firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 08:47:04 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 37pqQj4Zt9YfxjCpxrsJPPmyTfZiyT0-ZTx6s5SAs3zuuAhfw8bVog==
Age: 2152
marathonbuilding.com/
69.167.168.176301 Moved Permanently 237 B IP 69.167.168.176:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 54a95fff13e2ebb59c5156547ab4131d
d28bd8a82b12460bc2026a90cb0317b9b62eca8a
20b0d0d2e0940ce5fbec3f6527d83defc644c92ddf07b68c248a997c6c7651aa
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: marathonbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 04 Oct 2022 09:22:55 GMT
Server: Apache
Content-Security-Policy: upgrade-insecure-requests;
Location: https://marathonbuilding.com/
Content-Length: 237
Keep-Alive: timeout=3, max=200
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash eabb7d9ffae717f7305d63c057755470
3b7f0baccfdbb8d9ffefa4a2215d4d6094be454a
ab48f17e54075e1ecf034278e82bcacd2e3689773186cc84fba9b79aac907294
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AB48F17E54075E1ECF034278E82BCACD2E3689773186CC84FBA9B79AAC907294"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3428
Expires: Tue, 04 Oct 2022 10:20:04 GMT
Date: Tue, 04 Oct 2022 09:22:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 74134730f642b6f6dfeca3ecc61a329e
668914cc93cceb123d199a45df13ad764704fa84
d681a4c2e20a6019c7e2d980cbfa77b34db9356899099296c3b8b4263ca5fb5f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D681A4C2E20A6019C7E2D980CBFA77B34DB9356899099296C3B8B4263CA5FB5F"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3230
Expires: Tue, 04 Oct 2022 10:16:46 GMT
Date: Tue, 04 Oct 2022 09:22:56 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: X+uusCwAlQvrHp5MQ/ITFFSoCTkTEeVmX4qDW+oZWfuruvv53Vr5lPBFgZ+oe0pVgqACNts16qs=
x-amz-request-id: 3NVAT9664DDNAJ92
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 04 Oct 2022 08:51:14 GMT
age: 1902
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 09:22:56 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 04 Oct 2022 08:29:33 GMT
Expires: Tue, 04 Oct 2022 09:26:52 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: B7mW9O8THo3voL-1QfJVQAY8GIY7wgGF0Kmki42je93ltWRr3UvcoA==
Age: 3204
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 16ebfb2aa621547ecf581e26fc828a7d
f78993331f6f5b8af6409a9ad2fc50b77070f68a
0f81fd1d6be9ccc04b74f0348aafe642c7b9ab7dffb7e8a679b5d67cc2e5fac3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 215
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 09:22:57 GMT
Last-Modified: Tue, 04 Oct 2022 09:19:22 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.213.92.18101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.213.92.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: kT46A/qP6OZyzlUtEbFU5A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: b6YAwrBSyLmin4Q1dySsbcW8VxQ=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9e40b2c69615f45f2bc898334ab3e343
6a569648ed10564e126d3bbf3f91352e6b3f6d4f
4f1d0982c58b9bbeaa266b99292baa1a00c9e39280f73d5a525722c851e15981
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 09:22:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
marathonbuilding.com/
69.167.168.176200 OK 63 kB IP 69.167.168.176:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash 3145632d97025897578d645e81279f72
8beb5f064ad4d4dca2d3db3f93db3f3cc53b4c68
d7d4d2b2bbcfdb226fa23333ba08ecbdafff169e7f3e7c6a7ae5c5e3062ea4c6
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: marathonbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 09:22:56 GMT
Server: Apache
Link: <https://marathonbuilding.com/wp-json/>; rel="https://api.w.org/", <https://marathonbuilding.com/wp-json/wp/v2/pages/12>; rel="alternate"; type="application/json", <https://marathonbuilding.com/>; rel=shortlink
Content-Security-Policy: upgrade-insecure-requests;
Keep-Alive: timeout=3, max=200
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9e40b2c69615f45f2bc898334ab3e343
6a569648ed10564e126d3bbf3f91352e6b3f6d4f
4f1d0982c58b9bbeaa266b99292baa1a00c9e39280f73d5a525722c851e15981
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 09:22:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
marathonbuilding.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/css/all.min.css?ver=2.5.5.5
69.167.168.176200 OK 59 kB URL HTTP/1.1 marathonbuilding.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/css/all.min.css?ver=2.5.5.5
IP 69.167.168.176:0
File type ASCII text, with very long lines (59119)
Hash ecd507b3125edc4d2a03aa6ae5d07da9
a57ee68d11601b0fd8e5037fc241ff65a754473c
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/css/all.min.css?ver=2.5.5.5 HTTP/1.1
Host: marathonbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marathonbuilding.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 09:22:57 GMT
Server: Apache
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Sat, 17 Sep 2022 02:30:38 GMT
Accept-Ranges: bytes
Content-Length: 59305
Keep-Alive: timeout=3, max=199
Connection: Keep-Alive
Content-Type: text/css
marathonbuilding.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/fa-regular-400.woff2
69.167.168.176200 OK 13 kB URL HTTP/1.1 marathonbuilding.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/fa-regular-400.woff2
IP 69.167.168.176:0
File type Web Open Font Format (Version 2), TrueType, length 13224, version 331.-31196\012- data
Hash b91d376b8d7646d671cd820950d5f7f1
13517529affa39e2585c591acae6dc336b6aa917
e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: marathonbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marathonbuilding.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 09:22:57 GMT
Server: Apache
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Sat, 17 Sep 2022 02:30:38 GMT
Accept-Ranges: bytes
Content-Length: 13224
Keep-Alive: timeout=3, max=200
Connection: Keep-Alive
Content-Type: font/woff2
marathonbuilding.com/wp-content/uploads/bb-plugin/cache/12-layout.css?ver=303761e9411141ab402e013c7f8359ae
