafedad06bf2
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9789cead-4e6c-4a12-9b45-25d0efd38fc9.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 16011
x-amzn-requestid: d58dfdcd-383a-45ac-8ae2-2b97f016b6a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPdbjFy1IAMF84A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63360f7c-1ca9707a5e5087fd769d9ab6;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 21:34:52 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: QKHN1asEv6w1mTLxsmn7Oj5AZTsPcg0H8zv5_qQ1BYptjL254kCZdA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 22:20:36 GMT
age: 74151
etag: "78b798f2cfa7db13a6b5ca2ca2783bece5e77d5d"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   16011
Md5:    1389b1d624b44706c7a6f6b7eb769241
Sha1:   78b798f2cfa7db13a6b5ca2ca2783bece5e77d5d
Sha256: c3c2526b98be06fc7e793e1150bacde2a7bd718e29a851a6e6992e8d84333790
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe12af206-9f17-40de-9764-14d3cdcb4d2f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6722
x-amzn-requestid: 6aca2e04-02b4-4e42-8bba-9bbe2ace1ed0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPeLrGq1oAMFuAw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633610b0-65b0664d0233107029ef0157;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 21:40:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DClqs8vTlqibRwXU8dIkkFCUxigTLduturaxCfuvsMtDm-4VXjx2mg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 22:12:16 GMT
age: 74651
etag: "3248ca3a8b88efd5be8499898fce957d096cf211"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6722
Md5:    5b8d0a19bc0a56bb40a975c5c71af05a
Sha1:   3248ca3a8b88efd5be8499898fce957d096cf211
Sha256: da44d6dd845dc400b0b76f19c67e5a79d9359ce24fe5e4490477f195b23203b4
                                        
                                            GET /wp-includes/taxon/app/login.php?mty2nduymdc2ntjkmmfmntuxmzbintuyzwe2nty2m2yxodk5ztm0ztm5mtm3otk4n2y3otrin2y1ytvizgyzmdm2zmi3mdllowu1owzioge0za== HTTP/1.1 
Host: www.lmbuildergroup.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         209.182.204.66
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Fri, 30 Sep 2022 18:56:27 GMT
Server: Apache
Vary: Accept-Encoding,Cookie
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.lmbuildergroup.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8760)
Size:   13122
Md5:    ccaca8e0b6442328d7f976f3fc17ed57
Sha1:   00ba05fb167e223ee157c83b90988740b2e92ab7
Sha256: f7572b609bacf75cb1af23959165c2e29fcb005d898ef3f1a1405e50d1f14e3b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 30 Sep 2022 18:56:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 30 Sep 2022 18:56:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /gtag/js?id=UA-116607120-1 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lmbuildergroup.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.72
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 30 Sep 2022 18:56:29 GMT
expires: Fri, 30 Sep 2022 18:56:29 GMT
cache-control: private, max-age=900
last-modified: Fri, 30 Sep 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42379
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2039)
Size:   42379
Md5:    c64bf607a4c5494a21298ee7106726c0
Sha1:   281c24dd417511763adbb390062a9c7560c74af2
Sha256: ff84a7d01b5b20f71b9807562543485f0084a3a392dc0473cddce4710aa1b66a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 30 Sep 2022 18:56:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 30 Sep 2022 18:56:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/cache/autoptimize/css/autoptimize_a164d6ff8d064ee3a1cda64339b5c0b4.css HTTP/1.1 
Host: www.lmbuildergroup.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lmbuildergroup.com/wp-includes/taxon/app/login.php?mty2nduymdc2ntjkmmfmntuxmzbintuyzwe2nty2m2yxodk5ztm0ztm5mtm3otk4n2y3otrin2y1ytvizgyzmdm2zmi3mdllowu1owzioge0za==
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         209.182.204.66
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 30 Sep 2022 18:56:29 GMT
Server: Apache
Last-Modified: Thu, 29 Sep 2022 16:42:47 GMT
Accept-Ranges: bytes
Cache-Control: max-age=30672000, public, immutable
Expires: Wed, 20 Sep 2023 18:56:29 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  ASCII text, with very long lines (28088)
Size:   88871
Md5:    0d029504ce302c4ff24d9ecb6e1776a4
Sha1:   9ed24ef500754eb546f8cdd69d584bbd590bf86f
Sha256: 2e11b9ab14d09e07baf7a0a72e2028de1043c26bb48103decfd5740af5b58fe2
                                        
