r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6b6481bf5f33b42cdd966d49d8b70107
03ed01a9dc82a7efaf3706691249d811f64719a4
1e42a2cd7e7ef655d17dea6423dff85d3f57111d9bd08d2f829535aa462eb11c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1E42A2CD7E7EF655D17DEA6423DFF85D3F57111D9BD08D2F829535AA462EB11C"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19033
Expires: Fri, 21 Oct 2022 12:19:25 GMT
Date: Fri, 21 Oct 2022 07:02:12 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash c9df6b36bf16969ac566c1b798362e4a
e56eff34815153ae019a4bf63eb9746dd9ae2e5b
33c1175144ab2be42c9de383f7893a6e60cd1f21f282eacb413d546331db3fa0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Retry-After, Alert, Content-Type, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 21 Oct 2022 06:36:49 GMT
Expires: Fri, 21 Oct 2022 06:47:55 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: NEMTV5mQ1eY6z5r1A8oh5W-5yqIoNHWOKHDLxY9vaatITMRVYe9asw==
Age: 1523
kenfieldpartners.com/
185.229.21.103301 Moved Permanently 0 B IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 21 Oct 2022 07:02:12 GMT
Server: Apache
X-Redirect-By: WordPress
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: https://kenfieldpartners.com/
Cache-Control: max-age=300
Expires: Fri, 21 Oct 2022 07:07:12 GMT
X-Endurance-Cache-Level: 2
Content-Length: 0
Keep-Alive: timeout=5, max=100
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9dc4f23f82148797f6d8041bdda3c7f7
6841ded3e2dd94fd762316d01efd43f7aafb8354
e229db1854a85b320cee574e805210f3adf5797136ea820c0a0ce9abcd63d4dd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E229DB1854A85B320CEE574E805210F3ADF5797136EA820C0A0CE9ABCD63D4DD"
Last-Modified: Thu, 20 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18989
Expires: Fri, 21 Oct 2022 12:18:41 GMT
Date: Fri, 21 Oct 2022 07:02:12 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: pWEAN9QvKGoWYrKswWMdCJh7TYKTsTiM4jGBZXLMGCGCYwMOhw1DB1Pv9qIp6BG6j9vIA2g4WB0=
x-amz-request-id: XJH32PCXDA3120NS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 21 Oct 2022 06:05:00 GMT
age: 3432
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 21 Oct 2022 07:02:12 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 21 Oct 2022 06:43:40 GMT
Cache-Control: max-age=3600
Expires: Fri, 21 Oct 2022 07:42:13 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Iwf1yeldfjjRMpffyyFWQgm5GW8KcH4oAwd6lFSa08c_E-wYNi4eBg==
Age: 1113
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a5dd4f71f4ddd5be9201466ed7a6c423
1d0832fb6e227d42137d319f728c8bc1414c816f
1edffa6a320210fccbd0e5fa6dbdaa45561678a75a66639985f02791c8283b40
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1881
Cache-Control: max-age=92154
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 07:02:13 GMT
Etag: "63510196-1d7"
Expires: Sat, 22 Oct 2022 08:38:07 GMT
Last-Modified: Thu, 20 Oct 2022 08:06:46 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
kenfieldpartners.com/
185.229.21.103200 OK 23 kB IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1820), with CRLF, LF line terminators
Hash c2d5f015c959f3552a5fc7009e4a8f25
03723715a656bdcd297741faf45389d840e2d6f0
b3697b5fb6f36b47e1585248f9f5cf02bbdcbe69d2c84b98a5e917b69c925c12
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
link: <https://kenfieldpartners.com/wp-json/>; rel="https://api.w.org/", <https://kenfieldpartners.com/wp-json/wp/v2/pages/996>; rel="alternate"; type="application/json", <https://kenfieldpartners.com/>; rel=shortlink
cache-control: max-age=300
expires: Fri, 21 Oct 2022 07:07:12 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 23345
content-type: text/html; charset=UTF-8
date: Fri, 21 Oct 2022 07:02:12 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=5.7.8
185.229.21.103200 OK 299 B URL HTTP/2 kenfieldpartners.com/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=5.7.8
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
Hash 1e34ceaa9a4c96c3499483f5fe818671
55a92f1196d0155e2bf0632f0905b5b8000f5ad7
9738e8e5222b5802082be7a77e56ad9fdee06718da410f356504184fd08b56bf
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/gtranslate/gtranslate-style24.css?ver=5.7.8 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 19 Apr 2021 08:27:01 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 299
content-type: text/css
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4
185.229.21.103200 OK 932 B URL HTTP/2 kenfieldpartners.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
Hash d423d422e354bb92d8590be50609489e
22d963017b1bcc74fe6effbfa4ab6d567e0d3b8d
39de3fd0aabe4e42509a229315fd784f227a085d8e77f1c191b99c0599c16c68
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 15 Mar 2021 16:48:51 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 932
content-type: text/css
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7.8
185.229.21.103200 OK 8.7 kB URL HTTP/2 kenfieldpartners.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7.8
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type Unicode text, UTF-8 text, with very long lines (29677)
Hash be8b35eb8a4bf220eca3c4be7dfdc460
3081a2b524e864441d2cf934bf7edce3bab7c0ab
b47be6ca0301fb6c67d9012115d8db41694b4f18d4974a4f2063a9a508c516df
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.7.8 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 09:06:33 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 8685
content-type: text/css
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/plugins/country-phone-field-contact-form-7/assets/css/intlTelInput.min.css?ver=5.7.8
185.229.21.103200 OK 3.2 kB URL HTTP/2 kenfieldpartners.com/wp-content/plugins/country-phone-field-contact-form-7/assets/css/intlTelInput.min.css?ver=5.7.8
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type ASCII text, with very long lines (21275), with no line terminators
Hash f7609710fe11ea8c093f96d4ed9455ee
6d249c365a5561b8250131cb636c68285091bfe3
5af0c78cded5b384ea6dc89aa45e580426f6a07637689d604157be6d22a5964a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/country-phone-field-contact-form-7/assets/css/intlTelInput.min.css?ver=5.7.8 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 15 Mar 2021 16:48:53 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 3198
content-type: text/css
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/plugins/ht-slider-for-elementor/assets/css/ht-slider-widgets.css?ver=1.2.3
185.229.21.103200 OK 800 B URL HTTP/2 kenfieldpartners.com/wp-content/plugins/ht-slider-for-elementor/assets/css/ht-slider-widgets.css?ver=1.2.3
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
Hash e88cbd3922c7bdc5655ef55fef4d1795
d4d329503b1af8e57bcd919b5ea48b1347f78212
b71ad99874e583c042bff468a7a82ff5678e43044cb36144c45e057d4c265cb9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ht-slider-for-elementor/assets/css/ht-slider-widgets.css?ver=1.2.3 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 15 Mar 2021 16:48:59 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 800
content-type: text/css
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/plugins/country-phone-field-contact-form-7/assets/css/countrySelect.min.css?ver=5.7.8
185.229.21.103200 OK 2.8 kB URL HTTP/2 kenfieldpartners.com/wp-content/plugins/country-phone-field-contact-form-7/assets/css/countrySelect.min.css?ver=5.7.8
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type ASCII text, with very long lines (20493), with no line terminators
Hash 47a2031eb6b03403044c8f86e40cb974
15532fb4cd3f1e2294bc5437c73598d67869b7ea
8babb69fe186d248856c197e78b9f2c5dce2347cf9d8377b33eb87b08699689c
GET /wp-content/plugins/country-phone-field-contact-form-7/assets/css/countrySelect.min.css?ver=5.7.8 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 15 Mar 2021 16:48:53 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 2782
content-type: text/css
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.11.0
185.229.21.103200 OK 3.6 kB URL HTTP/2 kenfieldpartners.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.11.0
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type ASCII text, with very long lines (17186)
Hash c7a8698fbccbbbc09f30952f045cff10
5dc964584fd48ff063c071d53dd7cb27d517b1a5
d41dbc1bba21ab8cd8ee83b91c596f064eea1437d246fccb723e57383cdef25f
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.11.0 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 15 Mar 2021 16:48:57 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 3598
content-type: text/css
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.1.4
185.229.21.103200 OK 536 B URL HTTP/2 kenfieldpartners.com/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.1.4
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type ASCII text, with very long lines (3815)
Hash a27f16b97b7c11345975d0d446091e49
ff6a39719053d3c83c79a4e94311186535bd3b7d
06290d9fcc04bfc8373289eb869518637843f22bb85fbe520dd3ccd12d0bf038
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.1.4 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 15 Mar 2021 16:48:57 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 536
content-type: text/css
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.1.4
185.229.21.103200 OK 2.6 kB URL HTTP/2 kenfieldpartners.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.1.4
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type ASCII text, with very long lines (10019)
Hash 0ea81c35141c6a4692506e4fe8d36edb
392c5f96995e66d74c27ed5a42f93169c2f32d18
b7488fd21ad73e483cdcaf42097ea7787ffe0616477e29a537f53f6064e321ab
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.1.4 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 15 Mar 2021 16:48:57 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 2592
content-type: text/css
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.1.4
185.229.21.103200 OK 16 kB URL HTTP/2 kenfieldpartners.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.1.4
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type ASCII text, with very long lines (65497)
Hash a887e51a401df1346430fbdbfae47f18
b894104c82457dc4bd32a1358ca49a2b69f45618
1f4548f4b5b36fceb11b3778266c5ce5e5fc2fcea2409f2d56b0f630ac0bfac6
GET /wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.1.4 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 15 Mar 2021 16:48:57 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 16194
content-type: text/css
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/uploads/elementor/css/post-7.css?ver=1615826996
185.229.21.103200 OK 330 B URL HTTP/2 kenfieldpartners.com/wp-content/uploads/elementor/css/post-7.css?ver=1615826996
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type ASCII text, with very long lines (946), with no line terminators
Hash 3112da52df50bf7a0337e4ba3269db2f
6ca075cd3bbc0a20ca9df28805ce9cfc64ee3d1e
5b75e2e8a46e3ffd5d2f9b725c3671b242883c09b5421b8c22747535bf221d58
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/post-7.css?ver=1615826996 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 15 Mar 2021 16:49:56 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 330
content-type: text/css
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/themes/visarzo/assets/css/flaticon.css?ver=1
185.229.21.103200 OK 854 B URL HTTP/2 kenfieldpartners.com/wp-content/themes/visarzo/assets/css/flaticon.css?ver=1
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
Hash 8f99a42a88f4089fe77348ba75d28cf1
920e5c3165c4e10cf37291d981fce1bc9af29736
d8a3013af8e5c751b97a771eb411d78e8cb10ed5ec4e730f8b16f94a1aaffe68
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/visarzo/assets/css/flaticon.css?ver=1 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 31 Oct 2020 20:53:22 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 854
content-type: text/css
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/uploads/2020/12/ae.png
185.229.21.103200 OK 267 B URL HTTP/2 kenfieldpartners.com/wp-content/uploads/2020/12/ae.png
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type PNG image data, 18 x 12, 8-bit/color RGB, non-interlaced\012- data
Hash ea1f59f528b32dbb5ebee3c70707d238
e697f5247b5e1737c6e127b4955186b69af7bede
dd1d11a1feeea2cc5123d17b5cb55fca41f583e2f4371c8681a57c6c18fb36e2
GET /wp-content/uploads/2020/12/ae.png HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Dec 2020 15:15:45 GMT
accept-ranges: bytes
content-length: 267
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
x-endurance-cache-level: 2
content-type: image/png
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/uploads/elementor/css/post-996.css?ver=1623100122
185.229.21.103200 OK 2.4 kB URL HTTP/2 kenfieldpartners.com/wp-content/uploads/elementor/css/post-996.css?ver=1623100122
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type ASCII text, with very long lines (19726)
Hash 614e81d0c4a7116c33f22987d545561e
b0b3772e173a7872f4babe593032fe0b3135715e
34d7b5444ead1f468b86b3cea3473c51ee0c3bf737680cb089715b9526eecbab
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/post-996.css?ver=1623100122 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Jun 2021 21:08:42 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 2355
content-type: text/css
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/themes/visarzo/assets/css/owl.css?ver=1
185.229.21.103200 OK 1.3 kB URL HTTP/2 kenfieldpartners.com/wp-content/themes/visarzo/assets/css/owl.css?ver=1
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type ASCII text, with CRLF line terminators
Hash b549ea5bf9637b5641d7198519b6d49d
68faec57b379f6fc2195cf41e3beda858dd2aa5a
2639c1845c436519bc7e7964bfc0973a6e8dbe5c6ffa16f1d0fc22c36ead8678