69.167.168.176200 OK 101 kB URL HTTP/1.1 marathonbuilding.com/wp-content/uploads/bb-plugin/cache/12-layout.css?ver=303761e9411141ab402e013c7f8359ae
IP 69.167.168.176:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 101 kB (100687 bytes)
Hash 303761e9411141ab402e013c7f8359ae
e7e551a20a51bf622e489f46c081a7f5cfb711f0
eebbfb4f0faa4d71ee35285af9b801d22c08fd4b57bfa60aa12e047074da5b58
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/bb-plugin/cache/12-layout.css?ver=303761e9411141ab402e013c7f8359ae HTTP/1.1
Host: marathonbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marathonbuilding.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 09:22:57 GMT
Server: Apache
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Sat, 17 Sep 2022 02:31:24 GMT
Accept-Ranges: bytes
Content-Length: 100687
Keep-Alive: timeout=3, max=198
Connection: Keep-Alive
Content-Type: text/css
marathonbuilding.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
69.167.168.176200 OK 2.7 kB URL HTTP/1.1 marathonbuilding.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
IP 69.167.168.176:0
Hash e6fae855021a88a0067fcc58121c594f
6299ac3987b5e81725781799dad361d19ac3b99d
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3 HTTP/1.1
Host: marathonbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marathonbuilding.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 09:22:57 GMT
Server: Apache
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Fri, 16 Sep 2022 19:20:46 GMT
Accept-Ranges: bytes
Content-Length: 2731
Keep-Alive: timeout=3, max=199
Connection: Keep-Alive
Content-Type: text/css
marathonbuilding.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
69.167.168.176200 OK 19 kB URL HTTP/1.1 marathonbuilding.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP 69.167.168.176:0
File type ASCII text, with very long lines (15660)
Hash 32beb68a374e3aeac00abdf9e12b84ea
b5d18aa625e8696dd9d07cd0869337717b211ae0
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: marathonbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marathonbuilding.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 09:22:57 GMT
Server: Apache
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Sat, 17 Sep 2022 02:31:18 GMT
Accept-Ranges: bytes
Content-Length: 18617
Keep-Alive: timeout=3, max=200
Connection: Keep-Alive
Content-Type: application/javascript
marathonbuilding.com/wp-content/plugins/bb-header-footer/assets/css/bb-header-footer.css?ver=1.2.2
69.167.168.176200 OK 5.9 kB URL HTTP/1.1 marathonbuilding.com/wp-content/plugins/bb-header-footer/assets/css/bb-header-footer.css?ver=1.2.2
IP 69.167.168.176:0
Hash 332db1c98b448d17d11c0fd2ba9e0d27
e6834aebd676abb6c34540529f4a1a53b76b15f2
e8917edd72581e857af18fcf0c1c986cd392dd7939815735bc5fdf148aa8842c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/bb-header-footer/assets/css/bb-header-footer.css?ver=1.2.2 HTTP/1.1
Host: marathonbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marathonbuilding.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 09:22:57 GMT
Server: Apache
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Sat, 29 Jan 2022 02:34:47 GMT
Accept-Ranges: bytes
Content-Length: 5898
Keep-Alive: timeout=3, max=197
Connection: Keep-Alive
Content-Type: text/css
marathonbuilding.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/fa-solid-900.woff2
69.167.168.176200 OK 78 kB URL HTTP/1.1 marathonbuilding.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/fa-solid-900.woff2
IP 69.167.168.176:0
File type Web Open Font Format (Version 2), TrueType, length 78268, version 331.-31196\012- data
Hash d824df7eb2e268626a2dd9a6a741ac4e
0ccb2c814a7e4ca12c4778821633809cb0361eaa
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: marathonbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marathonbuilding.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 09:22:57 GMT
Server: Apache
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Sat, 17 Sep 2022 02:30:38 GMT
Accept-Ranges: bytes
Content-Length: 78268
Keep-Alive: timeout=3, max=200
Connection: Keep-Alive
Content-Type: font/woff2
marathonbuilding.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
69.167.168.176200 OK 89 kB URL HTTP/1.1 marathonbuilding.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP 69.167.168.176:0
File type ASCII text, with very long lines (43771)
Hash b7915926fe42d76e9c802353ab01dae4
3a8192a4312f25f53de25b100d62829c0f14d67c
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: marathonbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marathonbuilding.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 09:22:57 GMT
Server: Apache
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Sat, 17 Sep 2022 02:31:18 GMT
Accept-Ranges: bytes
Content-Length: 88932
Keep-Alive: timeout=3, max=200
Connection: Keep-Alive
Content-Type: text/css
marathonbuilding.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/fa-brands-400.woff2
69.167.168.176200 OK 77 kB URL HTTP/1.1 marathonbuilding.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/fa-brands-400.woff2
IP 69.167.168.176:0
File type Web Open Font Format (Version 2), TrueType, length 76736, version 331.-31196\012- data
Hash ed311c7a0ade9a75bb3ebf5a7670f31d
0613c7ebba55ee47ef302c0f7766324692f899a7
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: marathonbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marathonbuilding.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 09:22:57 GMT
Server: Apache
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Sat, 17 Sep 2022 02:30:38 GMT
Accept-Ranges: bytes
Content-Length: 76736
Keep-Alive: timeout=3, max=200
Connection: Keep-Alive
Content-Type: font/woff2
marathonbuilding.com/wp-content/uploads/bb-plugin/cache/0-layout-partial.css?ver=3c3ed6d02b422d9c9de9fa3fd678fca1
69.167.168.176200 OK 23 kB URL HTTP/1.1 marathonbuilding.com/wp-content/uploads/bb-plugin/cache/0-layout-partial.css?ver=3c3ed6d02b422d9c9de9fa3fd678fca1
