Overview

URLwww.kitakits.com/cg/v3/chaseonline-login.php
IP 65.60.35.102 (United States)
ASN#32475 SINGLEHOP-LLC
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-29 06:35:19 UTC
StatusLoading report..
IDS alerts0
Blocklist alert22
urlquery alerts No alerts detected
Tags None

Domain Summary (13)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
r3.o.lencr.org (7) 344 No data No data 23.36.77.32
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
api.sonetel.com (2) 0 2015-06-16 11:47:21 UTC 2015-10-20 08:24:04 UTC 34.193.235.220 Domain (sonetel.com) ranked at: 421246
msg.sonetel.com (1) 0 No data No data 3.226.23.218 Domain (sonetel.com) ranked at: 421246
widget.sonetel.com (2) 0 No data No data 143.204.55.68 Domain (sonetel.com) ranked at: 421246
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 35.163.62.5
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
beta-api.sonetel.com (8) 0 No data No data 34.193.235.220 Domain (sonetel.com) ranked at: 421246
www.kitakits.com (28) 0 2013-12-08 21:45:51 UTC 2014-08-13 07:46:35 UTC 65.60.35.102 Unknown ranking
ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-28 05:55:58 UTC 34.102.187.140
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-28 05:53:26 UTC 34.117.237.239
ocsp.godaddy.com (1) 698 2012-05-20 19:28:57 UTC 2020-05-02 20:58:10 UTC 192.124.249.24

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-29 2 www.kitakits.com/cg/v3/chaseonline-login.php Phishing
2022-11-29 2 www.kitakits.com/wp-includes/css/classic-themes.min.css?ver=1 Phishing
2022-11-29 2 www.kitakits.com/wp-content/plugins/catch-breadcrumb/public/css/catch-bread (...) Phishing
2022-11-29 2 www.kitakits.com/wp-content/plugins/catch-instagram-feed-gallery-widget/pub (...) Phishing
2022-11-29 2 www.kitakits.com/wp-content/plugins/essential-widgets/public/css/essential- (...) Phishing
2022-11-29 2 www.kitakits.com/wp-content/themes/catch-wedding/style.css?ver=20220804-25300 Phishing
2022-11-29 2 www.kitakits.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 Phishing
2022-11-29 2 www.kitakits.com/wp-content/themes/catch-wedding/assets/js/fitvids.min.js?v (...) Phishing
2022-11-29 2 www.kitakits.com/wp-content/themes/catch-wedding/assets/css/blocks.css?ver=1.0 Phishing
2022-11-29 2 www.kitakits.com/wp-content/plugins/essential-widgets/public/js/essential-w (...) Phishing
2022-11-29 2 www.kitakits.com/wp-content/plugins/catch-infinite-scroll/public/js/catch-i (...) Phishing
2022-11-29 2 www.kitakits.com/wp-content/plugins/catch-instagram-feed-gallery-widget/pub (...) Phishing
2022-11-29 2 www.kitakits.com/wp-content/plugins/to-top/public/js/to-top-public.js?ver=2.5.1 Phishing
2022-11-29 2 www.kitakits.com/wp-content/themes/catch-wedding/assets/js/skip-link-focus- (...) Phishing
2022-11-29 2 www.kitakits.com/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b Phishing
2022-11-29 2 www.kitakits.com/wp-content/themes/catch-wedding/assets/js/jquery.matchHeig (...) Phishing
2022-11-29 2 www.kitakits.com/wp-includes/js/masonry.min.js?ver=4.2.2 Phishing
2022-11-29 2 www.kitakits.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4 Phishing
2022-11-29 2 www.kitakits.com/wp-content/themes/catch-wedding/assets/js/functions.min.js (...) Phishing
2022-11-29 2 www.kitakits.com/wp-includes/js/wp-emoji-release.min.js?ver=c9d9ada01ab0b84 (...) Phishing
2022-11-29 2 www.kitakits.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 Phishing
2022-11-29 2 www.kitakits.com/cg/v3/chaseonline-login.php Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 65.60.35.102
Date UQ / IDS / BL URL IP
2022-11-29 06:35:19 +0000 0 - 0 - 22 www.kitakits.com/cg/v3/chaseonline-login.php 65.60.35.102
2022-11-28 07:52:23 +0000 0 - 0 - 22 www.kitakits.com/cg/0f942ec3a264d1023bc5a84cf (...) 65.60.35.102
2022-11-28 02:37:37 +0000 0 - 0 - 3 kitakits.com/cg/v3/chaseonline-login.php 65.60.35.102
2022-11-28 02:37:39 +0000 0 - 0 - 22 www.kitakits.com/cg/v3/chaseonline-login.php 65.60.35.102
2022-11-28 02:37:31 +0000 0 - 0 - 3 kitakits.com/cg/v3/chaseonline-login.php 65.60.35.102


Last 5 reports on ASN: SINGLEHOP-LLC
Date UQ / IDS / BL URL IP
2023-02-08 02:09:21 +0000 0 - 0 - 1 xox-media.com/gloriakvanderhorst/wp-content/u (...) 172.96.186.229
2023-02-08 01:28:14 +0000 0 - 0 - 1 watchlivesportsall.com/zz/2019/EN/4fc8ed929e5 (...) 172.96.187.189
2023-02-08 01:25:06 +0000 0 - 0 - 9 www.dailyhealthseries.com/vgsx/231ead02c0fa94 (...) 184.154.14.116
2023-02-08 01:25:05 +0000 0 - 0 - 10 dailyhealthseries.com/vgsx/231ead02c0fa940c74 (...) 184.154.14.116
2023-02-08 01:24:40 +0000 0 - 0 - 10 dailyhealthseries.com/vgsx/231ead02c0fa940c74 (...) 184.154.14.116


Last 5 reports on domain: kitakits.com
Date UQ / IDS / BL URL IP
2022-11-29 06:35:19 +0000 0 - 0 - 22 www.kitakits.com/cg/v3/chaseonline-login.php 65.60.35.102
2022-11-28 07:52:23 +0000 0 - 0 - 22 www.kitakits.com/cg/0f942ec3a264d1023bc5a84cf (...) 65.60.35.102
2022-11-28 02:37:37 +0000 0 - 0 - 3 kitakits.com/cg/v3/chaseonline-login.php 65.60.35.102
2022-11-28 02:37:39 +0000 0 - 0 - 22 www.kitakits.com/cg/v3/chaseonline-login.php 65.60.35.102
2022-11-28 02:37:31 +0000 0 - 0 - 3 kitakits.com/cg/v3/chaseonline-login.php 65.60.35.102