GET /wp-content/themes/visarzo/assets/css/owl.css?ver=1 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 31 Oct 2020 20:53:22 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 1333
content-type: text/css
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/themes/visarzo/assets/css/color/theme-color.css?ver=1
185.229.21.103200 OK 1.4 kB URL HTTP/2 kenfieldpartners.com/wp-content/themes/visarzo/assets/css/color/theme-color.css?ver=1
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type ASCII text, with CRLF line terminators
Hash 407487e763e08b061ac33f0e25542caf
ea8066508e80de3123763e5f21ca8427e2c165cf
64cfc11917249526feaddcddfe957dbc7e4664f8c9017afcf4307b58e3766f8d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/visarzo/assets/css/color/theme-color.css?ver=1 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 31 Oct 2020 20:53:22 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 1364
content-type: text/css
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/uploads/elementor/css/global.css?ver=1615826996
185.229.21.103200 OK 2.9 kB URL HTTP/2 kenfieldpartners.com/wp-content/uploads/elementor/css/global.css?ver=1615826996
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type ASCII text, with very long lines (20504), with CRLF, LF line terminators
Hash 1b2e862774d3cbac4d1df938bb8c3949
9b6f6f0565a69ca31fce96d8f467d4f602bf27ec
43f36a28d7e966298268479bede085e7fad292865e27d25f663df1f894b66505
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/global.css?ver=1615826996 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 15 Mar 2021 16:49:56 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 2914
content-type: text/css
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/uploads/pum/pum-site-styles.css?generated=1617121682&ver=1.16.1
185.229.21.103200 OK 3.4 kB URL HTTP/2 kenfieldpartners.com/wp-content/uploads/pum/pum-site-styles.css?generated=1617121682&ver=1.16.1
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type ASCII text, with very long lines (7400), with CRLF, LF line terminators
Hash 6b42455954d6efb0c947bdb147c3e5ec
5ecbe29caa9c290f048230c9e33e90db2eb04176
e341a754a8716c0fad0373d6acdd994120de4134ca662af7ab6d5a7d7367f469
GET /wp-content/uploads/pum/pum-site-styles.css?generated=1617121682&ver=1.16.1 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 30 Mar 2021 16:28:02 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 3411
content-type: text/css
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/plugins/international-telephone-input-for-contact-form-7/vendor/intl-tel-input/css/intlTelInput.min.css?ver=12.1.3
185.229.21.103200 OK 3.1 kB URL HTTP/2 kenfieldpartners.com/wp-content/plugins/international-telephone-input-for-contact-form-7/vendor/intl-tel-input/css/intlTelInput.min.css?ver=12.1.3
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type ASCII text, with very long lines (20746), with no line terminators
Hash 5340d9c5e0baa32839f08aa409f1cedd
6b52d4d6dac212b6a68eac48117d7749131178fb
2d0305c0e66c400d99ea1a953717d4e3dac004e2f31890ef624f1970d397edd4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/international-telephone-input-for-contact-form-7/vendor/intl-tel-input/css/intlTelInput.min.css?ver=12.1.3 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 29 Mar 2021 08:04:11 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 3134
content-type: text/css
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.1
185.229.21.103200 OK 310 B URL HTTP/2 kenfieldpartners.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.1
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type ASCII text, with very long lines (483)
Hash 2787accb505c197c9bbff06a38d5c931
c7fa986bdb2f6972caa0d003705098aeb644b8f6
86ba4a954e110a614b9174dbe21466c45acebec05115e606d9fbfe3175624074
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.1 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 15 Mar 2021 16:48:57 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 310
content-type: text/css
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/themes/visarzo/assets/css/nice-select.css?ver=1
185.229.21.103200 OK 1.1 kB URL HTTP/2 kenfieldpartners.com/wp-content/themes/visarzo/assets/css/nice-select.css?ver=1
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
Hash d1d7efa19b769d2b6da55df37cebb29b
03b22939665eb62dbd1623d4eeffcd59381c66a3
0a3645773ac0ba2b3c8e31b51d9d00bafccfd56e55fff325d8c6f391506d0a9c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/visarzo/assets/css/nice-select.css?ver=1 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 31 Oct 2020 20:53:22 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 1057
content-type: text/css
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/themes/visarzo/assets/css/switcher-style.css?ver=1
185.229.21.103200 OK 834 B URL HTTP/2 kenfieldpartners.com/wp-content/themes/visarzo/assets/css/switcher-style.css?ver=1
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type ASCII text, with CRLF line terminators
Hash 07b8ac613cab82c36c4ac74a618e0f69
a91051c4a37ed332af8b12468fb61bb2d37c534a
8329bb7ee76881474cc1263947492e69d82c2547aa85c670bb13c0e5024ca5b8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/visarzo/assets/css/switcher-style.css?ver=1 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 31 Oct 2020 20:53:22 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 834
content-type: text/css
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/themes/visarzo/assets/css/responsive.css?ver=1666335732
185.229.21.103200 OK 2.9 kB URL HTTP/2 kenfieldpartners.com/wp-content/themes/visarzo/assets/css/responsive.css?ver=1666335732
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type ASCII text, with CRLF line terminators
Hash c6606f3e40e3673b956ddfffbda76bcd
1f1ad037719c660d30f1d31f2e2b35d181cf9ae3
171156deb507c7d154bc592f25ae05919bb1c43927cd373a5b49e2641909732a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/visarzo/assets/css/responsive.css?ver=1666335732 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 31 Oct 2020 20:53:22 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 2871
content-type: text/css
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/themes/visarzo/assets/css/font-awesome-all.css?ver=1
185.229.21.103200 OK 12 kB URL HTTP/2 kenfieldpartners.com/wp-content/themes/visarzo/assets/css/font-awesome-all.css?ver=1
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type ASCII text, with very long lines (302)
Hash 14e0f81fe8f3f65b077d560c11a2077b
7a15fab70d468f36fc708f0d6eed2314cb6a68f5
2c2262bd907ec3b391a2c44dd3652b4b5c2701308960137220c75377cc4986aa
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/visarzo/assets/css/font-awesome-all.css?ver=1 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 31 Oct 2020 20:53:22 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 11470
content-type: text/css
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/themes/visarzo/assets/css/animate.css?ver=1
185.229.21.103200 OK 5.4 kB URL HTTP/2 kenfieldpartners.com/wp-content/themes/visarzo/assets/css/animate.css?ver=1
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type ASCII text, with CRLF line terminators
Hash 132dfc27bec7e79a0c973553a94ced6b
bdc463013f093796751734c5649d248a5a8235fa
3ca6dc61b098c2700a0acdd7c69809ec7337a0f7bc79440eef1ddce4efa9e2e2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/visarzo/assets/css/animate.css?ver=1 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 31 Oct 2020 20:53:22 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 5396
content-type: text/css
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/themes/visarzo/assets/css/jquery.fancybox.min.css?ver=1
185.229.21.103200 OK 3.2 kB URL HTTP/2 kenfieldpartners.com/wp-content/themes/visarzo/assets/css/jquery.fancybox.min.css?ver=1
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type Unicode text, UTF-8 text, with very long lines (13734), with no line terminators
Hash 4aa83282cfd78eff0eb96f1ef859c41c
2dad526069f66371f4f390c8bd451116e7a3681e
c111dffb462e77cb52ee7474752b18e01ce935d5295e212c9031f42cf30326f5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/visarzo/assets/css/jquery.fancybox.min.css?ver=1 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 31 Oct 2020 20:53:22 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 3155
content-type: text/css
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.1
185.229.21.103200 OK 13 kB URL HTTP/2 kenfieldpartners.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.1
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type ASCII text, with very long lines (57726)
Hash 3b91743ea2c19a759f83e689cd8fa348
16dbc0441a131b0bfc89971ec9bca9f98af15d81
e24cfcc105bdba13864df7b16cd9ef0fab88992688877230f2c3c6de60280ad6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.1 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 15 Mar 2021 16:48:57 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 12581
content-type: text/css
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e6c3e0486533b0a2edffeca191cd7785
2d688b3c35b26c69e8490ed21ccb94dbbe5ddd27
0780ccc7e7101d6bbfb981fcfdc6e9642f49b4671e2109bde58362d5be33c5d8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 07:02:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kenfieldpartners.com/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.0.7
185.229.21.103200 OK 23 kB URL HTTP/2 kenfieldpartners.com/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.0.7
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type ASCII text, with very long lines (65492), with CRLF line terminators
Hash 7cd1d851d2d14ee98624df3127c49bd5
80f6e1cf7ecc7d5ecf162ef8bbb4134e68c512a0
29b6f0e9ce7214c4b26bdc3fb4b7bd1a66b3d748821a5d44eae922cd0cd8435d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.0.7 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 18 Dec 2020 19:54:10 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 22958
content-type: text/css
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/themes/visarzo/assets/css/bootstrap.css?ver=1
185.229.21.103200 OK 26 kB URL HTTP/2 kenfieldpartners.com/wp-content/themes/visarzo/assets/css/bootstrap.css?ver=1
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type ASCII text, with very long lines (629)
Hash c7589d9052042eaf5d4871f9bfb5fd1d
ddb7b5857acc06da972903943c373ceee0fe5fb1
c1eccfa26c4f9e64c863b9bbc7665d2a729b404f1bdb0a07c405e39850a30c9c
GET /wp-content/themes/visarzo/assets/css/bootstrap.css?ver=1 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 31 Oct 2020 20:53:22 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 25892
content-type: text/css
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
push.services.mozilla.com/
44.238.3.246101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.238.3.246:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1aKyQJPepLFK8kekUvwqew==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: UK/X8HGoFBQxyYoBCZ0cOSJ6tCQ=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e6c3e0486533b0a2edffeca191cd7785
2d688b3c35b26c69e8490ed21ccb94dbbe5ddd27
0780ccc7e7101d6bbfb981fcfdc6e9642f49b4671e2109bde58362d5be33c5d8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 07:02:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kenfieldpartners.com/wp-content/uploads/2020/12/ch.png
185.229.21.103200 OK 329 B URL HTTP/2 kenfieldpartners.com/wp-content/uploads/2020/12/ch.png
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type PNG image data, 18 x 12, 8-bit/color RGB, non-interlaced\012- data
Hash bb2667899857781365a6e73220a071ee
2e1519f6b9c79982b1e95e2c62c91a5e38814ed9
569495c01ba8ff728d2044171e914f3c465b56058fd79bacedbd1e57da0ddba6
GET /wp-content/uploads/2020/12/ch.png HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Dec 2020 15:15:41 GMT
accept-ranges: bytes
content-length: 329
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
x-endurance-cache-level: 2
content-type: image/png
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/uploads/2020/12/en.png
185.229.21.103200 OK 600 B URL HTTP/2 kenfieldpartners.com/wp-content/uploads/2020/12/en.png
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type PNG image data, 18 x 12, 8-bit/color RGB, non-interlaced\012- data
Hash 2878f64a0217a154e531853f6a822c65
ac7a53e9f53b9de8a344c38222e217d50d559b83
3f47c75fa68e49b1cdca50c61e9cd6603b57c521e5e6809df59a4a15e291a4ef
GET /wp-content/uploads/2020/12/en.png HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Dec 2020 15:15:37 GMT
accept-ranges: bytes
content-length: 600
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
x-endurance-cache-level: 2
content-type: image/png
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/plugins/visarzo-core/assets/elementor/css/flaticon-style2.css?ver=5.7.8
185.229.21.103200 OK 851 B URL HTTP/2 kenfieldpartners.com/wp-content/plugins/visarzo-core/assets/elementor/css/flaticon-style2.css?ver=5.7.8
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
Hash cebb3770b8cdd77bd05ed51165b867be
b839a501918c00fc86b34b837a3de1b9441a97f9
0dab26f7236ee90f3110094f14fcee1241e2fcc178a694a9b6819b6bd1f9e162
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/visarzo-core/assets/elementor/css/flaticon-style2.css?ver=5.7.8 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 31 Oct 2020 20:56:37 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 851
content-type: text/css
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/themes/visarzo/assets/css/style-theme.css?ver=1666335732
185.229.21.103200 OK 3.1 kB URL HTTP/2 kenfieldpartners.com/wp-content/themes/visarzo/assets/css/style-theme.css?ver=1666335732
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
Hash c1fc57a6f67af8955bd7c32c5644f590
