Report - www.six-mile-ranch.ca/sp-news/2024/05/08/sevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst/

Report Overview

Submitted URL
www.six-mile-ranch.ca/sp-news/2024/05/08/sevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst/
IP
188.114.97.1
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-08 10:37:52
Access
public
Website Title
Sevyn Streeter to headline Rochester's Juneteenth festival – RochesterFirst - MRC Online
Final URL
www.six-mile-ranch.ca/sp-news/2024/05/08/sevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
16

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
coordinatereopen.com	unknown	unknown	No data	No data	493 B	467 B	172.240.108.76
cdn.cloudimagesb.com	23099	2020-10-06	2021-02-12	2024-05-07	896 B	210 kB	45.133.44.10
unseenreport.com	unknown	2022-03-30	2022-03-30	2024-05-07	741 B	423 B	192.243.61.225
www.six-mile-ranch.ca	unknown	unknown	No data	No data	8.9 kB	373 kB	188.114.96.1
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21	2024-05-07	338 B	942 B	143.204.53.97
proftrafficcounter.com	unknown	2023-11-16	2023-11-21	2024-05-08	1.5 kB	1.0 kB	52.29.105.35
secure.gravatar.com	1671	2004-07-15	2012-05-22	2024-05-07	951 B	3.9 kB	192.0.73.2
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-07	554 B	3.2 kB	142.250.74.106
i0.wp.com	3021	1997-03-28	2013-09-17	2024-05-07	620 B	26 kB	192.0.77.2
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-08	1.1 kB	48 kB	142.250.74.99
heedlessplanallusion.com	unknown	2023-09-18	2023-09-18	2024-01-17	447 B	13 kB	172.240.108.76
shapedcongest.com	unknown	unknown	No data	No data	1.4 kB	34 kB	192.243.59.13
intelligenceconcerning.com	unknown	2024-05-06	2024-05-07	2024-05-07	3.6 kB	37 kB	172.240.108.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-08	medium	heedlessplanallusion.com	Sinkholed
2024-05-08	medium	intelligenceconcerning.com	Sinkholed
2024-05-08	medium	shapedcongest.com	Sinkholed
2024-05-08	medium	intelligenceconcerning.com	Sinkholed
2024-05-08	medium	shapedcongest.com	Sinkholed
2024-05-08	medium	intelligenceconcerning.com	Sinkholed
2024-05-08	medium	coordinatereopen.com	Sinkholed
2024-05-08	medium	unseenreport.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (27)

	URL	Size	First Seen	Last Seen
	www.six-mile-ranch.ca/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1711014324	11 kB	2024-01-21	2024-05-19
Pretty URL www.six-mile-ranch.ca/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1711014324 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-21 19:52:24 Last Seen2024-05-19 20:14:09 Times Seen691 Hash 91954b488a9bfcade528d6ff5c7ce83f edf589eb28247c73ccc04e5b34ad107b90bd1b2e 6bc5622bfab1a16855ad49b99a3f9ed8eb24f49da469a113f9000b866f109e2e Loading...

	unknown	3.3 kB	2024-05-08	2024-05-08
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 12:38:00 Last Seen2024-05-08 12:38:00 Times Seen1 Hash 416de2f4378b675d59f37c81b134c8ce 0b35ded6c3ede2cba3f0de3bfd3fdb8a66cc9eea 0ea6be82e1e93a35305062dcd56a866050a3b6bced280e606d6e06e1a2b15bf5 Loading...

	heedlessplanallusion.com/9d3b448e547be241c68efc985e24dcc2/invoke.js	31 kB	2024-05-08	2024-05-08
Pretty URL heedlessplanallusion.com/9d3b448e547be241c68efc985e24dcc2/invoke.js IP 172.240.108.76 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 12:38:00 Last Seen2024-05-08 12:38:01 Times Seen2 Hash b3a89c5cdfeee80bf44d510794a5ccbe 54602170469f7f58f307cf734753b45c8848ad01 ac13cba96a01d774dbcf6acf6bba774735adb83073c2fbdb66204423a946130e Loading...

	www.six-mile-ranch.ca/wp-includes/js/wp-emoji-release.min.js?ver=6.5.3	19 kB	2024-03-13	2024-05-19
Pretty URL www.six-mile-ranch.ca/wp-includes/js/wp-emoji-release.min.js?ver=6.5.3 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-13 16:02:37 Last Seen2024-05-19 21:09:52 Times Seen5362 Hash b976b651932bfd25b9ddb5b7693d88a7 7fcb7cb5c11227f9213b1e08a07d0212209e1432 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3 Loading...

	www.six-mile-ranch.ca/sp-news/2024/05/08/sevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst/	3.3 kB	2024-05-08	2024-05-10
Pretty URL www.six-mile-ranch.ca/sp-news/2024/05/08/sevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-08 12:38:00 Last Seen2024-05-10 06:07:34 Times Seen2 Hash addf73b5a8e77cf2884bf0811c51f176 523ef9e9c7932788401844a78347ead4046ad8a3 79e32d762b4d2ab06fa0d9ba2c7cb9f7cb75cd2dc0b16ba2d14cb1f3a42080fd Loading...