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2022-11-28 07:52:23 +0000 0 - 0 - 22 www.kitakits.com/cg/0f942ec3a264d1023bc5a84cf (...) 65.60.35.102
2022-11-26 01:40:38 +0000 0 - 0 - 3 kitakits.com/cg/0f942ec3a264d1023bc5a84cff367 (...) 65.60.35.102
2022-11-26 01:40:35 +0000 0 - 0 - 22 www.kitakits.com/cg/0f942ec3a264d1023bc5a84cf (...) 65.60.35.102
2022-11-26 01:40:30 +0000 0 - 0 - 3 kitakits.com/cg/0f942ec3a264d1023bc5a84cff367 (...) 65.60.35.102
2022-11-28 02:37:37 +0000 0 - 0 - 3 kitakits.com/cg/v3/chaseonline-login.php 65.60.35.102

JavaScript

Executed Scripts (23)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (62)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5291
Expires: Tue, 29 Nov 2022 08:03:19 GMT
Date: Tue, 29 Nov 2022 06:35:08 GMT
Connection: keep-alive

                                        
                                            GET /cg/v3/chaseonline-login.php HTTP/1.1 
Host: www.kitakits.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         65.60.35.102
HTTP/1.1 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
location: https://www.kitakits.com/cg/v3/chaseonline-login.php
content-length: 0
date: Tue, 29 Nov 2022 06:35:07 GMT
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3430
Cache-Control: 'max-age=158059'
Date: Tue, 29 Nov 2022 06:35:08 GMT
Last-Modified: Tue, 29 Nov 2022 05:37:58 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10911
Expires: Tue, 29 Nov 2022 09:36:59 GMT
Date: Tue, 29 Nov 2022 06:35:08 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 06:19:36 GMT
cache-control: public,max-age=3600
age: 932
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: 6aM4i2G2Bicbm71a5Wvs7xfcaSNLInGvQGQCKVBeP/z/60s/o7EgLb/M0x8xSAZDYdLL2DaQxMc=
x-amz-request-id: P4S52X8B6GFMF7RX
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 05:45:20 GMT
age: 2988
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 29 Nov 2022 06:35:08 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 06:11:13 GMT
cache-control: public,max-age=3600
age: 1436
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6138
Cache-Control: max-age=101644
Date: Tue, 29 Nov 2022 06:35:09 GMT
Etag: "63847a2f-1d7"
Expires: Wed, 30 Nov 2022 10:49:13 GMT
Last-Modified: Mon, 28 Nov 2022 09:06:55 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1 
Host: www.kitakits.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kitakits.com/cg/v3/chaseonline-login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         65.60.35.102
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: max-age=1333600, public
expires: Tue, 06 Dec 2022 06:35:08 GMT
last-modified: Wed, 26 Oct 2022 00:15:16 GMT
etag: "063587c14-0;;;"
accept-ranges: bytes
content-length: 217
date: Tue, 29 Nov 2022 06:35:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   217
Md5:    95e891f28e44a9b314c09545d86be2b7
Sha1:   f9b13a8bd47273b086a0a07df15f314e0af0bc3e
Sha256: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/css/dist/block-library/style.min.css?ver=c9d9ada01ab0b845e24137eddf4bf2b5 HTTP/1.1 
Host: www.kitakits.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kitakits.com/cg/v3/chaseonline-login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         65.60.35.102
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: max-age=1333600, public
expires: Tue, 06 Dec 2022 06:35:08 GMT
last-modified: Wed, 16 Nov 2022 07:25:33 GMT
etag: "06374906d-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11616
date: Tue, 29 Nov 2022 06:35:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (47826)
Size:   11616
Md5:    c4d7cc056b49b00e05cc29cc59aa3d5a
Sha1:   48c426bec60099d2a8628df430ed682c72aab42a
Sha256: 8009c12f2674a8d38401f4b5faad1fef2cfcd18a8c927ed2561ae9d7de9b57b5
                                        
                                            GET /wp-content/plugins/catch-breadcrumb/public/css/catch-breadcrumb-public.css?ver=1.9 HTTP/1.1 
Host: www.kitakits.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kitakits.com/cg/v3/chaseonline-login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         65.60.35.102
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: max-age=1333600, public
expires: Tue, 06 Dec 2022 06:35:08 GMT
last-modified: Thu, 03 Nov 2022 06:32:29 GMT
etag: "06363607d-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 448
date: Tue, 29 Nov 2022 06:35:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   448
Md5:    8e585ea16143381028e1faa7c144e957
Sha1:   a8a9c94f6cff0e26c0e35127e27d88caee526f7a
Sha256: 3d33cd4991c534ded72eb3ffdcb9956926c465d0d3534d98b316a9d2e5c1d60f

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/catch-infinite-scroll/public/css/catch-infinite-scroll-public.css?ver=2.0.4 HTTP/1.1 
Host: www.kitakits.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kitakits.com/cg/v3/chaseonline-login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         65.60.35.102
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: max-age=1333600, public
expires: Tue, 06 Dec 2022 06:35:08 GMT
last-modified: Thu, 03 Nov 2022 06:32:30 GMT
etag: "06363607e-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 482
date: Tue, 29 Nov 2022 06:35:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   482
Md5:    fceb2d9c9efe97533cb19a63a16c740c
Sha1:   f461cc04848fffd23636e94c512e73aef7af9d63
Sha256: f83f12711db7094d04434da20fc473b7a437b1b5b573d0f282ef13956ff8b57f
                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         192.124.249.24
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 06:35:09 GMT
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 28 Nov 2022 20:40:36 GMT
Expires: Tue, 29 Nov 2022 20:40:36 GMT
ETag: "66975651a05f6b0aca95a20740b5aca1bfe20cfc"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1778
Md5:    c357a576bbba342f54dd1be75e94bfb9
Sha1:   66975651a05f6b0aca95a20740b5aca1bfe20cfc
Sha256: f8484ffe8f42e94d9906635802599a9b3865b3660e3d7b5ad67cda51064a94b8
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: bmfFWBlYTwMasNjx2rkCiw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         35.163.62.5
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: bnV4bowu9PX1Lc0Oapr7vhZ9t+0=

                                        
                                            GET /wp-includes/css/dashicons.min.css?ver=c9d9ada01ab0b845e24137eddf4bf2b5 HTTP/1.1 
Host: www.kitakits.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kitakits.com/cg/v3/chaseonline-login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         65.60.35.102
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: max-age=1333600, public
expires: Tue, 06 Dec 2022 06:35:08 GMT
last-modified: Thu, 04 Mar 2021 08:46:22 GMT
etag: "060409e5e-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 35110
date: Tue, 29 Nov 2022 06:35:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (58981)
Size:   35110
Md5:    54c5bfb8a890d87139d9abfe01662c83
Sha1:   f9eddf5b8a3269e6d6fa40b4f13083705e6267c6
Sha256: 9685e5cabe4efc8c85e986725af8009b306416aad3ecc9086ca5bb12b84ce4ef
                                        