a7e47a1241d04d944c21b807eee8f1714b78814b
b20b31cedda210ae41234f38416c2332c5d08e04883a58eaf99f63d639433ec6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/visarzo/assets/css/style-theme.css?ver=1666335732 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 31 Oct 2020 20:53:22 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 3068
content-type: text/css
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
185.229.21.103200 OK 4.2 kB URL HTTP/2 kenfieldpartners.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type ASCII text, with very long lines (11126)
Hash 5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Nov 2020 14:36:06 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 4169
content-type: application/javascript
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
185.229.21.103200 OK 31 kB URL HTTP/2 kenfieldpartners.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type ASCII text, with very long lines (65451)
Hash b50f63138863c21ee4dd2fd747d0eaee
24e2e53e39b5980f3021ad881f477387610fbfb6
a3810469de465100b039f38a6e39a83c11a1de3b4259b3028b2b85338770100c
GET /wp-includes/js/jquery/jquery.min.js?ver=3.5.1 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 07 Oct 2020 22:03:26 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 30916
content-type: application/javascript
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/themes/visarzo/style.css?ver=1666335732
185.229.21.103200 OK 19 kB URL HTTP/2 kenfieldpartners.com/wp-content/themes/visarzo/style.css?ver=1666335732
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type ASCII text, with very long lines (326), with CRLF line terminators
Hash 848be249008b52ab6e3e340990de5324
4a74212ad279e1d321e198dffecce1f40099c548
dfb71ae033efcbaf50b8b51b3582965749390b120f602326f6a6e4b3a7cb320c
GET /wp-content/themes/visarzo/style.css?ver=1666335732 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 31 Oct 2020 20:53:22 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 18619
content-type: text/css
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/plugins/gtranslate/flags/24/zh-CN.png
185.229.21.103200 OK 793 B URL HTTP/2 kenfieldpartners.com/wp-content/plugins/gtranslate/flags/24/zh-CN.png
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 8ac0702e57d9c4d0f9265699372c00a5
6b15b2e03cb864441b87ba1645a0e11ab16ca4c5
a68398db898eac3c4e447f86a8a2c887ba067b840db31d36723987a0b0e98d99
GET /wp-content/plugins/gtranslate/flags/24/zh-CN.png HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 19 Apr 2021 08:27:01 GMT
accept-ranges: bytes
content-length: 793
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
x-endurance-cache-level: 2
content-type: image/png
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5157e8e6659ed4ef0f4fb4b282b91e27
adccc8d6238fb8333b77276a5da6f4d1cba41261
8b4ce113fbf7b697b4c04733a188d338672be3f46d4c68fefdd8be58ad3e171c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 07:02:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kenfieldpartners.com/wp-content/plugins/gtranslate/flags/24/ru.png
185.229.21.103200 OK 487 B URL HTTP/2 kenfieldpartners.com/wp-content/plugins/gtranslate/flags/24/ru.png
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 5ddf50d1327e2ecc28a980e93b9f538a
581fa9ecc609a1a07fca205b6c9751e8c28f1ebb
1bdc7040f02e999a17f291b59767d4101adefa2d89775272ac7c66f37c710fff
GET /wp-content/plugins/gtranslate/flags/24/ru.png HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 19 Apr 2021 08:27:01 GMT
accept-ranges: bytes
content-length: 487
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
x-endurance-cache-level: 2
content-type: image/png
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/uploads/2020/12/ru.png
185.229.21.103200 OK 241 B URL HTTP/2 kenfieldpartners.com/wp-content/uploads/2020/12/ru.png
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type PNG image data, 18 x 12, 8-bit/color RGB, non-interlaced\012- data
Hash 3e4733a9ecb758d58eec825cc227fee2
ded9f036f70fbb4253f8b3a08adab51de76e84fd
bc78f50b6e27078e91fe318c8ebdc52bac6cabbe5c298f471bc60292e126e1a5
GET /wp-content/uploads/2020/12/ru.png HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Dec 2020 15:15:33 GMT
accept-ranges: bytes
content-length: 241
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
x-endurance-cache-level: 2
content-type: image/png
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/plugins/gtranslate/flags/24/ar.png
185.229.21.103200 OK 1.5 kB URL HTTP/2 kenfieldpartners.com/wp-content/plugins/gtranslate/flags/24/ar.png
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 7fec8a94e0af73b8647803e1ff9887be
aca14e7523e0bff0a9399a0998b49387d636da9e
f093a618390e4ef10ee984262dd3334074536f565eb0ecf6cbd0939597073b3d
GET /wp-content/plugins/gtranslate/flags/24/ar.png HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 19 Apr 2021 08:27:01 GMT
accept-ranges: bytes
content-length: 1480
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
x-endurance-cache-level: 2
content-type: image/png
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/plugins/gtranslate/flags/24/en.png
185.229.21.103200 OK 1.8 kB URL HTTP/2 kenfieldpartners.com/wp-content/plugins/gtranslate/flags/24/en.png
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash ec7233b5c80e5db85f7733b2ec25203f
d4c36fff06dc7d920b10eb13b58ea9cd9321b430
347ee97a492f79675749d03533810ff899ee6a784b4e156f3e0a7613cdfb3d40
GET /wp-content/plugins/gtranslate/flags/24/en.png HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 19 Apr 2021 08:27:01 GMT
accept-ranges: bytes
content-length: 1767
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
x-endurance-cache-level: 2
content-type: image/png
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/uploads/2020/12/logo-07.png
185.229.21.103200 OK 2.3 kB URL HTTP/2 kenfieldpartners.com/wp-content/uploads/2020/12/logo-07.png
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type PNG image data, 181 x 54, 8-bit/color RGBA, non-interlaced\012- data
Hash 7ba650dd282ba0f0b6b3395a6c845e35
88ad0c94733508ab77721896615434d25397da5d
508ac648bed00cf3ca82181d829300d733a5ba699be9128ac37df0843d53317f
GET /wp-content/uploads/2020/12/logo-07.png HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 15 Dec 2020 11:09:20 GMT
accept-ranges: bytes
content-length: 2292
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
x-endurance-cache-level: 2
content-type: image/png
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/uploads/2020/12/logo-04.png
185.229.21.103200 OK 1.8 kB URL HTTP/2 kenfieldpartners.com/wp-content/uploads/2020/12/logo-04.png
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type PNG image data, 181 x 54, 8-bit/color RGBA, non-interlaced\012- data
Hash b9b2b7b518754f3d243eb3ee2d03d921
f80dbaf5eed9a79ac78827da1f4aac86c5bcca35
237c35ddefaa1646310da41d53eb2c1425069d0fb6bd43bc253cef7db6275f7b
GET /wp-content/uploads/2020/12/logo-04.png HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 15 Dec 2020 11:08:34 GMT
accept-ranges: bytes
content-length: 1804
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
x-endurance-cache-level: 2
content-type: image/png
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/uploads/2020/11/whatsapp.png
185.229.21.103200 OK 138 kB URL HTTP/2 kenfieldpartners.com/wp-content/uploads/2020/11/whatsapp.png
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type PNG image data, 1024 x 1024, 8-bit/color RGBA, non-interlaced\012- data
Size 138 kB (137730 bytes)
Hash 803ac2ba5e06ec26f0dfd9c77944beb0
910812957400f929f7e31c7e36a6885ebb0fe885
17bd71a9b1618738b56a6de51c86d6f40925d69ae2a50b56ed055a5745ae6bb1
GET /wp-content/uploads/2020/11/whatsapp.png HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 11:14:23 GMT
accept-ranges: bytes
content-length: 137730
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
x-endurance-cache-level: 2
content-type: image/png
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.8
185.229.21.103200 OK 4.7 kB URL HTTP/2 kenfieldpartners.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.8
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type ASCII text, with very long lines (11272)
Hash 9c26256ee738b510ab56c09607a7286f
197327c8d1cd72ce8d335fc0b8b007ddca60191d
cfe161d7b5764e21a1e8ea764f4a0c0da41f1aba16bb8329bd11acbc7a156e4b
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.7.8 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 06 Jan 2021 20:59:24 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 4662
content-type: application/javascript
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/uploads/2020/08/s300_rules_changes_960.jpg
185.229.21.103200 OK 13 kB URL HTTP/2 kenfieldpartners.com/wp-content/uploads/2020/08/s300_rules_changes_960.jpg
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 300x195, components 3\012- data
Hash 82cdb176b1dae59e05ce9265add06cda
7c43954f9e2f84aa6f54d3d57185aed506796e04
9d67d3ecae3898662d0c7a6ff9d2f299b42e2cdb696fefd7dacb4c7f877c4ff2
GET /wp-content/uploads/2020/08/s300_rules_changes_960.jpg HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 18 Mar 2021 17:53:36 GMT
accept-ranges: bytes
content-length: 13412
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
x-endurance-cache-level: 2
content-type: image/jpeg
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e6c3e0486533b0a2edffeca191cd7785
2d688b3c35b26c69e8490ed21ccb94dbbe5ddd27
0780ccc7e7101d6bbfb981fcfdc6e9642f49b4671e2109bde58362d5be33c5d8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 07:02:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kenfieldpartners.com/wp-content/uploads/2020/12/CANADA.png
185.229.21.103200 OK 152 kB URL HTTP/2 kenfieldpartners.com/wp-content/uploads/2020/12/CANADA.png
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type PNG image data, 360 x 240, 8-bit/color RGBA, non-interlaced\012- data
Size 152 kB (152522 bytes)
Hash c4de2531bf9c3c48d0233f3a5b1ecaf8
3e70aae9c4528cc985eb2e4ddf730cbc558dfa0d
eb01dde8d464d15d7358f6dd1ec18a5c932a335268bb4106ad88314d2b49c3c3
GET /wp-content/uploads/2020/12/CANADA.png HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 04 Dec 2020 13:47:25 GMT
accept-ranges: bytes
content-length: 152522
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
x-endurance-cache-level: 2
content-type: image/png
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/uploads/2020/12/TURKEY.png
185.229.21.103200 OK 161 kB URL HTTP/2 kenfieldpartners.com/wp-content/uploads/2020/12/TURKEY.png
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type PNG image data, 360 x 240, 8-bit/color RGBA, non-interlaced\012- data
Size 161 kB (160908 bytes)
Hash 300069431cc1968fe8f0e23349aba73f
8424b50688d71b8fcdb66b69f652f5ee52e3f5f1
d94eca70964346ec4c578670cec73a7357bd63de7eac2749541ad5e210d2d873
GET /wp-content/uploads/2020/12/TURKEY.png HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 04 Dec 2020 13:47:08 GMT
accept-ranges: bytes
content-length: 160908
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
x-endurance-cache-level: 2
content-type: image/png
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/uploads/2020/12/ISLE.png
185.229.21.103200 OK 178 kB URL HTTP/2 kenfieldpartners.com/wp-content/uploads/2020/12/ISLE.png
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type PNG image data, 360 x 240, 8-bit/color RGBA, non-interlaced\012- data
Size 178 kB (177932 bytes)
Hash 4fc6d51e62868e3543d7abd41fa9ee7a
cb66c839f2f4fda20787ab1f04795daaf6fd617d
6963cb99932ca3af12d7a938244bafe418b49338bd65548184262b6043ebe3e0
GET /wp-content/uploads/2020/12/ISLE.png HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 04 Dec 2020 13:46:54 GMT
accept-ranges: bytes
content-length: 177932
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
x-endurance-cache-level: 2
content-type: image/png
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/uploads/2020/12/IRELAND.png
185.229.21.103200 OK 195 kB URL HTTP/2 kenfieldpartners.com/wp-content/uploads/2020/12/IRELAND.png
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type PNG image data, 360 x 240, 8-bit/color RGBA, non-interlaced\012- data
Size 195 kB (195190 bytes)
Hash bfc60d2ca6fcd4a79d6cbe1b331f6b2c
8157c5056ef3ea1b70d3926a73b377025f5b28a8
924f083638e2b4f77bf72b98b76c558e936d79717c2471bdc86d90b10936b5ff
GET /wp-content/uploads/2020/12/IRELAND.png HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 04 Dec 2020 13:46:47 GMT
accept-ranges: bytes
content-length: 195190
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
x-endurance-cache-level: 2
content-type: image/png
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5157e8e6659ed4ef0f4fb4b282b91e27
adccc8d6238fb8333b77276a5da6f4d1cba41261
8b4ce113fbf7b697b4c04733a188d338672be3f46d4c68fefdd8be58ad3e171c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 07:02:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kenfieldpartners.com/wp-content/uploads/elementor/thumbs/AboutUsimage-final-ozwcyumpfmpk1zo9jxb4fq01q9u600sawpjhiyo9hc.png
185.229.21.103200 OK 773 kB URL HTTP/2 kenfieldpartners.com/wp-content/uploads/elementor/thumbs/AboutUsimage-final-ozwcyumpfmpk1zo9jxb4fq01q9u600sawpjhiyo9hc.png
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type PNG image data, 900 x 600, 8-bit/color RGBA, non-interlaced\012- data
Size 773 kB (773331 bytes)
Hash 1f4fe5ccb21087096a5236854ea417a9
0c8889ecd711a4848f5f1d2e367b78424b5a86b8
060e06feca4161b7644a7f3d4b2065e1d67987d8307ec217936e9dabc3ccea77
GET /wp-content/uploads/elementor/thumbs/AboutUsimage-final-ozwcyumpfmpk1zo9jxb4fq01q9u600sawpjhiyo9hc.png HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 15 Dec 2020 10:44:02 GMT
accept-ranges: bytes
content-length: 773331