                                            GET /wp-includes/css/dashicons.min.css?ver=5.4.11 HTTP/1.1 
Host: www.lmbuildergroup.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lmbuildergroup.com/wp-includes/taxon/app/login.php?mty2nduymdc2ntjkmmfmntuxmzbintuyzwe2nty2m2yxodk5ztm0ztm5mtm3otk4n2y3otrin2y1ytvizgyzmdm2zmi3mdllowu1owzioge0za==
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         209.182.204.66
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 30 Sep 2022 18:56:29 GMT
Server: Apache
Last-Modified: Tue, 19 Oct 2021 19:28:31 GMT
Accept-Ranges: bytes
Content-Length: 47564
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (47529)
Size:   47564
Md5:    d54a4192cc3e4d54677c8091c1dae73b
Sha1:   7e3e8e30c66c5751bb5477b4e9939969f4e2aa5e
Sha256: de7bdcb93f2804e963f238713752a30a22a3a3afef6070fb78d206e6199cd353
                                        
                                            GET /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp HTTP/1.1 
Host: www.lmbuildergroup.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lmbuildergroup.com/wp-includes/taxon/app/login.php?mty2nduymdc2ntjkmmfmntuxmzbintuyzwe2nty2m2yxodk5ztm0ztm5mtm3otk4n2y3otrin2y1ytvizgyzmdm2zmi3mdllowu1owzioge0za==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         209.182.204.66
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 30 Sep 2022 18:56:29 GMT
Server: Apache
Last-Modified: Tue, 19 Oct 2021 19:28:34 GMT
Accept-Ranges: bytes
Content-Length: 96873
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (31997)
Size:   96873
Md5:    49edccea2e7ba985cadc9ba0531cbed1
Sha1:   f8747f8ee704d9af31d0950015e01d3f9635b070
Sha256: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/wp-emoji-release.min.js?ver=5.4.11 HTTP/1.1 
Host: www.lmbuildergroup.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lmbuildergroup.com/wp-includes/taxon/app/login.php?mty2nduymdc2ntjkmmfmntuxmzbintuyzwe2nty2m2yxodk5ztm0ztm5mtm3otk4n2y3otrin2y1ytvizgyzmdm2zmi3mdllowu1owzioge0za==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         209.182.204.66
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 30 Sep 2022 18:56:29 GMT
Server: Apache
Last-Modified: Tue, 19 Oct 2021 19:28:34 GMT
Accept-Ranges: bytes
Content-Length: 13884
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (10927)
Size:   13884
Md5:    c8d5a4cd14632bc2bdf15b5e45ca9d4d
Sha1:   cdf210b710c2792eda450a1a11e5dc1f8dae8594
Sha256: 956fa56f513e1a8025bc85f9314a1747eb061d434403393591145e4ae898c694

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/uploads/2018/03/better-lm-green-logo.png HTTP/1.1 
Host: www.lmbuildergroup.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lmbuildergroup.com/wp-includes/taxon/app/login.php?mty2nduymdc2ntjkmmfmntuxmzbintuyzwe2nty2m2yxodk5ztm0ztm5mtm3otk4n2y3otrin2y1ytvizgyzmdm2zmi3mdllowu1owzioge0za==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         209.182.204.66
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Fri, 30 Sep 2022 18:56:29 GMT
Server: Apache
Last-Modified: Tue, 19 Oct 2021 19:28:28 GMT
Accept-Ranges: bytes
Content-Length: 6140
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 226 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size:   6140
Md5:    b68de645c5c163d1e73bab753f072978
Sha1:   9453fe1f54adb5c7f4ce3cc91604c1066af69488
Sha256: 4ced3cb11efb0b4b032f9c542e7e1ef9707cabf0dc6c9dbe7c8802f5d144f3b1
                                        