                                            GET /wp-content/plugins/catch-instagram-feed-gallery-widget/public/css/catch-instagram-feed-gallery-widget-public.css?ver=2.3.2 HTTP/1.1 
Host: www.kitakits.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kitakits.com/cg/v3/chaseonline-login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         65.60.35.102
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: max-age=1333600, public
expires: Tue, 06 Dec 2022 06:35:08 GMT
last-modified: Thu, 03 Nov 2022 06:32:31 GMT
etag: "06363607f-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1425
date: Tue, 29 Nov 2022 06:35:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   1425
Md5:    4f966d22948e4e749a3c1bd06516397f
Sha1:   bcc4cd70332d23066f01fec10196bdfea373304f
Sha256: 1c6d5d6486efa7eac3331a07d6bb59abbe2646b501de0705eaadabe1717310ec

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/to-top/public/css/to-top-public.css?ver=2.5.1 HTTP/1.1 
Host: www.kitakits.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kitakits.com/cg/v3/chaseonline-login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         65.60.35.102
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: max-age=1333600, public
expires: Tue, 06 Dec 2022 06:35:08 GMT
last-modified: Mon, 16 Jan 2017 14:29:08 GMT
etag: "0587cd8b4-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 424
date: Tue, 29 Nov 2022 06:35:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   424
Md5:    70d64f5ec845be2acf97b1d49459ea98
Sha1:   c47a4042980a5cadf2f61b0baea7e1bb5e37dcb4
Sha256: 2fa1779c37800ff35f0d7b0314f76e3b91a2026164be3490edd7dec5974ad51c
                                        
                                            GET /wp-content/plugins/essential-widgets/public/css/essential-widgets-public.css?ver=2.1 HTTP/1.1 
Host: www.kitakits.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kitakits.com/cg/v3/chaseonline-login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         65.60.35.102
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: max-age=1333600, public
expires: Tue, 06 Dec 2022 06:35:08 GMT
last-modified: Sun, 20 Nov 2022 06:43:13 GMT
etag: "06379cc81-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 239
date: Tue, 29 Nov 2022 06:35:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   239
Md5:    432b6a919afd9c6c6458d74c28d4a0e2
Sha1:   d3f23c9fd47578936b2bf171c3c350977046fbfa
Sha256: 01dba2e3206c290639209f95e5b72fe9bdb84fae1dcf8e8d99ffacb9fb8b16fa

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/fonts/091ae25cbfd182030527ee947f801a16.css HTTP/1.1 
Host: www.kitakits.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kitakits.com/cg/v3/chaseonline-login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         65.60.35.102
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: max-age=1333600, public
expires: Tue, 06 Dec 2022 06:35:09 GMT
last-modified: Thu, 04 Aug 2022 12:21:11 GMT
etag: "062ebb9b7-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 561
date: Tue, 29 Nov 2022 06:35:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   561
Md5:    03c4c326a8490079080ec5444e236e42
Sha1:   3dc7e2e32c51c9f698138d9333892791cb86078b
Sha256: c953d0f9be5343f4080950e889de8bcf4b427f739fce611dd53ac64aa2243312
                                        
                                            GET /wp-content/themes/catch-wedding/style.css?ver=20220804-25300 HTTP/1.1 
Host: www.kitakits.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kitakits.com/cg/v3/chaseonline-login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         65.60.35.102
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: max-age=1333600, public
expires: Tue, 06 Dec 2022 06:35:08 GMT
last-modified: Thu, 04 Aug 2022 02:53:00 GMT
etag: "062eb348c-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 22551
date: Tue, 29 Nov 2022 06:35:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  assembler source, Unicode text, UTF-8 text, with very long lines (1261)
Size:   22551
Md5:    7e79bdaad424046f86cd694c7c0939d3
Sha1:   a65aba936ca5fff7c130e0093f0b47e745356f02
Sha256: da54fd0619a8424e3af7fee50429d6ca3efcdb9c2474a54c89da196234f73ac6

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1 
Host: www.kitakits.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kitakits.com/cg/v3/chaseonline-login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         65.60.35.102
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: max-age=1333600, public
expires: Tue, 06 Dec 2022 06:35:09 GMT
last-modified: Wed, 18 Nov 2020 20:36:06 GMT
etag: "05fb585b6-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3995
date: Tue, 29 Nov 2022 06:35:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11126)
Size:   3995
Md5:    7e058b51f939eacfa31cdface14dded5
Sha1:   9d732e5afdeb42edef9e1b9631b7e95e054787cc
Sha256: 4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/catch-breadcrumb/public/js/catch-breadcrumb-public.js?ver=1.9 HTTP/1.1 
Host: www.kitakits.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kitakits.com/cg/v3/chaseonline-login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         65.60.35.102
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: max-age=1333600, public
expires: Tue, 06 Dec 2022 06:35:09 GMT
last-modified: Thu, 03 Nov 2022 06:32:29 GMT
etag: "06363607d-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 627
date: Tue, 29 Nov 2022 06:35:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   627
Md5:    f75cc31ba41897d40b609655400e5943
Sha1:   97deecf1875ce452631f2210429ade422ef0a4a5
Sha256: 8014ff06ab08399f5a7856bcc5413ee9458ae28b41eccf68035bfb036d7f5fa3
                                        
                                            GET /wp-content/themes/catch-wedding/assets/js/fitvids.min.js?ver=1.1 HTTP/1.1 
Host: www.kitakits.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kitakits.com/cg/v3/chaseonline-login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         65.60.35.102
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: max-age=1333600, public
expires: Tue, 06 Dec 2022 06:35:09 GMT
last-modified: Thu, 09 Dec 2021 16:28:16 GMT
etag: "061b22ea0-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 550
date: Tue, 29 Nov 2022 06:35:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (1484), with no line terminators
Size:   550
Md5:    d082703c810b9593086128b12d69902d
Sha1:   1b681a2116fdebb8032586592fc87953af763fe9
Sha256: 01e5c93a0bf7d6babb42c0436eae972fe1c24abbb12cececa95b37c4d33d8c70

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/catch-wedding/assets/css/blocks.css?ver=1.0 HTTP/1.1 
Host: www.kitakits.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kitakits.com/cg/v3/chaseonline-login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         65.60.35.102
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: max-age=1333600, public
expires: Tue, 06 Dec 2022 06:35:09 GMT
last-modified: Thu, 31 Mar 2022 10:42:32 GMT
etag: "062458598-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2678
date: Tue, 29 Nov 2022 06:35:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   2678
Md5:    39c8d3fb67ed4a71607ecedf2998a55a
Sha1:   1501983743370d3f025b3324cf74da6e02ab8df4
Sha256: 4e89432c6dce36e3268a2f6d4a4f21d9ee44374cc8f40348574b17508b9f5f38