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
x-endurance-cache-level: 2
content-type: image/png
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/uploads/elementor/css/post-1352.css?ver=1617562956
185.229.21.103200 OK 274 B URL HTTP/2 kenfieldpartners.com/wp-content/uploads/elementor/css/post-1352.css?ver=1617562956
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type ASCII text, with very long lines (1173), with no line terminators
Hash 58eae892187136f590fb1d6013238615
5c72b0ff32c95fdf4aab128f0b704906056c1308
f54ea4151584766eb34d686e616796cdd740226d6af6182b12eba3acb896cf25
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/post-1352.css?ver=1617562956 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 04 Apr 2021 19:02:36 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 274
content-type: text/css
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/plugins/visarzo-core//assets/elementor/js/elementor-custom.js?ver=1666335732
185.229.21.103200 OK 435 B URL HTTP/2 kenfieldpartners.com/wp-content/plugins/visarzo-core//assets/elementor/js/elementor-custom.js?ver=1666335732
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type ASCII text, with CRLF line terminators
Hash e49721a985a0ef5c65f9667cb28d1f8c
6034e69625d51e547e94c7fd8a85611cae34927f
d5745845190151fc326c8df32893f52536017cd9f303388a88678ef79facd5bb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/visarzo-core//assets/elementor/js/elementor-custom.js?ver=1666335732 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 31 Oct 2020 20:56:37 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 435
content-type: application/javascript
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-includes/js/dist/hooks.min.js?ver=d0188aa6c336f8bb426fe5318b7f5b72
185.229.21.103200 OK 2.3 kB URL HTTP/2 kenfieldpartners.com/wp-includes/js/dist/hooks.min.js?ver=d0188aa6c336f8bb426fe5318b7f5b72
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type ASCII text, with very long lines (6944)
Hash bd023995ed649be7acf8e55d5b77f6d2
297c15beb320661eb35d689e4729760273a37d77
09c9cf05f4866a211c9c2443785ccf50eb1bcd26dcae433f7338299483dba817
GET /wp-includes/js/dist/hooks.min.js?ver=d0188aa6c336f8bb426fe5318b7f5b72 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 09 Sep 2021 08:49:37 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 2325
content-type: application/javascript
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-includes/js/dist/i18n.min.js?ver=6ae7d829c963a7d8856558f3f9b32b43
185.229.21.103200 OK 3.9 kB URL HTTP/2 kenfieldpartners.com/wp-includes/js/dist/i18n.min.js?ver=6ae7d829c963a7d8856558f3f9b32b43
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
Hash e64375542d50a224ea5e52bd647265b4
7442b993677db923955cbe89e07d1165ea5e09c8
2b9afdf8ddef2a9a1956e8f6e5ec287b2f8a65a6fb9e8fbbdde306fbb891c25b
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/i18n.min.js?ver=6ae7d829c963a7d8856558f3f9b32b43 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 09 Sep 2021 08:49:37 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 3871
content-type: application/javascript
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/plugins/country-phone-field-contact-form-7/assets/js/countrySelect.min.js?ver=5.7.8
185.229.21.103200 OK 6.5 kB URL HTTP/2 kenfieldpartners.com/wp-content/plugins/country-phone-field-contact-form-7/assets/js/countrySelect.min.js?ver=5.7.8
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type Unicode text, UTF-8 text, with very long lines (16597), with no line terminators
Hash 559fcdab5b9eff3efb40bc88f6098b0f
655fc349024f238462d4626902fc0b105004708e
d7a83dfbe0d39491b9ae6ad1009049ecf1eef4372e4d33b5c9562b052dadde63
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/country-phone-field-contact-form-7/assets/js/countrySelect.min.js?ver=5.7.8 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 15 Mar 2021 16:48:53 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 6538
content-type: application/javascript
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4
185.229.21.103200 OK 3.2 kB URL HTTP/2 kenfieldpartners.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type HTML document, ASCII text, with very long lines (10946), with no line terminators
Hash 1b73c9d21ee49da3a50a9d5e802875b4
263aae7168071538eb0749f80e20bb9b4744e242
d628007c613ad544dbee34b48925303dd7d1dfcc1e43dfdbe18f1a1cad25f7d8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 15 Mar 2021 16:48:51 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 3238
content-type: application/javascript
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-includes/js/dist/api-fetch.min.js?ver=25cbf3644d200bdc5cab50e7966b5b03
185.229.21.103200 OK 3.5 kB URL HTTP/2 kenfieldpartners.com/wp-includes/js/dist/api-fetch.min.js?ver=25cbf3644d200bdc5cab50e7966b5b03
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type ASCII text, with very long lines (12330)
Hash 15f54be6a7718f5c2619eff737bc19da
643c7595e11fbad443282f099ca34015825eeb2b
2cb125ef0bb2807c03ff58e3ae4fb086accbd19f81dd412ab91bdee31f664ff5
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/api-fetch.min.js?ver=25cbf3644d200bdc5cab50e7966b5b03 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 09 Sep 2021 08:49:36 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 3465
content-type: application/javascript
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-includes/js/dist/url.min.js?ver=7c99a9585caad6f2f16c19ecd17a86cd
185.229.21.103200 OK 3.1 kB URL HTTP/2 kenfieldpartners.com/wp-includes/js/dist/url.min.js?ver=7c99a9585caad6f2f16c19ecd17a86cd
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type Unicode text, UTF-8 text, with very long lines (8720)
Hash c8bd1801002034143afbe6e5812cbf31
220852f208726b8392c50a94418896384549c64c
17f82fa8e2a595c6059c02af8be615ee27b3dd252b9b44feb0e58a13bc48e59d
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/url.min.js?ver=7c99a9585caad6f2f16c19ecd17a86cd HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 11 Mar 2022 08:50:57 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 3136
content-type: application/javascript
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/themes/visarzo/assets/js/wow.js?ver=1666335732
185.229.21.103200 OK 2.2 kB URL HTTP/2 kenfieldpartners.com/wp-content/themes/visarzo/assets/js/wow.js?ver=1666335732
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type ASCII text, with very long lines (6269), with CRLF line terminators
Hash 3a0ccdd875f4f4fec83bbbf33b827285
df6193535cfbc57c662a5a67cd88da66fa617347
04cf198b89e33c5bdecf1406e68085cb6d372b567a0653c551f37f4eff76df14
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/visarzo/assets/js/wow.js?ver=1666335732 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 31 Oct 2020 20:53:22 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 2212
content-type: application/javascript
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/themes/visarzo/assets/js/switcher.min.js?ver=1666335732
185.229.21.103200 OK 1.1 kB URL HTTP/2 kenfieldpartners.com/wp-content/themes/visarzo/assets/js/switcher.min.js?ver=1666335732
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type ASCII text, with very long lines (2765), with no line terminators
Hash ef73875778c9ce05a8024b7294ee5915
1e2e2de6f06f49f85912c080ed586a61d24a7546
fdc3ec386a44bd13a3bd6abf34aa8afa15896c446ce741e8370839049061d4e2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/visarzo/assets/js/switcher.min.js?ver=1666335732 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 31 Oct 2020 20:53:22 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 1138
content-type: application/javascript
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/themes/visarzo/assets/js/popper.min.js?ver=1666335732
185.229.21.103200 OK 7.2 kB URL HTTP/2 kenfieldpartners.com/wp-content/themes/visarzo/assets/js/popper.min.js?ver=1666335732
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type ASCII text, with very long lines (20322), with CRLF line terminators
Hash 0c0284e3bdd6a096995be38b0e2718a2
0a877ed145767a65433698a070b2bf32fe266eb5
594e6f45221598aa4d23c008e0a530dae32dcd4ddd94df1c19ee1d57ec28b253
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/visarzo/assets/js/popper.min.js?ver=1666335732 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 31 Oct 2020 20:53:22 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 7216
content-type: application/javascript
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/themes/visarzo/assets/js/appear.js?ver=1666335732
185.229.21.103200 OK 1.4 kB URL HTTP/2 kenfieldpartners.com/wp-content/themes/visarzo/assets/js/appear.js?ver=1666335732
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type ASCII text, with CRLF line terminators
Hash 6e579d2e7a40e9f29986859858306345
861bd2368d7c3af07957477dca1d7f3161b06cd6
df6e430238f062023873e9cdf6b2dffa7fb53bba0f25143d9cc5463dd069765d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/visarzo/assets/js/appear.js?ver=1666335732 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 31 Oct 2020 20:53:22 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 1368
content-type: application/javascript
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/plugins/country-phone-field-contact-form-7/assets/js/intlTelInput.min.js?ver=5.7.8
185.229.21.103200 OK 9.6 kB URL HTTP/2 kenfieldpartners.com/wp-content/plugins/country-phone-field-contact-form-7/assets/js/intlTelInput.min.js?ver=5.7.8
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type Unicode text, UTF-8 text, with very long lines (23026)
Hash 603fb75cb6420307fec01e632532154f
69d8a1960103ac8d77aaa46028ab350fd38cf5df
e513b608fd90b299a7e74b987e16abb91236b2ab4dc9590d478c72387f358fd8
GET /wp-content/plugins/country-phone-field-contact-form-7/assets/js/intlTelInput.min.js?ver=5.7.8 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 15 Mar 2021 16:48:53 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 9563
content-type: application/javascript
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/themes/visarzo/assets/js/nice-select.min.js?ver=1666335732
185.229.21.103200 OK 1.0 kB URL HTTP/2 kenfieldpartners.com/wp-content/themes/visarzo/assets/js/nice-select.min.js?ver=1666335732
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type Unicode text, UTF-8 text, with very long lines (2822)
Hash 45ae1605b17ed145576a973d6779e979
841a35142dceac20f894809ec068544413e03c30
80261cfa5544a8c0a6849419a0bc94e7b7bdd5625a046cde5b57691ff82346b1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/visarzo/assets/js/nice-select.min.js?ver=1666335732 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 31 Oct 2020 20:53:22 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 1036
content-type: application/javascript
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/plugins/international-telephone-input-for-contact-form-7/vendor/intl-tel-input/js/intlTelInput.min.js?ver=12.1.3
185.229.21.103200 OK 9.4 kB URL HTTP/2 kenfieldpartners.com/wp-content/plugins/international-telephone-input-for-contact-form-7/vendor/intl-tel-input/js/intlTelInput.min.js?ver=12.1.3
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type Unicode text, UTF-8 text, with very long lines (22485)
Hash 47f98a5057f450ff4f6900df5cb1fbad
f1fcbfdc873da298e55a35d9de553add53b15575
a1aa5395b39b5624462ad4f74d7713333dcf986ffdb1cf4162166c5dfa30baba
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/international-telephone-input-for-contact-form-7/vendor/intl-tel-input/js/intlTelInput.min.js?ver=12.1.3 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 29 Mar 2021 08:04:11 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 9393
content-type: application/javascript
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/themes/visarzo/assets/js/bootstrap.min.js?ver=1666335732
185.229.21.103200 OK 16 kB URL HTTP/2 kenfieldpartners.com/wp-content/themes/visarzo/assets/js/bootstrap.min.js?ver=1666335732
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type ASCII text, with very long lines (59729)
Hash 8dd1a705125c9e1619bb78ae98e37a3d
f1442caab1bfcca6deaca55535ce3047cc44cfba
bf7ea7d8754b96f620e0c652ae53143c13d6a17ef4b6546c485fefeefc3ed948
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/visarzo/assets/js/bootstrap.min.js?ver=1666335732 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 31 Oct 2020 20:53:22 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 15889
content-type: application/javascript
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/themes/visarzo/assets/js/scrollbar.js?ver=1666335732
185.229.21.103200 OK 12 kB URL HTTP/2 kenfieldpartners.com/wp-content/themes/visarzo/assets/js/scrollbar.js?ver=1666335732
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type ASCII text, with very long lines (32009)
Hash 4861b6371d67683db1bb757dc8d340bd
3aa95c4da5867ba914a67c56309e234d5f3ba072
6917930babb1083999817c2eb2b064c59cc9bd24cbf6bd518e52dc786bb2139c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/visarzo/assets/js/scrollbar.js?ver=1666335732 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 31 Oct 2020 20:53:22 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 12288
content-type: application/javascript
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a0738b138f262176b9a5984a8afe3127
513e61f1dd78a6c51077165a5e5391119b9d9228
04a69025a549be2708481584eb6a6a361c5541c0490d9c42ccba8161720e6075
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 07:02:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a0738b138f262176b9a5984a8afe3127
513e61f1dd78a6c51077165a5e5391119b9d9228
04a69025a549be2708481584eb6a6a361c5541c0490d9c42ccba8161720e6075