IP 69.167.168.176:0
File type ASCII text, with very long lines (23206), with no line terminators
Hash 76dda318d4c3ef4bf82a614a7b179248
ced62ffbb9b5db219599576c2b8bf45803fb2d44
62dc8a1bd0e6d0254979ccc5f25a56bec113eaa8449f4c2134786b4b97c63d1d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/bb-plugin/cache/0-layout-partial.css?ver=3c3ed6d02b422d9c9de9fa3fd678fca1 HTTP/1.1
Host: marathonbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marathonbuilding.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 09:22:57 GMT
Server: Apache
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Sat, 17 Sep 2022 02:31:24 GMT
Accept-Ranges: bytes
Content-Length: 23206
Keep-Alive: timeout=3, max=198
Connection: Keep-Alive
Content-Type: text/css
marathonbuilding.com/wp-content/uploads/bb-plugin/icons/ultimate-icons/style.css?ver=2.5.5.5
69.167.168.176200 OK 20 kB URL HTTP/1.1 marathonbuilding.com/wp-content/uploads/bb-plugin/icons/ultimate-icons/style.css?ver=2.5.5.5
IP 69.167.168.176:0
Hash f553fbb2b753450e2ba5d3b51f97b48c
5a6b027015eb8860864ea873b1bd6f5c21d0adb8
9621571f515a7def9c6a634317c51239eaa07c508b4cd7f00a4b64a8bb45e502
GET /wp-content/uploads/bb-plugin/icons/ultimate-icons/style.css?ver=2.5.5.5 HTTP/1.1
Host: marathonbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marathonbuilding.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 09:22:57 GMT
Server: Apache
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Mon, 27 May 2019 02:27:38 GMT
Accept-Ranges: bytes
Content-Length: 20480
Keep-Alive: timeout=3, max=196
Connection: Keep-Alive
Content-Type: text/css
marathonbuilding.com/wp-content/uploads/bb-plugin/cache/29-layout-partial.css?ver=810be504223fb334c7cf1a382b5d9e2e
69.167.168.176200 OK 41 kB URL HTTP/1.1 marathonbuilding.com/wp-content/uploads/bb-plugin/cache/29-layout-partial.css?ver=810be504223fb334c7cf1a382b5d9e2e
IP 69.167.168.176:0
File type ASCII text, with very long lines (41031), with no line terminators
Hash 66884b19638a2aa6e5ea67076b21ba35
b990328194d86ed5dc9dfe41a94a6f982b23bb6f
1b866f7f425e011075381a3fe4b0517825ed9690eef354a12a2d8134f2429636
GET /wp-content/uploads/bb-plugin/cache/29-layout-partial.css?ver=810be504223fb334c7cf1a382b5d9e2e HTTP/1.1
Host: marathonbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marathonbuilding.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 09:22:57 GMT
Server: Apache
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Sat, 17 Sep 2022 02:31:24 GMT
Accept-Ranges: bytes
Content-Length: 41031
Keep-Alive: timeout=3, max=199
Connection: Keep-Alive
Content-Type: text/css
marathonbuilding.com/wp-content/plugins/bb-plugin/css/jquery.magnificpopup.min.css?ver=2.5.5.5
69.167.168.176200 OK 5.8 kB URL HTTP/1.1 marathonbuilding.com/wp-content/plugins/bb-plugin/css/jquery.magnificpopup.min.css?ver=2.5.5.5
IP 69.167.168.176:0
File type ASCII text, with very long lines (5788), with no line terminators
Hash 0a66bbbe7724e20d5d1f1641874d9673
be5bbb88d64c5f2d1b01e22c494c49223f80f0f6
b698d7d63c8c236cda0499131978654fa884f24df6755f7b6909e5d784e096db
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/bb-plugin/css/jquery.magnificpopup.min.css?ver=2.5.5.5 HTTP/1.1
Host: marathonbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marathonbuilding.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 09:22:57 GMT
Server: Apache
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Sat, 17 Sep 2022 02:30:38 GMT
Accept-Ranges: bytes
Content-Length: 5788
Keep-Alive: timeout=3, max=199
Connection: Keep-Alive
Content-Type: text/css
marathonbuilding.com/wp-content/themes/bb-theme/css/base.min.css?ver=1.7.11
69.167.168.176200 OK 48 kB URL HTTP/1.1 marathonbuilding.com/wp-content/themes/bb-theme/css/base.min.css?ver=1.7.11
IP 69.167.168.176:0
File type ASCII text, with very long lines (47664)
Hash cbd0fb866214542b799f99b57b7a92fe
90cf6dcbed7c38e02a8b9b2c5302c294faaec364
1e8dcaec98f99c2b1b43ff8b8655680b69bbf150470b20ecbdd1cb45570a0587
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bb-theme/css/base.min.css?ver=1.7.11 HTTP/1.1
Host: marathonbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marathonbuilding.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 09:22:57 GMT
Server: Apache
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Thu, 05 May 2022 15:19:44 GMT
Accept-Ranges: bytes
Content-Length: 48426
Keep-Alive: timeout=3, max=199
Connection: Keep-Alive
Content-Type: text/css
marathonbuilding.com/wp-includes/css/dashicons.min.css?ver=6.0.2
69.167.168.176200 OK 59 kB URL HTTP/1.1 marathonbuilding.com/wp-includes/css/dashicons.min.css?ver=6.0.2
IP 69.167.168.176:0
File type ASCII text, with very long lines (58981)
Hash d68d6bf519169d86e155bad0bed833f8
27ba9c67d0e775fc4e6dd62011daf4c3902698fc
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dashicons.min.css?ver=6.0.2 HTTP/1.1
Host: marathonbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marathonbuilding.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 09:22:57 GMT
Server: Apache
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Thu, 15 Apr 2021 14:24:19 GMT
Accept-Ranges: bytes
Content-Length: 59016
Keep-Alive: timeout=3, max=199
Connection: Keep-Alive
Content-Type: text/css
marathonbuilding.com/wp-content/themes/bb-theme-child/style.css?ver=6.0.2
69.167.168.176200 OK 327 B URL HTTP/1.1 marathonbuilding.com/wp-content/themes/bb-theme-child/style.css?ver=6.0.2
IP 69.167.168.176:0
Hash 19b4fbd77df43a2d41bb3c5bccc0486e
d08c628cc54dbe4432a4bd1663f437b1889ab8a7
196d33d4e1bcad0b6257a2f875ffac63d819abb8ad4ed2e4eed514c1edb43a17
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bb-theme-child/style.css?ver=6.0.2 HTTP/1.1
Host: marathonbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marathonbuilding.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 09:22:57 GMT
Server: Apache
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Mon, 27 May 2019 03:04:46 GMT
Accept-Ranges: bytes
Content-Length: 327