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/essential-widgets/public/js/essential-widgets-public.js?ver=2.1 HTTP/1.1 
Host: www.kitakits.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kitakits.com/cg/v3/chaseonline-login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         65.60.35.102
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: max-age=1333600, public
expires: Tue, 06 Dec 2022 06:35:09 GMT
last-modified: Sun, 20 Nov 2022 06:43:13 GMT
etag: "06379cc81-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 412
date: Tue, 29 Nov 2022 06:35:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   412
Md5:    e92d50e4ea8815af34e820ce2690e56e
Sha1:   83366b2b3d854db08b7eeb50b953f89978ad6410
Sha256: 887aee3fb3d8faf634a6b3f09f93447a4c87b7fb4d83b8679effbcab7bf5292a

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/catch-infinite-scroll/public/js/catch-infinite-scroll-public.js?ver=2.0.4 HTTP/1.1 
Host: www.kitakits.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kitakits.com/cg/v3/chaseonline-login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         65.60.35.102
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: max-age=1333600, public
expires: Tue, 06 Dec 2022 06:35:09 GMT
last-modified: Thu, 03 Nov 2022 06:32:30 GMT
etag: "06363607e-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1947
date: Tue, 29 Nov 2022 06:35:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   1947
Md5:    caf2fcfd34a3b57ddb808880d2b16696
Sha1:   27dd494be10fa1a22f37eeacc7b6154428c18633
Sha256: b07a17493f8dd225ff91d958946afef5825dc6742aa0238fe943479504194b73

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/catch-instagram-feed-gallery-widget/public/js/catch-instagram-feed-gallery-widget-public.js?ver=2.3.2 HTTP/1.1 
Host: www.kitakits.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kitakits.com/cg/v3/chaseonline-login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         65.60.35.102
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: max-age=1333600, public
expires: Tue, 06 Dec 2022 06:35:09 GMT
last-modified: Thu, 03 Nov 2022 06:32:31 GMT
etag: "06363607f-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 410
date: Tue, 29 Nov 2022 06:35:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   410
Md5:    9154e549b0feb3252fb1cc2e49e5ca20
Sha1:   4261cfff758f2b94a50f7e1866903f3b8bbfcd47
Sha256: b15d1d83daed3ccfbfe941cc286594122c803be51d21d730dbf9ba7417f49c6b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/to-top/public/js/to-top-public.js?ver=2.5.1 HTTP/1.1 
Host: www.kitakits.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kitakits.com/cg/v3/chaseonline-login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         65.60.35.102
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: max-age=1333600, public
expires: Tue, 06 Dec 2022 06:35:09 GMT
last-modified: Tue, 20 Sep 2022 12:23:22 GMT
etag: "06329b0ba-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 594
date: Tue, 29 Nov 2022 06:35:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   594
Md5:    e7ff05c58e729d4deaf96c7104351a6a
Sha1:   76f5e5aaaa1c16b577669f97f02502d8ba075ffa
Sha256: 3dc12367de9fbef52f87f33787b3584a8de82273f180629bf91e06e9446f6a91

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/catch-wedding/assets/js/skip-link-focus-fix.min.js?ver=20181115 HTTP/1.1 
Host: www.kitakits.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kitakits.com/cg/v3/chaseonline-login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         65.60.35.102
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: max-age=1333600, public
expires: Tue, 06 Dec 2022 06:35:09 GMT
last-modified: Thu, 31 Mar 2022 10:42:32 GMT
etag: "062458598-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 222
date: Tue, 29 Nov 2022 06:35:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (499), with no line terminators
Size:   222
Md5:    5bd377a8f12fa31b84633534251adb1d
Sha1:   3bb714fc8d937e68ff0492055fded5ea2a9b4cb7
Sha256: 50692aeab87d696687c14f81c084bc7588fb140913a4f2457ed702773db30106

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b HTTP/1.1 
Host: www.kitakits.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kitakits.com/cg/v3/chaseonline-login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         65.60.35.102
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: max-age=1333600, public
expires: Tue, 06 Dec 2022 06:35:09 GMT
last-modified: Fri, 19 Aug 2016 05:25:30 GMT
etag: "057b6984a-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 628
date: Tue, 29 Nov 2022 06:35:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1626)
Size:   628
Md5:    67cf4663ab50b96f6cfbef1de915ac71
Sha1:   b019f521a2ec93c24ff288ca16b39263168d9e64
Sha256: 4f51279a3e89fb1e36130b8802a119ac113a50423fbfdc6d7ea7d18e8a892bf9

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/catch-wedding/assets/js/jquery.matchHeight.min.js?ver=20181115 HTTP/1.1 
Host: www.kitakits.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kitakits.com/cg/v3/chaseonline-login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         65.60.35.102
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: max-age=1333600, public
expires: Tue, 06 Dec 2022 06:35:09 GMT
last-modified: Thu, 31 Mar 2022 10:42:32 GMT
etag: "062458598-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1180
date: Tue, 29 Nov 2022 06:35:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3228), with no line terminators
Size:   1180
Md5:    2f156d25b057c2eebe2bf57c434bd86f
Sha1:   fa0e5b773af09995c43113ecf0a30f2b91e19bc7
Sha256: b1e24fc2739d279ce46c43502c2c91c3bbd4155da98ab4043261e774fcba4318

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/masonry.min.js?ver=4.2.2 HTTP/1.1 
Host: www.kitakits.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kitakits.com/cg/v3/chaseonline-login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         65.60.35.102
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: max-age=1333600, public
expires: Tue, 06 Dec 2022 06:35:09 GMT
last-modified: Sun, 14 Jun 2020 05:23:28 GMT
etag: "05ee5b450-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7117
date: Tue, 29 Nov 2022 06:35:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (23966)
Size:   7117
Md5:    acbcd70975a7cfaf92dc02b2ede1fd24
Sha1:   7a50461999972abb541d4baf1ccf23d8e435aad6
Sha256: c1250ec4943afb181633078eb9d67c5944fc64b2bb219c98406c286e9449189e

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1 
Host: www.kitakits.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kitakits.com/cg/v3/chaseonline-login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         65.60.35.102
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: max-age=1333600, public
expires: Tue, 06 Dec 2022 06:35:09 GMT
last-modified: Sun, 14 Jun 2020 05:23:28 GMT
etag: "05ee5b450-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1733
date: Tue, 29 Nov 2022 06:35:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5477)
Size:   1733
Md5:    fa921f07ecc438baf227765de450e215
Sha1:   1fdd49d8bb681cb118ea8d67d4fc61b0ad46cc95
Sha256: b2cc68637048b04952a2f33163f64571145dbe0817a14c68fe6f1661bd81091f