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 07:02:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kenfieldpartners.com/wp-content/themes/visarzo/assets/js/script.js?ver=1666335732
185.229.21.103200 OK 2.7 kB URL HTTP/2 kenfieldpartners.com/wp-content/themes/visarzo/assets/js/script.js?ver=1666335732
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type ASCII text, with CRLF line terminators
Hash 88f2fb466a8b69a609562430b8a6fe1f
f6d18b1c3596dc6bf066236bfa3c333a5e9db3f8
327b4887f42fc24dc9dc629f524178c5e93556bc24a69887b2177b9f7decfbc3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/visarzo/assets/js/script.js?ver=1666335732 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 31 Oct 2020 20:53:22 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 2713
content-type: application/javascript
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-includes/js/wp-embed.min.js?ver=5.7.8
185.229.21.103200 OK 765 B URL HTTP/2 kenfieldpartners.com/wp-includes/js/wp-embed.min.js?ver=5.7.8
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type ASCII text, with very long lines (1391)
Hash fe875afb236ee8f0d50040fe58d848d4
e6b1b67093b429c95d5b9db07a7eba39e02cf0e5
328a6a072b91134f2802ae25e070f38ff156ceee2c6ec6a6253ae4b27af73b49
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-embed.min.js?ver=5.7.8 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 06 Jan 2021 20:59:24 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 765
content-type: application/javascript
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/plugins/international-telephone-input-for-contact-form-7/assets/js/script.min.js?ver=1.4.0
185.229.21.103200 OK 494 B URL HTTP/2 kenfieldpartners.com/wp-content/plugins/international-telephone-input-for-contact-form-7/assets/js/script.min.js?ver=1.4.0
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type ASCII text, with very long lines (1177), with no line terminators
Hash 0f426f1cf80bf26371e96936f5019652
55e43e7494d80059935d03cde4e1e13a394c655a
f515f2fa7069b12582cc2903c481757f725b3c106d0112cefb11321f8e9b45e1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/international-telephone-input-for-contact-form-7/assets/js/script.min.js?ver=1.4.0 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 29 Mar 2021 08:04:11 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 494
content-type: application/javascript
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/themes/visarzo/assets/js/owl.js?ver=1666335732
185.229.21.103200 OK 18 kB URL HTTP/2 kenfieldpartners.com/wp-content/themes/visarzo/assets/js/owl.js?ver=1666335732
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type ASCII text, with very long lines (360)
Hash 1eff5842f7e8f5d920cf7afbd4441c5b
6efc83b5d44f4ac639aa4ac82e004cc324a81eb7
a58400cb5b16e997ac814824859d1e47b32ddcca7c1cec51a8c1d4905048cb35
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/visarzo/assets/js/owl.js?ver=1666335732 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 31 Oct 2020 20:53:22 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 18490
content-type: application/javascript
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-includes/js/dist/vendor/lodash.min.js?ver=4.17.21
185.229.21.103200 OK 26 kB URL HTTP/2 kenfieldpartners.com/wp-includes/js/dist/vendor/lodash.min.js?ver=4.17.21
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type ASCII text, with very long lines (4472)
Hash 60e3a26bdcfd72dbbd4a19026bd2fb50
6700af38aa692727b66d6b0c5bd64c8824ceb14a
75e85551d85741de3e80ebbf5c93d17c1c0105af398ac5e25da1e97fbc7af4ee
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/lodash.min.js?ver=4.17.21 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 11 Jul 2020 06:06:24 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 25763
content-type: application/javascript
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kenfieldpartners.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 19:34:08 GMT
expires: Thu, 19 Oct 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 127685
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/plugins/visarzo-core//assets/elementor/js/imigration.js?ver=1666335733
185.229.21.103200 OK 408 B URL HTTP/2 kenfieldpartners.com/wp-content/plugins/visarzo-core//assets/elementor/js/imigration.js?ver=1666335733
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
Hash ac499d06d7678a595ddc548fc4bea9f2
b463edf8b09efb6d52d323a9d7977fe829145703
3196157ffc7adda884b54184023f4a6d91605d0378fdfdb145495765f79c2c7c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/visarzo-core//assets/elementor/js/imigration.js?ver=1666335733 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 31 Oct 2020 20:56:37 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 408
content-type: application/javascript
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat:100
142.250.74.10200 OK 971 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat:100
IP 142.250.74.10:0
Hash aa00c83b4d53c15d03a93588e87bc7ae
427eacf340204fd2d30db84a394c33105a80844c
ddc9649c9d10ff9334dda73372d0823811f7e1c42e7359226545da68a17b949f
GET /css?family=Montserrat:100 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 21 Oct 2022 07:02:13 GMT
date: Fri, 21 Oct 2022 07:02:13 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
216.58.207.195200 OK 48 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 47952, version 1.0\012- data
Hash 17b406b7b8caa297435fa358e194f5a1
e2132f0e97781af56fa966c0fabb49132f2af203
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
GET /s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kenfieldpartners.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47952
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 17 Oct 2022 18:59:14 GMT
expires: Tue, 17 Oct 2023 18:59:14 GMT
cache-control: public, max-age=31536000
age: 302579
last-modified: Mon, 15 Aug 2022 18:22:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/plugins/visarzo-core//assets/elementor/js/training.js?ver=1666335733
185.229.21.103200 OK 507 B URL HTTP/2 kenfieldpartners.com/wp-content/plugins/visarzo-core//assets/elementor/js/training.js?ver=1666335733
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
Hash cce5eba5784f80a701260c5b6587a053
fa9c63da0f72aefff31b65207dbf94e3bb14c3f7
882f8b40da0640960412db368ead8d14cb8a020aea69892c9ed403b64bbfbb0d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/visarzo-core//assets/elementor/js/training.js?ver=1666335733 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 31 Oct 2020 20:56:37 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 507
content-type: application/javascript
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.gstatic.com/s/cabin/v26/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2
216.58.207.195200 OK 26 kB URL HTTP/2 fonts.gstatic.com/s/cabin/v26/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 26100, version 1.0\012- data
Hash 312bcfa92b0b0a09c3f404b2c662a0b6
5398ff9ee3c10bffc54e3a9f7e5e7506a822b38a
979caf94add5b00ec59d8abde43d200523745c2f4b105c2906f4d9dda4afaeec
GET /s/cabin/v26/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kenfieldpartners.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26100
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 18:23:05 GMT
expires: Thu, 19 Oct 2023 18:23:05 GMT
cache-control: public, max-age=31536000
age: 131948
last-modified: Fri, 24 Jun 2022 18:41:34 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kenfieldpartners.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 19:34:08 GMT
expires: Thu, 19 Oct 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 127685
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.1.4
185.229.21.103200 OK 2.0 kB URL HTTP/2 kenfieldpartners.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.1.4
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type ASCII text, with very long lines (4587)
Hash 996671074b467cafe82068523cb3d421
3d667b47e3fc521cd776c3c9601bda80911a3ef1
9399a0bf1866b5416abdfeecd69ba9603ad2d7dfb631916f6b1765bc0522ecfb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.1.4 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 15 Mar 2021 16:48:57 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 2016
content-type: application/javascript
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.gstatic.com/s/cabin/v26/u-4g0qWljRw-Pd815fNqc8T_wAFcX-c37OnuHXg.woff2
216.58.207.195200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/cabin/v26/u-4g0qWljRw-Pd815fNqc8T_wAFcX-c37OnuHXg.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 27584, version 1.0\012- data
Hash 4b1ccde40f50e18ba65d8dd6c37b9568
c3207ebc1f717a9312ffd980ff2167ca2e48019f
8fbad22272f358d3e1a9e09a50761bd38b44cd558e3316d562e33804f9536a54
GET /s/cabin/v26/u-4g0qWljRw-Pd815fNqc8T_wAFcX-c37OnuHXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kenfieldpartners.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27584
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 15 Oct 2022 01:42:49 GMT
expires: Sun, 15 Oct 2023 01:42:49 GMT
cache-control: public, max-age=31536000
age: 537564
last-modified: Fri, 24 Jun 2022 18:42:43 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
185.229.21.103200 OK 34 kB URL HTTP/2 kenfieldpartners.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type Unicode text, UTF-8 text, with very long lines (34729), with NEL line terminators
Hash b997c3b6fc35923443dd6dcc360e920e
aa470c21b5ae916b986a022e4bd7f42670d72381
d8a171bcb9c7360ecbb08248184892a5aca2c27ba83d62778e36f507c76cef29
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 29 Jun 2020 17:20:30 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 34241
content-type: application/javascript
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kenfieldpartners.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 14:07:32 GMT
expires: Thu, 19 Oct 2023 14:07:32 GMT
cache-control: public, max-age=31536000
age: 147282
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/themes/visarzo/assets/js/tweenmax.min.js?ver=1666335732
185.229.21.103200 OK 40 kB URL HTTP/2 kenfieldpartners.com/wp-content/themes/visarzo/assets/js/tweenmax.min.js?ver=1666335732
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type ASCII text, with very long lines (32043)
Hash 1d9aca623f46a9ef961cdc350d8c4e46
b8ac188d7c264009e56e44953e222e20ce862633
60a4f4751af6c5fc785b003238ec1e1f6de66594b73ce11ea14ac700c284869f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/visarzo/assets/js/tweenmax.min.js?ver=1666335732 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 31 Oct 2020 20:53:22 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 39642
content-type: application/javascript
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/themes/visarzo/assets/js/jquery.fancybox.js?ver=1666335732
185.229.21.103200 OK 36 kB URL HTTP/2 kenfieldpartners.com/wp-content/themes/visarzo/assets/js/jquery.fancybox.js?ver=1666335732
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
Hash 9e2a87167cc89ed588ffa6b2be99e454
a92e098e3b2857a864f2d20515f55751d4f98526
1c99dacd0b9d105fdcee237f4899d9cc2bfdea01bf8839c58dea625676b29aad
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/visarzo/assets/js/jquery.fancybox.js?ver=1666335732 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 31 Oct 2020 20:53:22 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 36180
content-type: application/javascript
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.7.8
142.250.74.10200 OK 5.2 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.7.8
IP 142.250.74.10:0
File type ASCII text, with very long lines (18670)
Hash 8c6bc7816064c4539c83a7810fcb17be
d2f80059f40a67f22c143fe876da153b38f34447
bc43d2af7b5d858aff51e1b0ef2575ead6dff840e464c1d856456a2f691fa530
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.7.8 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 21 Oct 2022 07:02:13 GMT
date: Fri, 21 Oct 2022 07:02:13 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
216.58.207.195200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 17032, version 1.0\012- data
Hash 05a47f9e469d408c629f931cd33ff8b2
823f21f7b1d456db889c3afea393f0d2b9581c38
6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38
GET /s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kenfieldpartners.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17032
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 19:51:08 GMT
expires: Thu, 19 Oct 2023 19:51:08 GMT
cache-control: public, max-age=31536000
age: 126666
last-modified: Wed, 11 May 2022 19:24:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-includes/js/wp-util.min.js?ver=5.7.8
185.229.21.103200 OK 589 B URL HTTP/2 kenfieldpartners.com/wp-includes/js/wp-util.min.js?ver=5.7.8
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type ASCII text, with very long lines (1042)
Hash 6cf861f0004fb0eec67ecf29af799c7d
67349791569360d3b957db5442620756cc4ae4b3
5131bec1dbf9e65e1da378e6414adc86d792f725acdcc3922ee3207876f5dd7c
GET /wp-includes/js/wp-util.min.js?ver=5.7.8 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 06 Jan 2021 20:59:24 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 589
content-type: application/javascript
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.195200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kenfieldpartners.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 20 Oct 2022 05:42:51 GMT
expires: Fri, 20 Oct 2023 05:42:51 GMT
cache-control: public, max-age=31536000
age: 91163
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-includes/js/underscore.min.js?ver=1.8.3
185.229.21.103200 OK 5.7 kB URL HTTP/2 kenfieldpartners.com/wp-includes/js/underscore.min.js?ver=1.8.3