Keep-Alive: timeout=3, max=195
Connection: Keep-Alive
Content-Type: text/css
marathonbuilding.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
69.167.168.176200 OK 11 kB URL HTTP/1.1 marathonbuilding.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 69.167.168.176:0
File type ASCII text, with very long lines (11126)
Hash 79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: marathonbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marathonbuilding.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 09:22:58 GMT
Server: Apache
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Thu, 21 Jan 2021 22:34:36 GMT
Accept-Ranges: bytes
Content-Length: 11224
Keep-Alive: timeout=3, max=198
Connection: Keep-Alive
Content-Type: application/javascript
marathonbuilding.com/wp-content/uploads/bb-theme/skin-6273eb115f317.css?ver=1.7.11
69.167.168.176200 OK 59 kB URL HTTP/1.1 marathonbuilding.com/wp-content/uploads/bb-theme/skin-6273eb115f317.css?ver=1.7.11
IP 69.167.168.176:0
File type ASCII text, with very long lines (58552), with no line terminators
Hash f2c3512b937a3e6c6743f5dfbd7fd48d
5f82bbc2f775bcd1f3a34c4a8e47ab7b6e7596db
0375e70c80c9148776fe1479bf032a93278d7ebc804a51b5ccfeaf7ecf4c248a
GET /wp-content/uploads/bb-theme/skin-6273eb115f317.css?ver=1.7.11 HTTP/1.1
Host: marathonbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marathonbuilding.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 09:22:57 GMT
Server: Apache
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Thu, 05 May 2022 15:19:45 GMT
Accept-Ranges: bytes
Content-Length: 58552
Keep-Alive: timeout=3, max=197
Connection: Keep-Alive
Content-Type: text/css
fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700%2C400%2C500%7CRaleway%3A800%2C700%7CLobster%3A400&ver=6.0.2
142.250.74.10200 OK 9.7 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700%2C400%2C500%7CRaleway%3A800%2C700%7CLobster%3A400&ver=6.0.2
IP 142.250.74.10:0
Hash 1fc34fdf0e65dafbdc33f9d9addeb508
cf85f52ec663ff668af113f3996f748f07ac027d
369fe4b32899c17ec2a43bcbfdd961aa3e4cceaa66dbc737bbca26c44926fc89
GET /css?family=Roboto%3A300%2C400%2C700%2C400%2C500%7CRaleway%3A800%2C700%7CLobster%3A400&ver=6.0.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marathonbuilding.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 09:22:58 GMT
date: Tue, 04 Oct 2022 09:22:58 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
marathonbuilding.com/wp-content/uploads/bb-plugin/cache/12-layout.js?ver=c887e184840991a968deba60a9aa3e4c
69.167.168.176200 OK 41 kB URL HTTP/1.1 marathonbuilding.com/wp-content/uploads/bb-plugin/cache/12-layout.js?ver=c887e184840991a968deba60a9aa3e4c
IP 69.167.168.176:0
File type Unicode text, UTF-8 text, with very long lines (1501)
Hash c887e184840991a968deba60a9aa3e4c
d5e16b337ef6fe16a214827c51ae7abd90c10215
beb3b3195c4554fcdcd53a7cd94280039980bab8745172405cbe1f1d3ca9571b
GET /wp-content/uploads/bb-plugin/cache/12-layout.js?ver=c887e184840991a968deba60a9aa3e4c HTTP/1.1
Host: marathonbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marathonbuilding.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 09:22:58 GMT
Server: Apache
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Sat, 17 Sep 2022 02:31:24 GMT
Accept-Ranges: bytes
Content-Length: 41382
Keep-Alive: timeout=3, max=198
Connection: Keep-Alive
Content-Type: application/javascript
marathonbuilding.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
69.167.168.176200 OK 9.7 kB URL HTTP/1.1 marathonbuilding.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
IP 69.167.168.176:0
File type ASCII text, with very long lines (9680), with no line terminators
Hash 490c29d6776fc430c23403fd845b34b0
817129906b7fef1011895a76f047c7693a852e21
29e8de26576208c07ba0845f604e65c9273b93f9f4d1d66214eb4c586f9938c4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3 HTTP/1.1
Host: marathonbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marathonbuilding.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 09:22:58 GMT
Server: Apache
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Fri, 16 Sep 2022 19:20:46 GMT
Accept-Ranges: bytes
Content-Length: 9680
Keep-Alive: timeout=3, max=194
Connection: Keep-Alive
Content-Type: application/javascript
marathonbuilding.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
69.167.168.176200 OK 90 kB URL HTTP/1.1 marathonbuilding.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 69.167.168.176:0
File type ASCII text, with very long lines (65447)
Hash 02dd5d04add4759122013c5ab4dc5cc2
a45a56e396ac549b4ff39b696ce9e0c16a7612de
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: marathonbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marathonbuilding.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 09:22:58 GMT
Server: Apache
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Thu, 26 Aug 2021 01:15:10 GMT
Accept-Ranges: bytes
Content-Length: 89521
Keep-Alive: timeout=3, max=198
Connection: Keep-Alive
Content-Type: application/javascript
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15987
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 09:22:59 GMT
Connection: keep-alive
marathonbuilding.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
69.167.168.176200 OK 12 kB URL HTTP/1.1 marathonbuilding.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
IP 69.167.168.176:0
File type HTML document, ASCII text, with very long lines (12211), with no line terminators
Hash 3f3fc23f477a3849aa5677c585b2a2b4
ccf0865ebd37f76c450c7a377a86ff2448288db3
985fdd42398281348ca133a44750a56fe4909a806b9c075c9443a5d0bd6d2e51
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3 HTTP/1.1
Host: marathonbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marathonbuilding.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 09:22:58 GMT
Server: Apache
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Fri, 16 Sep 2022 19:20:46 GMT
Accept-Ranges: bytes
Content-Length: 12211