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/catch-wedding/assets/js/functions.min.js?ver=20181115 HTTP/1.1 
Host: www.kitakits.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kitakits.com/cg/v3/chaseonline-login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         65.60.35.102
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: max-age=1333600, public
expires: Tue, 06 Dec 2022 06:35:09 GMT
last-modified: Thu, 31 Mar 2022 10:42:32 GMT
etag: "062458598-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1698
date: Tue, 29 Nov 2022 06:35:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (7698), with no line terminators
Size:   1698
Md5:    6b4c3b1fef303a54f528bcc39e825e77
Sha1:   46b71269fa3d4953991657d805fdbe2ae5cf9b17
Sha256: 8b63574aa21a5d0466d29fa184c7689103499879db041598809eea4c211bbb73

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/wp-emoji-release.min.js?ver=c9d9ada01ab0b845e24137eddf4bf2b5 HTTP/1.1 
Host: www.kitakits.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kitakits.com/cg/v3/chaseonline-login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         65.60.35.102
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: max-age=1333600, public
expires: Tue, 06 Dec 2022 06:35:09 GMT
last-modified: Tue, 12 Apr 2022 16:26:24 GMT
etag: "06255a830-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4619
date: Tue, 29 Nov 2022 06:35:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (15660)
Size:   4619
Md5:    0232689bd203f330529b36a437f41a68
Sha1:   9046583f7469ad38297969f10a9513eb895d5316
Sha256: feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1 
Host: www.kitakits.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kitakits.com/cg/v3/chaseonline-login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         65.60.35.102
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: max-age=1333600, public
expires: Tue, 06 Dec 2022 06:35:09 GMT
last-modified: Tue, 20 Sep 2022 00:46:24 GMT
etag: "063290d60-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30324
date: Tue, 29 Nov 2022 06:35:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   30324
Md5:    3a1740685bd5c0bbd5f2b812e1eb7fb4
Sha1:   488e07695da787fed18361c50292aef35abb5e81
Sha256: 4a07aed2d8cf88afdec0b56b365b951c76d387db3459166b5a0d25e2e6cc95ef

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9441
Expires: Tue, 29 Nov 2022 09:12:32 GMT
Date: Tue, 29 Nov 2022 06:35:11 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9441
Expires: Tue, 29 Nov 2022 09:12:32 GMT
Date: Tue, 29 Nov 2022 06:35:11 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9441
Expires: Tue, 29 Nov 2022 09:12:32 GMT
Date: Tue, 29 Nov 2022 06:35:11 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9441
Expires: Tue, 29 Nov 2022 09:12:32 GMT
Date: Tue, 29 Nov 2022 06:35:11 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9441
Expires: Tue, 29 Nov 2022 09:12:32 GMT
Date: Tue, 29 Nov 2022 06:35:11 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10176
x-amzn-requestid: 768fc69c-e91b-4dd9-8add-63634762b2d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMpbgEFOIAMF71A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bc49-21756db31c4714af0553f21b;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:12:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jS-AS3x8V3XacXRNkU63UJjBxA6unvBer5WcxUYseR5p4eZPK64o2g==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 07:40:08 GMT
age: 82503
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10176
Md5:    03014221d7f49b50ffc2d1b0a0e75457
Sha1:   772d86ad983042a728ee3490630a9cf1134ad0dd
Sha256: 81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AVwDLlKoy5pc9NNuR_OakMB0ONGAoO-k2AKwV--b2sjiaqYSKAWlZg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 22:43:20 GMT
age: 28311
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4803
Md5:    cc0a257323f882caff067adb86d906e4
Sha1:   cedf2f21be7cd366bd46055b62b5513db3011dfc
Sha256: c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9868f6d6-e29b-42b5-89c4-eec4771663b2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8402
x-amzn-requestid: d2d62f85-b6be-4394-9668-1d913e4120d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYeaGbgoAMFdCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d45c-2b6bfdcc72011cf01ddbd66b;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:07:08 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 1il1ILDPBUseZWYjae_R0BQhpdyPTqqI0GycCljovgxjqhYezCwxCA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 04:18:26 GMT
age: 8205
etag: "47295f2cf1b039c4b85cbe463d7893671a563989"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8402
Md5:    faf3524970b0c3256eb5708f4ccf11ce
Sha1:   47295f2cf1b039c4b85cbe463d7893671a563989
Sha256: ba0c2ce23eae865936caa7fb47dd1ef6346b8a7bc8340db700df6e2f5e27ec27
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3527eb28-888e-447d-90fd-1226d5b94433.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8921
x-amzn-requestid: 98baf100-c007-4c44-89aa-b9cf55fa3f94
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnwFYToAMFoWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852964-1227b5a9100c206e0c64f4b2;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: awi49MMMlK51wHPbyBrBkL4N4g9lX3ea40LxyrYbYxe_FsfqelTcTQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:57:05 GMT
etag: "c501de9eaa581a10b0b5fce40b54bb10f57f7c29"
age: 31086
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8921
Md5:    823e92f62ff7b3c2093828817d7f2866
Sha1:   c501de9eaa581a10b0b5fce40b54bb10f57f7c29
Sha256: 7d89669e23682f167b2fe1eff9edc5939112ec66b6b4e6389ef8aec78ccbdfe5
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b0dcfcd-38d5-4614-ad4e-405d8ad4ee91.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6037
x-amzn-requestid: eb17903e-1fd3-4a41-a6d1-8b671d890400
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPAJjFa3oAMFcLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382ad70-3db95fcd1aeb9c411c55d173;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 00:21:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mFiEmh1axlMNuIBb1YSzcciCdHzHGG7q0f3lQOuHJmjugWgdZKKiSg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 11:27:11 GMT
age: 68880
etag: "3348f081a3357490a704592d105d02e81886df89"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6037
Md5:    b5e2bc1651b37b8e0467c2a6cb860fb3
Sha1:   3348f081a3357490a704592d105d02e81886df89
Sha256: 751c601e075c9338335c05b0f430ba8065b4e97440e6630993afd943f302b253
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69f1b665-d8ee-457c-8f1d-e696be0cdbf6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9162
x-amzn-requestid: f7fb3b99-6f1c-4ab3-9547-a337d54e8c9a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVjI8E9poAMFaQw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63854bd2-0679b83d1aa3b7c71aa6bf1c;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 00:01:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RAAJeCuVxs-hpp4wMmcBEmqPf71bUMueBvhwLaYTixj9IiIGNp0ZIQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 00:28:27 GMT
age: 22004
etag: "6567069d9f5199205ba1ca7a937fcb0a52f95d06"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9162
Md5:    c808183085a429c53515508678fc7ab2
Sha1:   6567069d9f5199205ba1ca7a937fcb0a52f95d06
Sha256: c7ca95730cbc97d7c243e05b23520166faefcd2dfe90f36f70fad1f7e4537e4c
                                        