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type ASCII text, with very long lines (16010)
Hash 5c9683ce4b5ae14e78aef6e91a2f772d
e8bb47e8c3fd3987413dd1ab355005ac04e69795
408cb00c398acae2090af546d72302f728ab7391436c08e69340e211370a7d07
GET /wp-includes/js/underscore.min.js?ver=1.8.3 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 09:06:34 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 5663
content-type: application/javascript
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/plugins/wpforms/assets/js/integrations/elementor/frontend.min.js?ver=1.6.3
185.229.21.103200 OK 363 B URL HTTP/2 kenfieldpartners.com/wp-content/plugins/wpforms/assets/js/integrations/elementor/frontend.min.js?ver=1.6.3
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type ASCII text, with very long lines (705), with no line terminators
Hash 88ff28909aa83d6595b3009b72347b10
f14fab24923c11167238035ef9adb3d0f3b572ca
b66707f37fb9b6904e5f595271d0a64854192876938dc86ea2dd8f261e776973
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wpforms/assets/js/integrations/elementor/frontend.min.js?ver=1.6.3 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 09 Nov 2020 19:25:09 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 363
content-type: application/javascript
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
185.229.21.103200 OK 6.9 kB URL HTTP/2 kenfieldpartners.com/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type ASCII text, with very long lines (7973)
Hash bf046c412ea0ddd6f255411f942f0397
5dca594e157deca4e9dc8f8654a898e00eec11f6
d1480dd16f60e007a3b43512042b80feeb92eee79dc2e955d296e9e9aec4b849
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.12.1 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 09:06:34 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 6865
content-type: application/javascript
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.8.1
185.229.21.103200 OK 3.5 kB URL HTTP/2 kenfieldpartners.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.8.1
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type ASCII text, with very long lines (10725)
Hash 7cfd02f91cb9e6033a4c4f712d90e6c7
b7da7a7aac93f699cb245b50b0c4449cad5036f2
397327e595ffa0aadde96cdac849edd1db5ef2f5a956f5e33876ce70f4d1ac26
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.8.1 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 15 Mar 2021 16:48:57 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 3510
content-type: application/javascript
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.0.7
185.229.21.103200 OK 1.9 kB URL HTTP/2 kenfieldpartners.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.0.7
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type ASCII text, with very long lines (6595), with no line terminators
Hash c8ebb5b680f4fa05c2502a56875e03f7
96542e309834bb6dfddaf3d1efce6d75ceff5e18
76a0021ccb778baeadd50f182e2c4055a36527e1fc70341f82136a2e60eeb442
GET /wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.0.7 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 18 Dec 2020 19:54:10 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 1895
content-type: application/javascript
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
185.229.21.103200 OK 3.0 kB URL HTTP/2 kenfieldpartners.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type ASCII text, with very long lines (12198), with no line terminators
Hash cfea3c51880820f2962a7773fbc864f9
45aa7ddc9b0c4201097d0df36791ab346470b734
12296ac9ef200103f8eea198a2bcd92692119dacece39538499758a0349035fb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 15 Mar 2021 16:48:58 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 2993
content-type: application/javascript
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.1.4
185.229.21.103200 OK 1.1 kB URL HTTP/2 kenfieldpartners.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.1.4
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type ASCII text, with very long lines (2577)
Hash 71a6972e79bfdcc72ffc068e6e845a23
0e37b7f3c6252f6701998fa0e2e1b555b4804a97
dc7dbf2f94f1c49a262b4be428f54349805cfa2841806bc8d691fda13b82e90f
GET /wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.1.4 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 15 Mar 2021 16:48:58 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 1099
content-type: application/javascript
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/uploads/pum/pum-site-scripts.js?defer&generated=1617121682&ver=1.16.1
185.229.21.103200 OK 17 kB URL HTTP/2 kenfieldpartners.com/wp-content/uploads/pum/pum-site-scripts.js?defer&generated=1617121682&ver=1.16.1
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type Unicode text, UTF-8 text, with very long lines (65398)
Hash ec50e32e1732870467882c39b97ed722
1f35fe9bfb45be99b52fb83f29dc11020c93ea77
de96a39a67c038dd9b057bcbefd1c2754a25b13c444b05fdc29e24dac7e956de
GET /wp-content/uploads/pum/pum-site-scripts.js?defer&generated=1617121682&ver=1.16.1 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 30 Mar 2021 16:28:02 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 17292
content-type: application/javascript
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/plugins/elementor/assets/js/preloaded-elements-handlers.min.js?ver=3.1.4
185.229.21.103200 OK 12 kB URL HTTP/2 kenfieldpartners.com/wp-content/plugins/elementor/assets/js/preloaded-elements-handlers.min.js?ver=3.1.4
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type ASCII text, with very long lines (37990)
Hash e2db3e06393d906f3ba122cebf66d32f
a61270416b66e1c5956de8e85e7b2f66495efdb2
7b11ff48cb90654e90d9a983dc309a6cef5e0084963e73795770cbb0248258f3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/preloaded-elements-handlers.min.js?ver=3.1.4 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 15 Mar 2021 16:48:57 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 11704
content-type: application/javascript
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.1.4
185.229.21.103200 OK 22 kB URL HTTP/2 kenfieldpartners.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.1.4
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type Unicode text, UTF-8 text, with very long lines (43289), with LF, NEL line terminators
Hash de4b36220677ff0116e064d487cf3962
07410a35db5a99057bfd6288f02aee4bb73effaa
343627dc6bef1a456c762abaa5214b4699e9a6a4940b4a8d5f0fdbba8fde8bd2
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.1.4 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 15 Mar 2021 16:48:57 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 21732
content-type: application/javascript
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.1.4
185.229.21.103200 OK 23 kB URL HTTP/2 kenfieldpartners.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.1.4
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type ASCII text, with very long lines (65497)
Hash b92f78f24efd6749f34d4d68f5ed7a9f
77b07ce5019ea98079b3d93d9fb1e166322ad289
f196f9dff6b453f1e2a987f64d525d0063ebde3ac1907bb710f1339a217ba640
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.1.4 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 15 Mar 2021 16:48:57 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 23430
content-type: application/javascript
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a0738b138f262176b9a5984a8afe3127
513e61f1dd78a6c51077165a5e5391119b9d9228
04a69025a549be2708481584eb6a6a361c5541c0490d9c42ccba8161720e6075
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 07:02:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kenfieldpartners.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
185.229.21.103200 OK 36 kB URL HTTP/2 kenfieldpartners.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type ASCII text, with very long lines (65280)
Hash f2f239cb6e82311cd197aa5888632811
e2376a981fa3bf8e7e36e86b979f3a3ea6443d29
c4ceac2088d1b38f5263c50bdfb2e54ed643186248b3a81c5850214b55336e4d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 15 Mar 2021 16:48:58 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 35491
content-type: application/javascript
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.0.7
185.229.21.103200 OK 42 kB URL HTTP/2 kenfieldpartners.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.0.7
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type Unicode text, UTF-8 text, with very long lines (39674), with LF, NEL line terminators
Hash 740732cd9fb70dd6c6d17341e56bb6b2
18c831d52e2dfc67b7c74640cedaf7857e31cf46
f50ee119d393ee31376cfaa5967ba63408fa7d159e5c62b8908f9e765df7fd8f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.0.7 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 18 Dec 2020 19:54:10 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 41636
content-type: application/javascript
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/plugins/visarzo-core/assets/elementor/css/fonts/Flaticon.woff2
185.229.21.103200 OK 14 kB URL HTTP/2 kenfieldpartners.com/wp-content/plugins/visarzo-core/assets/elementor/css/fonts/Flaticon.woff2
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type Web Open Font Format (Version 2), TrueType, length 13936, version 1.0\012- data
Hash 099f1f7b4d07f2eb676fd920a7543e8f
78f751f68d4bf3244491db255d30454fe04bfa7d
49462f648cc0c8c6126e2c015d86f7305350156e9ef1cecaf0b7682fffdd712c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/visarzo-core/assets/elementor/css/fonts/Flaticon.woff2 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://kenfieldpartners.com/wp-content/plugins/visarzo-core/assets/elementor/css/flaticon-style2.css?ver=5.7.8
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 31 Oct 2020 20:56:37 GMT
accept-ranges: bytes
content-length: 13936
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
x-endurance-cache-level: 2
content-type: font/woff2
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
185.229.21.103200 OK 80 kB URL HTTP/2 kenfieldpartners.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type Web Open Font Format (Version 2), TrueType, length 80300, version 331.-31392\012- data
Hash 8e1ed89b6ccb8ce41faf5cb672677105
9b592048b9062b00f0b2dd782d70a95b7dc69b83
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://kenfieldpartners.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 15 Mar 2021 16:48:58 GMT
accept-ranges: bytes
content-length: 80300
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
x-endurance-cache-level: 2
content-type: font/woff2
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/themes/visarzo/assets/fonts/fa-brands-400.woff2
185.229.21.103200 OK 68 kB URL HTTP/2 kenfieldpartners.com/wp-content/themes/visarzo/assets/fonts/fa-brands-400.woff2
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type Web Open Font Format (Version 2), TrueType, length 68240, version 1.0\012- data
Hash 921f1150167369cf4c400135a4905728
9b0c2c518f8b97b3ff7cea34c565fd4e70bb7640
8386356e1d512f570aac1b4883b928fe4bfd649c1d54a4d0f618357359cd3b74
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/visarzo/assets/fonts/fa-brands-400.woff2 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://kenfieldpartners.com/wp-content/themes/visarzo/assets/css/font-awesome-all.css?ver=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 31 Oct 2020 20:53:22 GMT
accept-ranges: bytes
content-length: 68240
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
x-endurance-cache-level: 2
content-type: font/woff2
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/uploads/2020/12/UK.png
185.229.21.103200 OK 45 kB URL HTTP/2 kenfieldpartners.com/wp-content/uploads/2020/12/UK.png
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type PNG image data, 1920 x 811, 8-bit/color RGB, non-interlaced\012- data
Hash 50ff809d92f5df53dd29f5099cf1a3c8
6e8f57a82070dbf56ad860bcf8a3d565c3670bd5
9438c762ed81dfafc04c07dfb6643ac6681ff3db9be1d7867818a66659ce0a97
GET /wp-content/uploads/2020/12/UK.png HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 04 Dec 2020 13:47:19 GMT
accept-ranges: bytes
content-length: 183637
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
x-endurance-cache-level: 2
content-type: image/png
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/uploads/2020/07/pattern-4.png
185.229.21.103200 OK 125 kB URL HTTP/2 kenfieldpartners.com/wp-content/uploads/2020/07/pattern-4.png
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type PNG image data, 1920 x 734, 8-bit/color RGB, non-interlaced\012- data
Size 125 kB (124682 bytes)
Hash 9d4c148d40625a666427f1f88388e253
4d9b5bb9573e81071129d2d6e7cfd47cab03ae77
c2fc180b53039c22e6645bb0227548c5f1649771de46a3db6c9fc5be0dcc926f
GET /wp-content/uploads/2020/07/pattern-4.png HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 31 Oct 2020 21:00:35 GMT
accept-ranges: bytes
content-length: 124682
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
x-endurance-cache-level: 2
content-type: image/png
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/uploads/2020/12/WhatsApp-Image-2020-12-17-at-11.10.07-PM.jpeg
185.229.21.103200 OK 140 kB URL HTTP/2 kenfieldpartners.com/wp-content/uploads/2020/12/WhatsApp-Image-2020-12-17-at-11.10.07-PM.jpeg
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 757x499, components 3\012- data
Size 140 kB (140139 bytes)
Hash 61c0d71795de12c142c0a4cfcde5f31f
91052de246a17f7d2d2172b83478f7384df7cb65
3a053a33fb8450f22166d17ab8f89eab58216a09c45d9b6d215fd6f86fc0209e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2020/12/WhatsApp-Image-2020-12-17-at-11.10.07-PM.jpeg HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Dec 2020 19:02:05 GMT
accept-ranges: bytes
content-length: 140139