Keep-Alive: timeout=3, max=197
Connection: Keep-Alive
Content-Type: application/javascript
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15987
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 09:22:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15987
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 09:22:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15987
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 09:22:59 GMT
Connection: keep-alive
marathonbuilding.com/wp-content/plugins/bb-header-footer/assets/js/bb-header-footer.js?ver=1.2.2
69.167.168.176200 OK 517 B URL HTTP/1.1 marathonbuilding.com/wp-content/plugins/bb-header-footer/assets/js/bb-header-footer.js?ver=1.2.2
IP 69.167.168.176:0
File type ASCII text, with CRLF line terminators
Hash f16cf0396c9aebe2e4573251609b35e2
17ed148c597359ba0af7b9ee913f11ec0f3ee6da
d0e9c807c6cbd10eeee3b3ae0c5e60653b8ef4d41daea5c2492075fc35b90151
GET /wp-content/plugins/bb-header-footer/assets/js/bb-header-footer.js?ver=1.2.2 HTTP/1.1
Host: marathonbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marathonbuilding.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 09:22:58 GMT
Server: Apache
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Sat, 29 Jan 2022 02:34:47 GMT
Accept-Ranges: bytes
Content-Length: 517
Keep-Alive: timeout=3, max=196
Connection: Keep-Alive
Content-Type: application/javascript
marathonbuilding.com/wp-content/uploads/bb-plugin/cache/0-layout-partial.js?ver=3c3ed6d02b422d9c9de9fa3fd678fca1
69.167.168.176200 OK 10 kB URL HTTP/1.1 marathonbuilding.com/wp-content/uploads/bb-plugin/cache/0-layout-partial.js?ver=3c3ed6d02b422d9c9de9fa3fd678fca1
IP 69.167.168.176:0
File type ASCII text, with very long lines (757)
Hash a018daa08b293fcb22bad3759ac36d16
e93ece491b1b4d3701bcb97433a49fa9bfc2fb17
3784d95d7aa937025bf6d9d3ef12ee8cebd6487058492b27c8e66e94e984a3ba
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/bb-plugin/cache/0-layout-partial.js?ver=3c3ed6d02b422d9c9de9fa3fd678fca1 HTTP/1.1
Host: marathonbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marathonbuilding.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 09:22:58 GMT
Server: Apache
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Sat, 17 Sep 2022 02:31:24 GMT
Accept-Ranges: bytes
Content-Length: 10352
Keep-Alive: timeout=3, max=197
Connection: Keep-Alive
Content-Type: application/javascript
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f5624b4-8e2a-461e-a32a-38d6b5a3a8d2.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f5624b4-8e2a-461e-a32a-38d6b5a3a8d2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ae824db4a95391149198a4b6b8556c70
db07d58d8feff4ea01866d095e5264ee5c8e1ca3
19e96d204813247697e1858daf9e07d6c4cafd9ab1175a3bf39a7f07f6991521
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f5624b4-8e2a-461e-a32a-38d6b5a3a8d2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11101
x-amzn-requestid: f98e84d9-1e66-4436-b793-219a777f2ba0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcqcvE8JoAMFQ2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5784-25bd2b234c1093de70074c92;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:43:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: becOxfqUowywFrxzDSeK7F1lFdDVTSHIF1TLC5k5aSlLPpsR6F8gjw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:42:37 GMT
age: 38422
etag: "db07d58d8feff4ea01866d095e5264ee5c8e1ca3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6c6882c60d7ca6f918c77104e3ad1d52
20ef861be49c652a938e0145e4ca3a60159367e2
861f5870990fbd2939d151ae18384cf311e87067ca9a50818efe0c2d51b83088
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5504
x-amzn-requestid: 37405eb0-5c75-46a9-84c0-e8ed726995d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHvHPvoAMF3mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-77fd550b58af612525e74761;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: O1yNc4H21kixhUEE7099oNqs7a5ZnJBBjlZbsbmLvaXyzXzrK0dL3w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:33 GMT
age: 41906
etag: "20ef861be49c652a938e0145e4ca3a60159367e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8287b853-235b-49f5-9b5c-780827ac695b.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8287b853-235b-49f5-9b5c-780827ac695b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7b7345414898d451d930431b46d4bd00
a36475a0ec7d7b92593cadd4aa99ca38550f1cd1
79b541c69c78df0e4a4c26438431fd6b52754b589d80e929a4203063712a540c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8287b853-235b-49f5-9b5c-780827ac695b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9855
x-amzn-requestid: 15f15a2e-0028-40ac-be8f-8e20c37fd27e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHuGX7oAMFgDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-5fe693f30c91e4c82c8accb1;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ngoNHOX6fFTGa1Y_-yFOFUYYYqiLJCQOq3NISbmc3gX21YO0TLxx0w==
via: 1.1 b637bd7696854d7acbf96132dcf53200.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 23:32:19 GMT
etag: "a36475a0ec7d7b92593cadd4aa99ca38550f1cd1"
content-type: image/jpeg
age: 35440
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8c08f8066cc732de8befd6ccd629a95
22aab05208a01ae5def4d63dc145085630f57bcb
f8a560a0563518d992d0bd2655d2b5c406435a18e874ca00b51374d2ff901770
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9917
x-amzn-requestid: 2dff93d9-795d-4885-9b82-610b0d235a82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTGEnIAMF1zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-117afa703663ada75627792c;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DOS5kVEVqBrCVMKRw07fX-6HDgWVb9lJwkVM2pXs0PQHys6CBJUVfQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 41919
etag: "22aab05208a01ae5def4d63dc145085630f57bcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 04:42:51 GMT
age: 16808
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
marathonbuilding.com/wp-content/uploads/bb-plugin/cache/29-layout-partial.js?ver=810be504223fb334c7cf1a382b5d9e2e