                                            OPTIONS /SonetelAuth/beta/participant-token HTTP/1.1 
Host: api.sonetel.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-sonetel-lang,x-sonetel-referrer
Referer: https://www.kitakits.com/
Origin: https://www.kitakits.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.193.235.220
HTTP/1.1 200 OK
Content-Type: application/octet-stream
                                        
Server: nginx
Date: Tue, 29 Nov 2022 06:35:11 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,origin,x-sonetel-lang,x-sonetel-referrer
Access-Control-Max-Age: 3600
Strict-Transport-Security: max-age=15768000; includeSubDomains; always

                                        
                                            POST /SonetelAuth/beta/participant-token HTTP/1.1 
Host: api.sonetel.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Sonetel-Referrer: https://www.kitakits.com/cg/v3/chaseonline-login.php
X-Sonetel-Lang:
Content-Type: application/json;charset=utf-8
Content-Length: 168
Origin: https://www.kitakits.com
Connection: keep-alive
Referer: https://www.kitakits.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.193.235.220
HTTP/1.1 200
Content-Type: application/json;charset=UTF-8
                                        
Server: nginx
Date: Tue, 29 Nov 2022 06:35:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE
Access-Control-Max-Age: 3600
X-Application-Context: auth-api:beta:9056
Access-Control-Allow-Headers: x-requested-with, authorization, content-type, Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,origin,x-sonetel-lang,x-sonetel-referrer
Strict-Transport-Security: max-age=15768000; includeSubDomains; always
Content-Encoding: gzip


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (906), with no line terminators
Size:   687
Md5:    66d18955d3772dc257263ee4acba938f
Sha1:   45b812aee9a2f91199c57574757ceaae29d2114e
Sha256: be90737b9abc236aecc077f8496f1c3c31ea323556ca3059e259ca2fb172f89a
                                        
                                            GET /ws-xmpp HTTP/1.1 
Host: msg.sonetel.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.kitakits.com
Sec-WebSocket-Protocol: xmpp
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: QymX1N5gUxo+RseViuMvpg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         3.226.23.218
HTTP/1.1 101 Switching Protocols
                                        
connection: Upgrade
Sec-WebSocket-Protocol: xmpp
upgrade: websocket
sec-websocket-accept: /uIHv8Eygu3Hs72PxkhU3LmDLZ8=

                                        
                                            OPTIONS /ic-server/ic-server/token HTTP/1.1 
Host: beta-api.sonetel.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,x-sonetel-lang,x-sonetel-referrer
Referer: https://www.kitakits.com/
Origin: https://www.kitakits.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.193.235.220
HTTP/1.1 200 OK
Content-Type: application/octet-stream
                                        
Server: nginx
Date: Tue, 29 Nov 2022 06:35:12 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,origin,Content-Range,Range,x-sonetel-lang,x-sonetel-referrer
Access-Control-Max-Age: 3600
Strict-Transport-Security: max-age=15768000; includeSubDomains; always

                                        
                                            OPTIONS /p-api/participant/6ae0fc6c-24aa-4a2a-89f9-c2567f69b396?fields=profile HTTP/1.1 
Host: beta-api.sonetel.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,x-sonetel-lang,x-sonetel-referrer
Referer: https://www.kitakits.com/
Origin: https://www.kitakits.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.193.235.220
HTTP/1.1 200 OK
Content-Type: application/octet-stream
                                        
Server: nginx
Date: Tue, 29 Nov 2022 06:35:12 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,origin,Content-Range,Range,x-sonetel-lang,x-sonetel-referrer
Access-Control-Max-Age: 3600
Strict-Transport-Security: max-age=15768000; includeSubDomains; always

                                        
                                            OPTIONS /settings/account/207238176/cs/chat-widget HTTP/1.1 
Host: beta-api.sonetel.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,x-sonetel-lang,x-sonetel-referrer
Referer: https://www.kitakits.com/
Origin: https://www.kitakits.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.193.235.220
HTTP/1.1 200 OK
Content-Type: application/octet-stream
                                        
Server: nginx
Date: Tue, 29 Nov 2022 06:35:12 GMT
Content-Length: 0
Connection: keep-alive
Expires: Tue, 29 Nov 2022 06:37:12 GMT
Cache-Control: max-age=120
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,origin,Content-Range,Range,x-sonetel-lang,x-sonetel-referrer
Access-Control-Max-Age: 3600
Strict-Transport-Security: max-age=15768000; includeSubDomains; always

                                        
                                            GET /p-api/participant/6ae0fc6c-24aa-4a2a-89f9-c2567f69b396?fields=profile HTTP/1.1 
Host: beta-api.sonetel.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Sonetel-Referrer: https://www.kitakits.com/cg/v3/chaseonline-login.php
X-Sonetel-Lang:
Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJwYXJ0aWNpcGFudF9qaWQiOiI2YWUwZmM2Yy0yNGFhLTRhMmEtODlmOS1jMjU2N2Y2OWIzOTZAZXUwMS5zb25ldGVsLmNvbSIsImF1ZCI6ImFwaS5zb25ldGVsLmNvbSIsInNjb3BlIjpbInBhcnRpY2lwYW50LnJlYWQiLCJwYXJ0aWNpcGFudC53cml0ZSIsImNvbnZlcnNhdGlvbi5yZWFkIiwiY29udmVyc2F0aW9uLndyaXRlIl0sInBhcnRpY2lwYW50X2lkIjoiNmFlMGZjNmMtMjRhYS00YTJhLTg5ZjktYzI1NjdmNjliMzk2IiwiaXNzIjoiU29uZXRlbE5vZGUxMjMiLCJleHAiOjE2NzA5OTk3MTEsImlhdCI6MTY2OTcwMzcxMSwiY2xpZW50X2lkIjoic29uZXRlbC13ZWIiLCJhY2NfaWQiOjIwNzIzODE3NiwianRpIjoiMTVmN2M5ZmItZDZmMS00NGMzLTgxMmQtZmYwNTM1NDIzZmVlIn0.V0Fm6t_tx8C921nDOeTJjdqYO20_lzHaqtUY0H9WP9t84PX-JfFv69dQyp8qPFE5yDY84DP13wyj0sbvgzkTWtO97wQd2sy-85lybaOWTEaM5AjkEjnn8jiVvcUerDuK_hh5gj-pN54Qb3Zym_QsF6ralKq44alXkRFRru8VluWb2agyzrveo0QLKkczJKYzGqQFQWBDEPgsG3VsOvJdg8AYr8DrsPV8Kth4ADsKVJR4yKlNocy8XLqfZ5KRNyqscODxRjqCKe943EpYGDLdchn8CsRWPN2jN_kZvXvx-Y34TubzDKK1PgsUTIe-jeDl2Ey9Aj9YqY0iUSg2-fLEcQ
Origin: https://www.kitakits.com
Connection: keep-alive
Referer: https://www.kitakits.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.193.235.220
HTTP/1.1 200
Content-Type: application/json;charset=UTF-8
                                        