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:14 GMT
x-endurance-cache-level: 2
content-type: image/jpeg
date: Fri, 21 Oct 2022 07:02:14 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3ba8661d0dde97c6205d6b58f0c3a13f
1abffcefb1bbc25240bb03e58f660f2f367273bc
48bb57c92f2e3facfb062fcdac1b5f05c3f319b37a259e7e306bd4708fa7b3fe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 07:02:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4c99c8ad893a65ff0640eee3bb866e6d
5ba99666564d7eea377c58563880efcf77e934e9
0384bddebb453c4226993cf06042a592f9c79bd239941045fd02d10a28c3565c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0384BDDEBB453C4226993CF06042A592F9C79BD239941045FD02D10A28C3565C"
Last-Modified: Thu, 20 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21526
Expires: Fri, 21 Oct 2022 13:01:00 GMT
Date: Fri, 21 Oct 2022 07:02:14 GMT
Connection: keep-alive
kenfieldpartners.com/wp-content/uploads/2020/11/3.jpg
185.229.21.103200 OK 108 kB URL HTTP/2 kenfieldpartners.com/wp-content/uploads/2020/11/3.jpg
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1600x700, components 3\012- data
Size 108 kB (108390 bytes)
Hash 53da94caa337248993fcc7d36ff50434
f8c0052183ed353ef7992f9394b1d044312b2ef4
5e87ecd751cbcf340e411f614f970e460bac2447442dac094021491262acb112
GET /wp-content/uploads/2020/11/3.jpg HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 23 Nov 2020 14:29:49 GMT
accept-ranges: bytes
content-length: 108390
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:14 GMT
x-endurance-cache-level: 2
content-type: image/jpeg
date: Fri, 21 Oct 2022 07:02:14 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/uploads/2020/11/2.jpg
185.229.21.103200 OK 204 kB URL HTTP/2 kenfieldpartners.com/wp-content/uploads/2020/11/2.jpg
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1600x700, components 3\012- data
Size 204 kB (204396 bytes)
Hash b51ae3a0c95da964cdc98bae6958b2ca
633c8b96646f631c3f80e2c2c198d2e902f5b9f3
dd4c2a2e8fa37accfc7ac509340ea5835378d2cd5bb87e9ed4daa5a452ed694a
GET /wp-content/uploads/2020/11/2.jpg HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 23 Nov 2020 14:29:47 GMT
accept-ranges: bytes
content-length: 204396
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:14 GMT
x-endurance-cache-level: 2
content-type: image/jpeg
date: Fri, 21 Oct 2022 07:02:14 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/uploads/2020/11/1517847334.jpg
185.229.21.103200 OK 379 kB URL HTTP/2 kenfieldpartners.com/wp-content/uploads/2020/11/1517847334.jpg
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1860x954, components 3\012- data
Size 379 kB (379300 bytes)
Hash 83f49c142c8ccc673b12779cf545b962
51a50a926bd35edd6024cbc33e6cf8507136c057
1ae772003455d7f263780124dc2dca3b7cf4110b71e3bc49191e31744f06caca
GET /wp-content/uploads/2020/11/1517847334.jpg HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 23 Nov 2020 14:30:02 GMT
accept-ranges: bytes
content-length: 379300
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:14 GMT
x-endurance-cache-level: 2
content-type: image/jpeg
date: Fri, 21 Oct 2022 07:02:14 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/uploads/2020/11/K3-1-scaled.jpg
185.229.21.103200 OK 662 kB URL HTTP/2 kenfieldpartners.com/wp-content/uploads/2020/11/K3-1-scaled.jpg
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 2560x1707, components 3\012- data
Size 662 kB (661481 bytes)
Hash f55ebb96cdd0f586fa78bb79c1a52e24
e2f85fd83a381d215e299b93a34435611db9310b
f3bfcaebe15afacae5c36132fb3369b267e73083da068d9e8320f3ac9855b9dc
GET /wp-content/uploads/2020/11/K3-1-scaled.jpg HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 23 Nov 2020 16:18:20 GMT
accept-ranges: bytes
content-length: 661481
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:14 GMT
x-endurance-cache-level: 2
content-type: image/jpeg
date: Fri, 21 Oct 2022 07:02:14 GMT
server: Apache
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/uploads/2020/11/K1-3-scaled.jpg
185.229.21.103200 OK 1.0 MB URL HTTP/2 kenfieldpartners.com/wp-content/uploads/2020/11/K1-3-scaled.jpg
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 2560x1707, components 3\012- data
Size 1.0 MB (1006908 bytes)
Hash 1afa50e7795ca1f66e66eaec1178f777
12b317a8e376b31c533b834cf30197a18bae1a41
c874572ebcea83d617d1ca05c121a16ddb5c0f22274a6b800e7414960d673b6a
GET /wp-content/uploads/2020/11/K1-3-scaled.jpg HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 23 Nov 2020 16:23:24 GMT
accept-ranges: bytes
content-length: 1006908
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:14 GMT
x-endurance-cache-level: 2
content-type: image/jpeg
date: Fri, 21 Oct 2022 07:02:14 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 56aa4d33e288d7ec3acf3ac1a61ef7f9
ac2e2f3609cc604dde554e37471567c042bf8191
544823f794ac3e837c81449d896a9dcbe94f4d59a13e293d84b5af44531141d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "544823F794AC3E837C81449D896A9DCBE94F4D59A13E293D84B5AF44531141D0"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2618
Expires: Fri, 21 Oct 2022 07:45:52 GMT
Date: Fri, 21 Oct 2022 07:02:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 56aa4d33e288d7ec3acf3ac1a61ef7f9
ac2e2f3609cc604dde554e37471567c042bf8191
544823f794ac3e837c81449d896a9dcbe94f4d59a13e293d84b5af44531141d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "544823F794AC3E837C81449D896A9DCBE94F4D59A13E293D84B5AF44531141D0"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2618
Expires: Fri, 21 Oct 2022 07:45:52 GMT
Date: Fri, 21 Oct 2022 07:02:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 56aa4d33e288d7ec3acf3ac1a61ef7f9
ac2e2f3609cc604dde554e37471567c042bf8191
544823f794ac3e837c81449d896a9dcbe94f4d59a13e293d84b5af44531141d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "544823F794AC3E837C81449D896A9DCBE94F4D59A13E293D84B5AF44531141D0"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2618
Expires: Fri, 21 Oct 2022 07:45:52 GMT
Date: Fri, 21 Oct 2022 07:02:14 GMT
Connection: keep-alive
kenfieldpartners.com/wp-content/uploads/2020/11/7.jpg
185.229.21.103200 OK 503 B URL HTTP/2 kenfieldpartners.com/wp-content/uploads/2020/11/7.jpg
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
Hash 56aa4d33e288d7ec3acf3ac1a61ef7f9
ac2e2f3609cc604dde554e37471567c042bf8191
544823f794ac3e837c81449d896a9dcbe94f4d59a13e293d84b5af44531141d0
GET /wp-content/uploads/2020/11/7.jpg HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 23 Nov 2020 14:29:56 GMT
accept-ranges: bytes
content-length: 121878
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:14 GMT
x-endurance-cache-level: 2
content-type: image/jpeg
date: Fri, 21 Oct 2022 07:02:14 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 56aa4d33e288d7ec3acf3ac1a61ef7f9
ac2e2f3609cc604dde554e37471567c042bf8191
544823f794ac3e837c81449d896a9dcbe94f4d59a13e293d84b5af44531141d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "544823F794AC3E837C81449D896A9DCBE94F4D59A13E293D84B5AF44531141D0"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2618
Expires: Fri, 21 Oct 2022 07:45:52 GMT
Date: Fri, 21 Oct 2022 07:02:14 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bade1dd-24b1-4bae-9ace-a120c6729946.jpeg
34.120.237.76200 OK 2.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bade1dd-24b1-4bae-9ace-a120c6729946.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 76fdbaaa2ef28349492bdf0e44fa1208
6769eeb6762a3dd7dacf6a054fedf043acb463df
8c8b2db96e764f97aa91bd800b2a6f7bf6c9d96a9dd67f919f27b53074e339e2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bade1dd-24b1-4bae-9ace-a120c6729946.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2305
x-amzn-requestid: d44cceea-ab77-400f-a7a6-ed80b9873106
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aE95TG2YoAMFiiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b76a1-57ed4d9437044cc1665e535b;Sampled=0
x-amzn-remapped-date: Sun, 16 Oct 2022 03:12:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: AsSDzjeB5RvDY9ZCxMe-b1bTQiQI6r2yB-PPBo9Qap4hWMINj4wmSA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Thu, 20 Oct 2022 09:23:09 GMT
age: 77945
etag: "6769eeb6762a3dd7dacf6a054fedf043acb463df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97a147f-f3d0-45e2-ab3e-cd90d0626589.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97a147f-f3d0-45e2-ab3e-cd90d0626589.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1c6ab9a31e082a0c0eaab2a0f526495a
c30e9954dcef66d4f14ac8618ebf2a1da0b3e12a
ca3a602c8af7b3e87957e54910663ea2bb72d008e14719af0f9fd7bd1a949f3e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97a147f-f3d0-45e2-ab3e-cd90d0626589.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6551
x-amzn-requestid: 4deffe4d-e687-436e-938c-f8128bb84376
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zql_MG5QoAMFahg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6340e9fa-66d4e2210fda5a80155f2466;Sampled=0
x-amzn-remapped-date: Sat, 08 Oct 2022 03:09:46 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: tUzBA20lqAqZvWHt_SJ2nSXqp1suoKPRgxDN99w33CdoKY0vPspg0A==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Thu, 20 Oct 2022 07:21:47 GMT
age: 85227
etag: "c30e9954dcef66d4f14ac8618ebf2a1da0b3e12a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0e33502-97b5-4327-985f-813c8107dbb8.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0e33502-97b5-4327-985f-813c8107dbb8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b772335d96ac97ec5b28623955fb026d
7a19bf011359ad768b05dd79cec66787d2dc59fd
c13e7384880ec6fe431f3627eb61529c7fdb934cf0b021b4586ff2dc1c2e1244
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0e33502-97b5-4327-985f-813c8107dbb8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4786
x-amzn-requestid: 263fe384-2385-48c4-b250-1708a3cdd710
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aUsKKFOYoAMF92Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6351c0a7-46dfbb85286685373b0b5e77;Sampled=0
x-amzn-remapped-date: Thu, 20 Oct 2022 21:41:59 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 7dvOHC_VGsnv75l5gV7ewKgRDgsXbO1XpnV3m8qf21TQaXsnNzvIeQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 20 Oct 2022 21:52:52 GMT
age: 32962
etag: "7a19bf011359ad768b05dd79cec66787d2dc59fd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66bcc767-1c09-4b79-aee1-3917407a2700.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66bcc767-1c09-4b79-aee1-3917407a2700.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d369f8641d3489521afd62e112136f5b
088a3290733195efeb1d79dcc995c22b603bece0
b18601499cbb7bbcc1eaa464cec12c0287f8fab52a89e97973bd78fcb26ea918
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66bcc767-1c09-4b79-aee1-3917407a2700.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9195
x-amzn-requestid: e40418b8-2272-44a3-83d6-9465798793ad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aUsKLEk4oAMFsSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6351c0a7-34994aca1e13dcab306bf1a4;Sampled=0
x-amzn-remapped-date: Thu, 20 Oct 2022 21:41:59 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ID2imzYYOzIjJNsz9xeprVEYldmsiabjTmoqORoIseqQRMzW7W3qJA==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 20 Oct 2022 21:52:46 GMT
age: 32968
etag: "088a3290733195efeb1d79dcc995c22b603bece0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F805d0def-ef24-430d-863a-03ece27a794b.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F805d0def-ef24-430d-863a-03ece27a794b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 007fdbdba95c9016fb61e4b024ea0af5
edc05293c9801a5bcf95b83af32b95bb01438015
9fcd7213a66462fc9ad5d42365066b4dc5ff3b21c55350131cfc6771a51c9988
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F805d0def-ef24-430d-863a-03ece27a794b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12415
x-amzn-requestid: 52f3bcfa-c0c3-43c4-bfeb-31b2dfecd9f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aB6gUG6xoAMFexw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634a3e01-3a5bd5e7303c67ae5c47f73d;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 04:58:41 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5Z6W7ohSh26RdI4JbCGiMQObDCt8LCCdFpjV2nqVXJPanrVqZsMHWA==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 20 Oct 2022 23:02:23 GMT
age: 28791
etag: "edc05293c9801a5bcf95b83af32b95bb01438015"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98b8db42-7c94-466e-b74a-050e96c7ba27.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98b8db42-7c94-466e-b74a-050e96c7ba27.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 65594d1dc13761dcc4674f03b629141f
440b895d33ade533ab57689cccfc533871958559
76eb16523cde78e0a7bc34e2a2d2a073b4569cd4b9ee5c28213497b1ea2893d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98b8db42-7c94-466e-b74a-050e96c7ba27.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5029
x-amzn-requestid: 63037ba8-bfa6-4087-9486-d583348d79bd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aVCNwGl1IAMFuvw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6351e3f1-4fa2d43240e5f45624553bd3;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 00:12:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: VChWOK-Odah11FGz0dg4VaKPBMTy_KIIilS9YYVMZaMLOdCJPZjr-A==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 00:34:47 GMT
etag: "440b895d33ade533ab57689cccfc533871958559"
content-type: image/jpeg
age: 23247
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
extreme-ip-lookup.com/json?callback=jQuery35106032558603670838_1666335745792&_=1666335745793
109.236.91.3200 OK 476 B URL HTTP/2 extreme-ip-lookup.com/json?callback=jQuery35106032558603670838_1666335745792&_=1666335745793
IP 109.236.91.3:0
ASN #49981 WorldStream B.V.