69.167.168.176200 OK 10 kB URL HTTP/1.1 marathonbuilding.com/wp-content/uploads/bb-plugin/cache/29-layout-partial.js?ver=810be504223fb334c7cf1a382b5d9e2e
IP 69.167.168.176:0
File type ASCII text, with very long lines (757)
Hash fbbf36f72f636de800501f84746bac61
766433b723126c1534e5954459a43f872b693cca
e1dea28793f5890c2cfbc783c4a9fb59a7597635c9eaacb371a3e538db5ce914
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/bb-plugin/cache/29-layout-partial.js?ver=810be504223fb334c7cf1a382b5d9e2e HTTP/1.1
Host: marathonbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marathonbuilding.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 09:22:58 GMT
Server: Apache
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Sat, 17 Sep 2022 02:31:24 GMT
Accept-Ranges: bytes
Content-Length: 10482
Keep-Alive: timeout=3, max=197
Connection: Keep-Alive
Content-Type: application/javascript
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6779181f9c06975f2a662da743893939
585e7146fd24cdc2496b05baafea04091dc541e2
8e9a9f92fd89b7cdce77884ccd76b83ab82d28f125ebfc1cb0d371d4046b7985
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4858
x-amzn-requestid: fb21c414-2994-444a-a838-e643fd05b171
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTEfPoAMFfeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-593dd8043b0490e7301cac0d;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: SGeDEPoXxsTV5UwkZnn3MJPbjhHhrKSsueHPxVapV_7Icl6daFk3oA==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 41919
etag: "585e7146fd24cdc2496b05baafea04091dc541e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
marathonbuilding.com/wp-content/plugins/bb-plugin/js/jquery.ba-throttle-debounce.min.js?ver=2.5.5.5
69.167.168.176200 OK 731 B URL HTTP/1.1 marathonbuilding.com/wp-content/plugins/bb-plugin/js/jquery.ba-throttle-debounce.min.js?ver=2.5.5.5
IP 69.167.168.176:0
File type ASCII text, with very long lines (479)
Hash 97669983f6540f2badeef6ab07e5b637
b6f0084f6747da64cf24334b2c0027e57cbf7f23
fa7b84bb6e37fba06f79793937e55baf6ebc1bee051e350e11c7ca681a9f3db7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/bb-plugin/js/jquery.ba-throttle-debounce.min.js?ver=2.5.5.5 HTTP/1.1
Host: marathonbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marathonbuilding.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 09:22:58 GMT
Server: Apache
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Sat, 17 Sep 2022 02:30:38 GMT
Accept-Ranges: bytes
Content-Length: 731
Keep-Alive: timeout=3, max=193
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b45b15bb651cc185ea82d91a51f06b5a
44987727be72bb12b4e4fc4fac50145835512750
f0b61426de169cf2efde87ac98d5123ea785004ad05c05932a099b644b2fdf64
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 09:22:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
marathonbuilding.com/wp-content/plugins/bb-plugin/js/jquery.magnificpopup.min.js?ver=2.5.5.5
69.167.168.176200 OK 20 kB URL HTTP/1.1 marathonbuilding.com/wp-content/plugins/bb-plugin/js/jquery.magnificpopup.min.js?ver=2.5.5.5
IP 69.167.168.176:0
File type ASCII text, with very long lines (19875), with no line terminators
Hash e93d7fa3e0f8cecb5f3636517d0573dc
59a88a7f3402b855c15caa0e304ef2b238a8f17c
8bfcec07978309844d788b4ade223b49ba0be250c0da82fa94d7477842db1e6a
GET /wp-content/plugins/bb-plugin/js/jquery.magnificpopup.min.js?ver=2.5.5.5 HTTP/1.1
Host: marathonbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marathonbuilding.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 09:22:58 GMT
Server: Apache
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Sat, 17 Sep 2022 02:30:38 GMT
Accept-Ranges: bytes
Content-Length: 19875
Keep-Alive: timeout=3, max=197
Connection: Keep-Alive
Content-Type: application/javascript
marathonbuilding.com/wp-content/themes/bb-theme/js/theme.min.js?ver=1.7.11
69.167.168.176200 OK 23 kB URL HTTP/1.1 marathonbuilding.com/wp-content/themes/bb-theme/js/theme.min.js?ver=1.7.11
IP 69.167.168.176:0
File type ASCII text, with very long lines (22786), with no line terminators
Hash b015fc610de8ca064a1903c0a00f93d6
51b1c4188848378ce365513a40a8feb73afe7558
e1a478b48c8e190782382190951e6410356f384923c3c79e0470935cde4bbdfa
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bb-theme/js/theme.min.js?ver=1.7.11 HTTP/1.1
Host: marathonbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marathonbuilding.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 09:22:58 GMT
Server: Apache
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Thu, 05 May 2022 15:19:44 GMT
Accept-Ranges: bytes
Content-Length: 22786
Keep-Alive: timeout=3, max=196
Connection: Keep-Alive
Content-Type: application/javascript
marathonbuilding.com/wp-content/uploads/2019/07/marathon2019.jpg
69.167.168.176200 OK 62 kB URL HTTP/1.1 marathonbuilding.com/wp-content/uploads/2019/07/marathon2019.jpg
IP 69.167.168.176:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Xara Designer Pro X11], baseline, precision 8, 2000x210, components 3\012- data
Hash 9360bc5c13e08297cd7f342ce6f902a4
8506f895310fcecdbde34d05b3c83bd01e01719a
8ddb1348ae1aa58e9188b461f64558d563be572c429dfc729a1d8c910117d13b
GET /wp-content/uploads/2019/07/marathon2019.jpg HTTP/1.1
Host: marathonbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marathonbuilding.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 09:22:58 GMT
Server: Apache
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Mon, 15 Jul 2019 02:53:47 GMT
Accept-Ranges: bytes
Content-Length: 61736
Keep-Alive: timeout=3, max=195
Connection: Keep-Alive
Content-Type: image/jpeg
marathonbuilding.com/wp-content/uploads/bb-plugin/cache/calvin-300x300-circle.jpg
69.167.168.176200 OK 12 kB URL HTTP/1.1 marathonbuilding.com/wp-content/uploads/bb-plugin/cache/calvin-300x300-circle.jpg
IP 69.167.168.176:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x300, components 3\012- data
Hash 851020870db9dd1e44ebc5308bc53c72