Server: nginx
Date: Tue, 29 Nov 2022 06:35:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY
X-Application-Context: participant-api:beta:9019
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,origin,x-sonetel-lang,x-sonetel-referrer
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Strict-Transport-Security: max-age=15768000; includeSubDomains; always
Content-Encoding: gzip


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (577), with no line terminators
Size:   329
Md5:    007ca0f50dbc92aba7aa51f5d2d5b37c
Sha1:   3c8359a9b3e0fb26a2103dc26f684ea14d6dc6d5
Sha256: 7232256aecb36d0ec6f014dc849d898741994cb48d893d0fd094c9ad97134892
                                        
                                            GET /ic-server/ic-server/token HTTP/1.1 
Host: beta-api.sonetel.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Sonetel-Referrer: https://www.kitakits.com/cg/v3/chaseonline-login.php
X-Sonetel-Lang:
Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJwYXJ0aWNpcGFudF9qaWQiOiI2YWUwZmM2Yy0yNGFhLTRhMmEtODlmOS1jMjU2N2Y2OWIzOTZAZXUwMS5zb25ldGVsLmNvbSIsImF1ZCI6ImFwaS5zb25ldGVsLmNvbSIsInNjb3BlIjpbInBhcnRpY2lwYW50LnJlYWQiLCJwYXJ0aWNpcGFudC53cml0ZSIsImNvbnZlcnNhdGlvbi5yZWFkIiwiY29udmVyc2F0aW9uLndyaXRlIl0sInBhcnRpY2lwYW50X2lkIjoiNmFlMGZjNmMtMjRhYS00YTJhLTg5ZjktYzI1NjdmNjliMzk2IiwiaXNzIjoiU29uZXRlbE5vZGUxMjMiLCJleHAiOjE2NzA5OTk3MTEsImlhdCI6MTY2OTcwMzcxMSwiY2xpZW50X2lkIjoic29uZXRlbC13ZWIiLCJhY2NfaWQiOjIwNzIzODE3NiwianRpIjoiMTVmN2M5ZmItZDZmMS00NGMzLTgxMmQtZmYwNTM1NDIzZmVlIn0.V0Fm6t_tx8C921nDOeTJjdqYO20_lzHaqtUY0H9WP9t84PX-JfFv69dQyp8qPFE5yDY84DP13wyj0sbvgzkTWtO97wQd2sy-85lybaOWTEaM5AjkEjnn8jiVvcUerDuK_hh5gj-pN54Qb3Zym_QsF6ralKq44alXkRFRru8VluWb2agyzrveo0QLKkczJKYzGqQFQWBDEPgsG3VsOvJdg8AYr8DrsPV8Kth4ADsKVJR4yKlNocy8XLqfZ5KRNyqscODxRjqCKe943EpYGDLdchn8CsRWPN2jN_kZvXvx-Y34TubzDKK1PgsUTIe-jeDl2Ey9Aj9YqY0iUSg2-fLEcQ
Origin: https://www.kitakits.com
Connection: keep-alive
Referer: https://www.kitakits.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.193.235.220
HTTP/1.1 200
Content-Type: application/json;charset=UTF-8
                                        
Server: nginx
Date: Tue, 29 Nov 2022 06:35:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY
X-Application-Context: icserver:beta:9002
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,origin,x-sonetel-lang,x-sonetel-referrer
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Strict-Transport-Security: max-age=15768000; includeSubDomains; always
Content-Encoding: gzip


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (1210), with no line terminators
Size:   371
Md5:    27f1fd140a2380e348ee53a07cbe3364
Sha1:   dc5e48c9c31d78dda0d929fa0f432998b2dbe846
Sha256: e43e5866f5a6e95e9c8269ab56950496ef9aa1aa128795376bcad52ed940e13f
                                        
                                            GET /settings/account/207238176/cs/chat-widget HTTP/1.1 
Host: beta-api.sonetel.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Sonetel-Referrer: https://www.kitakits.com/cg/v3/chaseonline-login.php
X-Sonetel-Lang:
Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJwYXJ0aWNpcGFudF9qaWQiOiI2YWUwZmM2Yy0yNGFhLTRhMmEtODlmOS1jMjU2N2Y2OWIzOTZAZXUwMS5zb25ldGVsLmNvbSIsImF1ZCI6ImFwaS5zb25ldGVsLmNvbSIsInNjb3BlIjpbInBhcnRpY2lwYW50LnJlYWQiLCJwYXJ0aWNpcGFudC53cml0ZSIsImNvbnZlcnNhdGlvbi5yZWFkIiwiY29udmVyc2F0aW9uLndyaXRlIl0sInBhcnRpY2lwYW50X2lkIjoiNmFlMGZjNmMtMjRhYS00YTJhLTg5ZjktYzI1NjdmNjliMzk2IiwiaXNzIjoiU29uZXRlbE5vZGUxMjMiLCJleHAiOjE2NzA5OTk3MTEsImlhdCI6MTY2OTcwMzcxMSwiY2xpZW50X2lkIjoic29uZXRlbC13ZWIiLCJhY2NfaWQiOjIwNzIzODE3NiwianRpIjoiMTVmN2M5ZmItZDZmMS00NGMzLTgxMmQtZmYwNTM1NDIzZmVlIn0.V0Fm6t_tx8C921nDOeTJjdqYO20_lzHaqtUY0H9WP9t84PX-JfFv69dQyp8qPFE5yDY84DP13wyj0sbvgzkTWtO97wQd2sy-85lybaOWTEaM5AjkEjnn8jiVvcUerDuK_hh5gj-pN54Qb3Zym_QsF6ralKq44alXkRFRru8VluWb2agyzrveo0QLKkczJKYzGqQFQWBDEPgsG3VsOvJdg8AYr8DrsPV8Kth4ADsKVJR4yKlNocy8XLqfZ5KRNyqscODxRjqCKe943EpYGDLdchn8CsRWPN2jN_kZvXvx-Y34TubzDKK1PgsUTIe-jeDl2Ey9Aj9YqY0iUSg2-fLEcQ
Origin: https://www.kitakits.com
Connection: keep-alive
Referer: https://www.kitakits.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.193.235.220
HTTP/1.1 200
Content-Type: application/json;charset=UTF-8
                                        