                                            GET /wp-content/cache/autoptimize/js/autoptimize_7375966cf84834690f537b65ca50c980.js HTTP/1.1 
Host: www.lmbuildergroup.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lmbuildergroup.com/wp-includes/taxon/app/login.php?mty2nduymdc2ntjkmmfmntuxmzbintuyzwe2nty2m2yxodk5ztm0ztm5mtm3otk4n2y3otrin2y1ytvizgyzmdm2zmi3mdllowu1owzioge0za==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         209.182.204.66
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 30 Sep 2022 18:56:29 GMT
Server: Apache
Last-Modified: Thu, 29 Sep 2022 14:30:11 GMT
Accept-Ranges: bytes
Cache-Control: max-age=30672000, public, immutable
Expires: Wed, 20 Sep 2023 18:56:29 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (21034)
Size:   119108
Md5:    c653c1f4d7cba8bd3da5311446ee9041
Sha1:   3ef8b78b648f72d03551197e7e258c7f59f55605
Sha256: cba7a80f531f2572c5e2f43fe99a06d724fb06d13ba89e342b7c83337177d77d

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/Divi/core/admin/fonts/modules.ttf HTTP/1.1 
Host: www.lmbuildergroup.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lmbuildergroup.com/wp-content/cache/autoptimize/css/autoptimize_a164d6ff8d064ee3a1cda64339b5c0b4.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         209.182.204.66
HTTP/1.1 200 OK
Content-Type: font/ttf
                                        
Date: Fri, 30 Sep 2022 18:56:29 GMT
Server: Apache
Last-Modified: Tue, 19 Oct 2021 19:28:17 GMT
Accept-Ranges: bytes
Content-Length: 92400
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, modules \012- data
Size:   92400
Md5:    de27b3e66b2f8017e000aa9d8d24d60e
Sha1:   e6d716de8f35ba6daf55d57e7fe0ed8d8e50f1f7
Sha256: d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lmbuildergroup.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Fri, 30 Sep 2022 18:41:09 GMT
expires: Fri, 30 Sep 2022 20:41:09 GMT
cache-control: public, max-age=7200
age: 920
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   19826
Md5:    cae538dcce82598fbe43c0bf443e62dd
Sha1:   cc68ac6be9c5e0087a0000e5735b83270ace30f5
Sha256: 954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
                                        
                                            POST /j/collect?v=1&_v=j97&a=1009543237&t=pageview&_s=1&dl=https%3A%2F%2Fwww.lmbuildergroup.com%2Fwp-includes%2Ftaxon%2Fapp%2Flogin.php%3Fmty2nduymdc2ntjkmmfmntuxmzbintuyzwe2nty2m2yxodk5ztm0ztm5mtm3otk4n2y3otrin2y1ytvizgyzmdm2zmi3mdllowu1owzioge0za%3D%3D&ul=en-us&de=UTF-8&dt=Page%20not%20found%20-%20L%20%26%20M%20Construction&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAAC~&jid=1177469556&gjid=1821810666&cid=922471470.1664564187&tid=UA-116607120-1&_gid=561940776.1664564187&_r=1&gtm=2ou9s0&z=247353600 HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.lmbuildergroup.com
Connection: keep-alive
Referer: https://www.lmbuildergroup.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: https://www.lmbuildergroup.com
date: Fri, 30 Sep 2022 18:56:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    c4ca4238a0b923820dcc509a6f75849b
Sha1:   356a192b7913b04c54574d18c28d46e6395428ab
Sha256: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
                                        
                                            GET /wp-content/uploads/2018/03/lm-favicon-green.png HTTP/1.1 
Host: www.lmbuildergroup.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lmbuildergroup.com/wp-includes/taxon/app/login.php?mty2nduymdc2ntjkmmfmntuxmzbintuyzwe2nty2m2yxodk5ztm0ztm5mtm3otk4n2y3otrin2y1ytvizgyzmdm2zmi3mdllowu1owzioge0za==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         209.182.204.66
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Fri, 30 Sep 2022 18:56:29 GMT
Server: Apache
Last-Modified: Tue, 19 Oct 2021 19:28:27 GMT
Accept-Ranges: bytes
Content-Length: 56043
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Size:   56043
Md5:    344cbf8a3c66a814e10ad4256dc4a75f
Sha1:   90ad12f007101ec322e02e287a05e16f45970df9
Sha256: 45538c1d67f04fbe8e115e6f2d565097ad5387961e068e64874432bce87f2e38
                                        
                                            GET /css?family=Montserrat:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Content:regular,700|Roboto+Condensed:300,300italic,regular,italic,700,700italic&subset=latin,latin-ext&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lmbuildergroup.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 30 Sep 2022 18:56:29 GMT
date: Fri, 30 Sep 2022 18:56:29 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---