cd98643b06d5ca29a31944be430f3fe2cb7fc94b
115c0610003979a3ba07d0b439580a42af4b3ac64639880c9835e5e824ca396d
GET /wp-content/uploads/bb-plugin/cache/calvin-300x300-circle.jpg HTTP/1.1
Host: marathonbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marathonbuilding.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 09:22:58 GMT
Server: Apache
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Mon, 12 Aug 2019 01:27:39 GMT
Accept-Ranges: bytes
Content-Length: 11778
Keep-Alive: timeout=3, max=196
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 09:22:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://marathonbuilding.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:08 GMT
expires: Thu, 28 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 481731
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 09:22:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 09:22:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://marathonbuilding.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 02 Oct 2022 01:31:40 GMT
expires: Mon, 02 Oct 2023 01:31:40 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 201079
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 09:22:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 09:22:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
216.58.207.195200 OK 46 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 46524, version 1.0\012- data
Hash c1fd378f54921c75e4ae1821e7b8fff6
2ce96e97783b2f154d07f4464ca6f8eb2469f2c1
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
GET /s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://marathonbuilding.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 21:13:12 GMT
expires: Tue, 03 Oct 2023 21:13:12 GMT
cache-control: public, max-age=31536000
age: 43787
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
marathonbuilding.com/wp-content/uploads/2019/08/homepage.jpg
69.167.168.176200 OK 64 kB URL HTTP/1.1 marathonbuilding.com/wp-content/uploads/2019/08/homepage.jpg
IP 69.167.168.176:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=13, height=614, manufacturer=SAMSUNG, model=SCH-R530U, orientation=upper-left, xresolution=194, yresolution=202, resolutionunit=2, software=R530UVXALG4, datetime=2012:10:08 14:50:09, GPS-Data, width=1600], baseline, precision 8, 1600x614, components 3\012- data
Hash 93d97d274292000c05a0ab07899ee3dc
25484294a1e1424bde0fa9abf5c607515ee834a6
f6daeb6f6d941e880f6fd679d563569817a71dba658a1df1f6e869c692fcffa6
GET /wp-content/uploads/2019/08/homepage.jpg HTTP/1.1
Host: marathonbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marathonbuilding.com/wp-content/uploads/bb-plugin/cache/12-layout.css?ver=303761e9411141ab402e013c7f8359ae
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 09:22:58 GMT
Server: Apache
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Sun, 11 Aug 2019 01:40:22 GMT
Accept-Ranges: bytes
Content-Length: 63947
Keep-Alive: timeout=3, max=196
Connection: Keep-Alive
Content-Type: image/jpeg
fonts.gstatic.com/s/lobster/v28/neILzCirqoswsqX9zoKmMw.woff2
216.58.207.195200 OK 33 kB URL HTTP/2 fonts.gstatic.com/s/lobster/v28/neILzCirqoswsqX9zoKmMw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 33436, version 1.0\012- data
Hash b9b4c932ef89c39525bfe1b604cda3a1
767246e4c7df1b6c32f590c16c135808382b1aba
9a932e49823b59769330d1ce8ef9f1b90e5ae8ecd5f2bb388d19bf684cdb7ebd
GET /s/lobster/v28/neILzCirqoswsqX9zoKmMw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://marathonbuilding.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33436
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Sep 2022 17:57:59 GMT
expires: Wed, 27 Sep 2023 17:57:59 GMT
cache-control: public, max-age=31536000
age: 573900
last-modified: Tue, 26 Apr 2022 15:01:13 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://marathonbuilding.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:08 GMT
expires: Thu, 28 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 481731
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 09:22:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
marathonbuilding.com/wp-content/uploads/2019/08/PICT0058-2.jpg
69.167.168.176200 OK 129 kB URL HTTP/1.1 marathonbuilding.com/wp-content/uploads/2019/08/PICT0058-2.jpg
IP 69.167.168.176:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=12, description=MINOLTA DIGITAL CAMERA , manufacturer=Minolta Co., Ltd., model=DiMAGE Z1, orientation=upper-left, xresolution=228, yresolution=236, resolutionunit=2, software=Ver. 1.00, datetime=2009:09:04 15:14:31], baseline, precision 8, 800x600, components 3\012- data
Size 129 kB (129260 bytes)
Hash 52c79adafa72b1b9b8c0c93a3673601d
32d9b3ab63dc73a3d988115bdb19285deb4084e9
39d2186886a0b476bd07f4df4480d6e3a0438c54230738e9a46879968ba365fe
GET /wp-content/uploads/2019/08/PICT0058-2.jpg HTTP/1.1
Host: marathonbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marathonbuilding.com/wp-content/uploads/bb-plugin/cache/29-layout-partial.css?ver=810be504223fb334c7cf1a382b5d9e2e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 09:22:58 GMT
Server: Apache
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Mon, 05 Aug 2019 03:17:41 GMT
Accept-Ranges: bytes
Content-Length: 129260
Keep-Alive: timeout=3, max=192
Connection: Keep-Alive
Content-Type: image/jpeg
marathonbuilding.com/wp-content/uploads/bb-plugin/icons/ultimate-icons/fonts/Ultimate-Icons.ttf?1ddi1j
69.167.168.176200 OK 93 kB URL HTTP/1.1 marathonbuilding.com/wp-content/uploads/bb-plugin/icons/ultimate-icons/fonts/Ultimate-Icons.ttf?1ddi1j
IP 69.167.168.176:0
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, Ultimate-Icons\012- data
Hash 4f52acd8464d9611fe731e6182f1986e
a6367a5d19bd2b65265eee57e03068dca24be313
49f204eb11dd2940cb55d01fbe8f8f2fef9167ff1cb6e22bcecde06c0078f630
GET /wp-content/uploads/bb-plugin/icons/ultimate-icons/fonts/Ultimate-Icons.ttf?1ddi1j HTTP/1.1