Server: nginx
Date: Tue, 29 Nov 2022 06:35:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Expires: Tue, 29 Nov 2022 06:37:13 GMT
X-Frame-Options: DENY
X-Application-Context: settings:beta:9006
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,origin,x-sonetel-lang,x-sonetel-referrer
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Strict-Transport-Security: max-age=15768000; includeSubDomains; always
Cache-Control: max-age=120, public
Content-Encoding: gzip


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (1174), with no line terminators
Size:   638
Md5:    3879911a19cae155279472a522873fbc
Sha1:   6ec587088e727aad9e1fd344de37f1b5c0ca0712
Sha256: ca5d7fa4af0ff19d1bea2fcd160d1b21ae8882eede473c3100e766934c81cc63
                                        
                                            OPTIONS /ingestion/event HTTP/1.1 
Host: beta-api.sonetel.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type,x-sonetel-lang,x-sonetel-referrer
Referer: https://www.kitakits.com/
Origin: https://www.kitakits.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.193.235.220
HTTP/1.1 200 OK
Content-Type: application/octet-stream
                                        
Server: nginx
Date: Tue, 29 Nov 2022 06:35:13 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,origin,Content-Range,Range,x-sonetel-lang,x-sonetel-referrer
Access-Control-Max-Age: 3600
Strict-Transport-Security: max-age=15768000; includeSubDomains; always

                                        
                                            POST /ingestion/event HTTP/1.1 
Host: beta-api.sonetel.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Sonetel-Referrer: https://www.kitakits.com/cg/v3/chaseonline-login.php
X-Sonetel-Lang:
Content-Type: application/json;charset=utf-8
Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJwYXJ0aWNpcGFudF9qaWQiOiI2YWUwZmM2Yy0yNGFhLTRhMmEtODlmOS1jMjU2N2Y2OWIzOTZAZXUwMS5zb25ldGVsLmNvbSIsImF1ZCI6ImFwaS5zb25ldGVsLmNvbSIsInNjb3BlIjpbInBhcnRpY2lwYW50LnJlYWQiLCJwYXJ0aWNpcGFudC53cml0ZSIsImNvbnZlcnNhdGlvbi5yZWFkIiwiY29udmVyc2F0aW9uLndyaXRlIl0sInBhcnRpY2lwYW50X2lkIjoiNmFlMGZjNmMtMjRhYS00YTJhLTg5ZjktYzI1NjdmNjliMzk2IiwiaXNzIjoiU29uZXRlbE5vZGUxMjMiLCJleHAiOjE2NzA5OTk3MTEsImlhdCI6MTY2OTcwMzcxMSwiY2xpZW50X2lkIjoic29uZXRlbC13ZWIiLCJhY2NfaWQiOjIwNzIzODE3NiwianRpIjoiMTVmN2M5ZmItZDZmMS00NGMzLTgxMmQtZmYwNTM1NDIzZmVlIn0.V0Fm6t_tx8C921nDOeTJjdqYO20_lzHaqtUY0H9WP9t84PX-JfFv69dQyp8qPFE5yDY84DP13wyj0sbvgzkTWtO97wQd2sy-85lybaOWTEaM5AjkEjnn8jiVvcUerDuK_hh5gj-pN54Qb3Zym_QsF6ralKq44alXkRFRru8VluWb2agyzrveo0QLKkczJKYzGqQFQWBDEPgsG3VsOvJdg8AYr8DrsPV8Kth4ADsKVJR4yKlNocy8XLqfZ5KRNyqscODxRjqCKe943EpYGDLdchn8CsRWPN2jN_kZvXvx-Y34TubzDKK1PgsUTIe-jeDl2Ey9Aj9YqY0iUSg2-fLEcQ
Content-Length: 752
Origin: https://www.kitakits.com
Connection: keep-alive
Referer: https://www.kitakits.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.193.235.220
HTTP/1.1 202
Content-Type: application/json;charset=UTF-8
                                        
Server: nginx
Date: Tue, 29 Nov 2022 06:35:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Application-Context: gourmand:beta:9032
Access-Control-Allow-Origin: *
Vary: Origin
Access-Control-Allow-Credentials: true


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   123
Md5:    438e96601dadd25cf7ea52b3fcbbdcc4
Sha1:   27763b1a123550eaa42991202190cbfb2d5fc414
Sha256: 6273f3053c27820fbd205fee1c142fa875fc13a0b6e95393aeeb5e4a777a5533
                                        
                                            GET /templates/assets/Icons/ChatButtonBlack.png HTTP/1.1 
Host: widget.sonetel.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kitakits.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         143.204.55.68
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 1718
last-modified: Wed, 19 Dec 2018 07:43:36 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: 5Bl435sQEgEVPtzHEIo52GVEogO3ooSa
accept-ranges: bytes
server: AmazonS3
date: Tue, 29 Nov 2022 06:35:14 GMT
etag: "01dbb2d4397b6b1b77b7017d77768aee"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: oq40_-0fq6qmilKfteCzKOe_F6DBzShLu9R67W_kuhiZWspDjIiJaA==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 152 x 132, 8-bit colormap, non-interlaced\012- data
Size:   1718
Md5:    01dbb2d4397b6b1b77b7017d77768aee
Sha1:   a1271d8ce75f6167edee934d0f2f81a73baa54ff
Sha256: 16c558383aa1845c31d90434aa109dcf434c2433adb44561f3b97a7a1ea45472
                                        
                                            GET /cg/v3/chaseonline-login.php HTTP/1.1 
Host: www.kitakits.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         65.60.35.102
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
x-powered-by: PHP/7.4.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.kitakits.com/wp-json/>; rel="https://api.w.org/"
content-encoding: br
vary: Accept-Encoding
date: Tue, 29 Nov 2022 06:35:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /SonetelWidget.min.js HTTP/1.1 
Host: widget.sonetel.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kitakits.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.68
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Mon, 03 Oct 2022 10:08:40 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-s3b-last-modified: 20220930T211830Z
x-amz-version-id: IrcPI9GwfECVXHDX6zXCpsAS51wW1utH
server: AmazonS3
content-encoding: gzip
date: Tue, 29 Nov 2022 06:35:09 GMT
etag: W/"665910f5bfe7d466cdae8f052fe478d7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: f6p5CgEAm6697vV1PaxfHPNrxbpimGsgOFGRYG0PJPn7PXffSXgLzQ==
age: 25
X-Firefox-Spdy: h2


--- Additional Info ---