Hash 96323ba83a8c44521e43276133b1672e
23733ef5066b4771a6db1ea3b4965a51223efc1f
af045220f4b32e7189b2990bffb6551d0cdaa21f26e00119352cd074a8b4babc
GET /json?callback=jQuery35106032558603670838_1666335745792&_=1666335745793 HTTP/1.1
Host: extreme-ip-lookup.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 21 Oct 2022 07:02:14 GMT
content-type: text/javascript; charset=utf-8;
content-length: 476
access-control-allow-origin: *
access-control-allow-headers: *
cache-control: max-age=3600
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/uploads/2020/08/favicon.ico
185.229.21.103200 OK 3.4 kB URL HTTP/2 kenfieldpartners.com/wp-content/uploads/2020/08/favicon.ico
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash 543f719f61aafff37fa8fb19c77d04ce
202bc49cb7c857c6f94d4eea1fe0b7fe2ad2c7a4
2f34a1dc1932abd1a3cc15d47bef8abf5f973f3774aa4288db185d3e9f5c43f0
GET /wp-content/uploads/2020/08/favicon.ico HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 31 Oct 2020 21:01:30 GMT
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sat, 21 Oct 2023 07:02:15 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 3356
content-type: image/x-icon
date: Fri, 21 Oct 2022 07:02:15 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash b5a9503d35032fa97653c1537f2415a2
c6c002576a61d7a5278156dccca7e3f96f9e3a00
b069b099580191b5933988b214980dc74c5956bf504ad378cfacbb848a4db4fc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5193
Cache-Control: max-age=111661
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 07:02:15 GMT
Etag: "635140db-116"
Expires: Sat, 22 Oct 2022 14:03:16 GMT
Last-Modified: Thu, 20 Oct 2022 12:36:43 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 278
freegeoip.live/json/?callback=jQuery35106032558603670838_1666335745792&_=1666335745794
104.21.79.47200 OK 463 B URL HTTP/2 freegeoip.live/json/?callback=jQuery35106032558603670838_1666335745792&_=1666335745794
IP 104.21.79.47:0
File type ASCII text, with no line terminators
Hash 341731edf70b3b3abdc8b47b7154cd80
0ee213290e8112a834f2f8dfe9cf3555f2924545
f6ea9fce939855745475cb96f35c26d8198a106678be77df04ba49a9c5164f78
GET /json/?callback=jQuery35106032558603670838_1666335745792&_=1666335745794 HTTP/1.1
Host: freegeoip.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 21 Oct 2022 07:02:15 GMT
content-type: application/javascript
vary: Origin
x-database-date: Sat, 29 May 2021 16:09:07 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XlGlJfmn8R%2BdQbBFvOCfT0ro4bW3Oist3dmk8DA8nPw9QcJJII6VLHS%2FJ2TqOGTy4ZI7R1FBSJf%2FjOCY3tB4QLU4GF175QncBvxNdjLiezIWdvUWfQh3O%2FWKLK1croKb2A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75d82069d8250b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
turnonflashlight.net/Kin/wp-content/uploads/2020/07/pattern-3.png
192.254.191.167404 Not Found 5.7 kB URL HTTP/2 turnonflashlight.net/Kin/wp-content/uploads/2020/07/pattern-3.png
IP 192.254.191.167:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1827)
Hash 1c35afdec77bab016b3c5858e762fe43
8826561bac8591464a374395f3453acddd2a8706
b8db84a222b8bf149b8de407d1648d7068458b630d1dd9dde89fe57033330107
GET /Kin/wp-content/uploads/2020/07/pattern-3.png HTTP/1.1
Host: turnonflashlight.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://turnonflashlight.net/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
content-length: 5661
content-type: text/html; charset=UTF-8
date: Fri, 21 Oct 2022 07:02:14 GMT
server: Apache
X-Firefox-Spdy: h2
www.gstatic.com/images/branding/product/1x/translate_24dp.png
142.250.74.163200 OK 846 B URL HTTP/2 www.gstatic.com/images/branding/product/1x/translate_24dp.png
IP 142.250.74.163:0
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash e9cd262114358f26b7608b56905185dc
6dbde0a96deaab2b529723ce26c62043cf9180ab
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
GET /images/branding/product/1x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 846
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 21 Oct 2022 06:44:29 GMT
expires: Sat, 21 Oct 2023 06:44:29 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 1066
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/images/branding/product/2x/translate_24dp.png
142.250.74.163200 OK 1.8 kB URL HTTP/2 www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP 142.250.74.163:0
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://translate.googleapis.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 21 Oct 2022 05:51:21 GMT
expires: Sat, 21 Oct 2023 05:51:21 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 4254
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
142.250.74.163200 OK 910 B URL HTTP/2 www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
IP 142.250.74.163:0
File type PNG image data, 42 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash efa6bb2bfe459bc6f4bdafa3db0383f6
52d15ce52fe50643e542c17812de43f4ed1b6ee0
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
GET /images/branding/googlelogo/1x/googlelogo_color_42x16dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 910
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 18:29:56 GMT
expires: Thu, 19 Oct 2023 18:29:56 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: image/png
age: 131539
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/plugins/international-telephone-input-for-contact-form-7/vendor/intl-tel-input/js/utils.js
185.229.21.103200 OK 51 kB URL HTTP/2 kenfieldpartners.com/wp-content/plugins/international-telephone-input-for-contact-form-7/vendor/intl-tel-input/js/utils.js
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
File type ASCII text, with very long lines (1679)
Hash 731b03c7085f2c9cea5e3bc315e473fb
41554d6c9480bafbb343970e7e46cacbd3e95fc3
9aac896f8abf382adf2c64ac0759a4c79379e6b8bb02ac61d15833df63b203a9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/international-telephone-input-for-contact-form-7/vendor/intl-tel-input/js/utils.js HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 29 Mar 2021 08:04:11 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:15 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 51282
content-type: application/javascript
date: Fri, 21 Oct 2022 07:02:15 GMT
server: Apache
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb458662c-d437-4d78-9218-021bf453a379.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb458662c-d437-4d78-9218-021bf453a379.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b3407289d0d5a3cc4bff8493349bd141
14ea4bc4b8a8600e8e3f31a7684636a335db1dc1
c0406f8d037045bbc80ffac713cd3055239bb2ad8d24ccf6a5acdfcb2fee2eb3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb458662c-d437-4d78-9218-021bf453a379.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 12683
x-amzn-requestid: 00900e5d-86da-4816-b0d4-ca1877328f18
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z-WZtHTLIAMF8cA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6348d10a-37a5019113eff2fc2bbded44;Sampled=0
x-amzn-remapped-date: Fri, 14 Oct 2022 03:01:30 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 6OH6MZBtjo2lA6BfRO4yXsZMuQckcrv04QVgNxkP1xI5ks01TGxcPA==
via: 1.1 1ec2938341958d70d56193d709c89dee.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Thu, 20 Oct 2022 08:31:03 GMT
age: 81078
etag: "14ea4bc4b8a8600e8e3f31a7684636a335db1dc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/plugins/visarzo-core//assets/elementor/js/testimonial.js?ver=1666335733
185.229.21.103200 OK 0 B URL HTTP/2 kenfieldpartners.com/wp-content/plugins/visarzo-core//assets/elementor/js/testimonial.js?ver=1666335733
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/visarzo-core//assets/elementor/js/testimonial.js?ver=1666335733 HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 31 Oct 2020 20:56:37 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
content-length: 401
content-type: application/javascript
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2
142.250.74.46200 OK 0 B URL HTTP/2 translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2
IP 142.250.74.46:0
GET /translate_a/element.js?cb=googleTranslateElementInit2 HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 21 Oct 2022 07:02:13 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+429; expires=Sun, 20-Oct-2024 07:02:13 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
kenfieldpartners.com/wp-content/uploads/2020/08/160294360_100520452127833_3517698567211962749_o.jpg
185.229.21.103200 OK 0 B URL HTTP/2 kenfieldpartners.com/wp-content/uploads/2020/08/160294360_100520452127833_3517698567211962749_o.jpg
IP 185.229.21.103:0
ASN #25577 CloudCoCo Connect Limited
GET /wp-content/uploads/2020/08/160294360_100520452127833_3517698567211962749_o.jpg HTTP/1.1
Host: kenfieldpartners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 21 Mar 2021 09:56:36 GMT
accept-ranges: bytes
content-length: 1001302
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 07:02:13 GMT
x-endurance-cache-level: 2
content-type: image/jpeg
date: Fri, 21 Oct 2022 07:02:13 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css?display=swap&family=Cabin:300,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i%7COpen+Sans:300,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i&subset=latin,cyrillic-ext,latin-ext,cyrillic,greek-ext,greek,vietnamese
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?display=swap&family=Cabin:300,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i%7COpen+Sans:300,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i&subset=latin,cyrillic-ext,latin-ext,cyrillic,greek-ext,greek,vietnamese
IP 142.250.74.10:0
GET /css?display=swap&family=Cabin:300,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i%7COpen+Sans:300,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i&subset=latin,cyrillic-ext,latin-ext,cyrillic,greek-ext,greek,vietnamese HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kenfieldpartners.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 21 Oct 2022 07:02:13 GMT
date: Fri, 21 Oct 2022 07:02:13 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2