Host: marathonbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marathonbuilding.com/wp-content/uploads/bb-plugin/icons/ultimate-icons/style.css?ver=2.5.5.5
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 09:22:58 GMT
Server: Apache
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Mon, 27 May 2019 02:27:38 GMT
Accept-Ranges: bytes
Content-Length: 93024
Keep-Alive: timeout=3, max=196
Connection: Keep-Alive
Content-Type: font/ttf
marathonbuilding.com/wp-content/uploads/2019/07/Young51.jpg
69.167.168.176200 OK 44 kB URL HTTP/1.1 marathonbuilding.com/wp-content/uploads/2019/07/Young51.jpg
IP 69.167.168.176:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 600x450, components 3\012- data
Hash de7556fa7aa0731739b3be0c8cc1ef8c
91bd370ec14a3da7f90657ef8921558611d4bfe7
6c096cf255cbe559b533edf1594ab31ada350c9ed3c920bbabfb41a4e276b1d8
GET /wp-content/uploads/2019/07/Young51.jpg HTTP/1.1
Host: marathonbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marathonbuilding.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 09:22:58 GMT
Server: Apache
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Tue, 23 Jul 2019 03:09:38 GMT
Accept-Ranges: bytes
Content-Length: 44004
Keep-Alive: timeout=3, max=195
Connection: Keep-Alive
Content-Type: image/jpeg
marathonbuilding.com/wp-content/uploads/2019/08/PICT0058-1.jpg
69.167.168.176200 OK 129 kB URL HTTP/1.1 marathonbuilding.com/wp-content/uploads/2019/08/PICT0058-1.jpg
IP 69.167.168.176:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=12, description=MINOLTA DIGITAL CAMERA , manufacturer=Minolta Co., Ltd., model=DiMAGE Z1, orientation=upper-left, xresolution=228, yresolution=236, resolutionunit=2, software=Ver. 1.00, datetime=2009:09:04 15:14:31], baseline, precision 8, 800x600, components 3\012- data
Size 129 kB (129260 bytes)
Hash 52c79adafa72b1b9b8c0c93a3673601d
32d9b3ab63dc73a3d988115bdb19285deb4084e9
39d2186886a0b476bd07f4df4480d6e3a0438c54230738e9a46879968ba365fe
GET /wp-content/uploads/2019/08/PICT0058-1.jpg HTTP/1.1
Host: marathonbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marathonbuilding.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 09:22:58 GMT
Server: Apache
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Sun, 04 Aug 2019 21:37:40 GMT
Accept-Ranges: bytes
Content-Length: 129260
Keep-Alive: timeout=3, max=191
Connection: Keep-Alive
Content-Type: image/jpeg
www.google.com/maps/embed/v1/place?q=Marathon+Building+Company%0A5618+Seymour+Hwy.%0AWichita+Falls%2C+TX+76310+&key=AIzaSyD09zQ9PNDNNy9TadMuzRV_UsPUoWKntt8
142.250.74.164200 OK 1.3 kB URL HTTP/2 www.google.com/maps/embed/v1/place?q=Marathon+Building+Company%0A5618+Seymour+Hwy.%0AWichita+Falls%2C+TX+76310+&key=AIzaSyD09zQ9PNDNNy9TadMuzRV_UsPUoWKntt8
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2642)
Hash eed412d28335a4e2ff10a635a0287a2c
e0f7fce4e72ccbec2c1e4567be4420082b0469e1
abb9546d2bbd25492f3ce3865615e210efafdfbcc9b391611934d6d58950c04b
GET /maps/embed/v1/place?q=Marathon+Building+Company%0A5618+Seymour+Hwy.%0AWichita+Falls%2C+TX+76310+&key=AIzaSyD09zQ9PNDNNy9TadMuzRV_UsPUoWKntt8 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marathonbuilding.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
pragma: no-cache
vary: Accept-Language, Origin, X-Origin, Referer
expires: Fri, 01 Jan 1990 00:00:00 GMT
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-ibPDXVtdpgde4gUVj8IBvw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Tue, 04 Oct 2022 09:22:59 GMT
server: scaffolding on HTTPServer2
content-length: 1323
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 129fe858bf2aa7291fd2c6dd4cf9d226
e3e048b964b851ebbdcfb5bd80ebdbad13720cf6
addc7e4ddab73c8c7ee50f6d33fc1e4ff73b71cc014e481049a393c3b87b0924
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 09:23:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.gstatic.com/maps-api-v3/embed/js/50/7a/init_embed.js
142.250.74.163200 OK 69 kB URL HTTP/2 maps.gstatic.com/maps-api-v3/embed/js/50/7a/init_embed.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (2669)
Hash 3c88195b68b3f5ef55c8542d99bae032
21e4163d17a8e7763be9056f28c2ee79c9c5be0f
a91ce7384cd146470b0cdbec8deaae8e2d70c73da9e9d042af0c602c35510162
GET /maps-api-v3/embed/js/50/7a/init_embed.js HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 68977
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 15:52:02 GMT
expires: Sun, 01 Oct 2023 15:52:02 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 27 Sep 2022 20:34:50 GMT
content-type: text/javascript
age: 235858
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
marathonbuilding.com/favicon.ico
69.167.168.176302 Found 0 B URL HTTP/1.1 marathonbuilding.com/favicon.ico
IP 69.167.168.176:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: marathonbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marathonbuilding.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Date: Tue, 04 Oct 2022 09:22:58 GMT
Server: Apache
Link: <https://marathonbuilding.com/wp-json/>; rel="https://api.w.org/"
X-Redirect-By: WordPress
Content-Security-Policy: upgrade-insecure-requests;
Location: https://marathonbuilding.com/wp-includes/images/w-logo-blue-white-bg.png
Content-Length: 0
Keep-Alive: timeout=3, max=190
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
marathonbuilding.com/wp-includes/images/w-logo-blue-white-bg.png
69.167.168.176200 OK 4.1 kB URL HTTP/1.1 marathonbuilding.com/wp-includes/images/w-logo-blue-white-bg.png
IP 69.167.168.176:0
File type PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 000bf649cc8f6bf27cfb04d1bcdcd3c7
d73d2f6d74ec6cdcbae07955592962e77d8ae814
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: marathonbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://marathonbuilding.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 09:22:59 GMT
Server: Apache
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Thu, 11 Jun 2020 02:21:42 GMT
Accept-Ranges: bytes
Content-Length: 4119
Keep-Alive: timeout=3, max=189
Connection: Keep-Alive
Content-Type: image/png