	www.six-mile-ranch.ca/sp-news/2024/05/08/sevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst/	372 B	2024-04-26	2024-05-11
Pretty URL www.six-mile-ranch.ca/sp-news/2024/05/08/sevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-26 23:59:43 Last Seen2024-05-11 19:07:47 Times Seen13 Hash c8c3e0ac92321ac255220144febf7214 3d0836fda61dff9850273563d0bccb0c4c60f885 a5a1763d6bde3c83d3396c11cc6d3541147fad4ef4abaf46f2be03e9a555094c Loading...

	www.six-mile-ranch.ca/wp-content/plugins/featured-image-from-url/includes/html/js/json-ld.js?ver=4.7.4	507 B	2024-03-22	2024-05-19
Pretty URL www.six-mile-ranch.ca/wp-content/plugins/featured-image-from-url/includes/html/js/json-ld.js?ver=4.7.4 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-22 15:26:50 Last Seen2024-05-19 15:54:46 Times Seen46 Hash 7400be6825870bab4c9b079e24e0132d 394e6d8296d3cee3628a106d7e091f066c606af8 8b9e686457dcdbe229329076432ea1239d05c3d4411f89bcebf0951bbf00ff6d Loading...

	www.six-mile-ranch.ca/wp-includes/js/comment-reply.min.js?ver=6.5.3	3.0 kB	2023-03-07	2024-05-19
Pretty URL www.six-mile-ranch.ca/wp-includes/js/comment-reply.min.js?ver=6.5.3 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-05-19 21:48:50 Times Seen30419 Hash 492f2c1a7ea7eb83fe42e0ff7cb51aa2 db36a77f6aaa2063bfbec02c2c0e967438c5a245 e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789 Loading...

	www.six-mile-ranch.ca/wp-content/plugins/wp-automatic/js/main-front.js?ver=6.5.3	1.0 kB	2023-03-07	2024-05-19
Pretty URL www.six-mile-ranch.ca/wp-content/plugins/wp-automatic/js/main-front.js?ver=6.5.3 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:21 Last Seen2024-05-19 15:54:46 Times Seen806 Hash 110e06930c2043d5439adeb9999f07f5 1294fd7195b1c2652c3627fe7a57f71d447313b3 d503937452e40c21fce10346b29287ad23b221a372547f248da87ca5efb55767 Loading...

	www.six-mile-ranch.ca/sp-news/2024/05/08/sevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst/	98 B	2024-04-10	2024-05-11
Pretty URL www.six-mile-ranch.ca/sp-news/2024/05/08/sevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-10 17:35:03 Last Seen2024-05-11 19:07:47 Times Seen30 Hash 943d0828305b7fffcee63720ab297353 0af67ef5eeb188730502b4885f171e4c343fb22e ac5930440fe8be9005bae09ce1c2e9458c90f7428bcd7c7eb0191df1e90c71d6 Loading...

	heedlessplanallusion.com/9d3b448e547be241c68efc985e24dcc2/invoke.js	31 kB	2024-05-08	2024-05-08
Pretty URL heedlessplanallusion.com/9d3b448e547be241c68efc985e24dcc2/invoke.js IP 172.240.108.76 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 12:38:00 Last Seen2024-05-08 12:38:00 Times Seen1 Hash 4762010bcfd089aa3b399fe8c3274d1b bc243b19806c4f8ae13139fffa9537da37c64b93 adf8f42b0929ee7e6cf3c44ff092a2dc6c5fcfb9bf701d451b6ae05a25ffd74f Loading...

	unknown	145 B	2024-04-26	2024-05-11
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 23:59:43 Last Seen2024-05-11 19:07:47 Times Seen13 Hash ddf7646fb83712fc2a5917b331362732 72023e439ff21a3e12309e3cdb31e4e1eb46c54a 1714c05c3fae3df1aa46a9548768aaf477efdecd15bcc94dcc52e53baa0c08bc Loading...

	www.six-mile-ranch.ca/sp-news/2024/05/08/sevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst/	424 B	2024-05-08	2024-05-10
Pretty URL www.six-mile-ranch.ca/sp-news/2024/05/08/sevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-08 12:38:00 Last Seen2024-05-10 06:07:34 Times Seen2 Hash eb958c1679533a8ed8a8c13ffdd55537 c137c5c65f961b1392deeb5cf75d2bc2623a3761 6a99af0ea66a438c9b4d660dd1375aa97248f385b8b96b1804ad67f54f041097 Loading...

	www.six-mile-ranch.ca/wp-content/themes/newspaperss/js/newspaperss_other.min.js?ver=1	226 kB	2023-03-10	2024-05-10
Pretty URL www.six-mile-ranch.ca/wp-content/themes/newspaperss/js/newspaperss_other.min.js?ver=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 01:06:00 Last Seen2024-05-10 06:07:35 Times Seen51 Hash 64d0a6a2e8a55009812de758a7028571 a350345d93d3d825848be66b4f42e29b1de35bf6 663e5684a7acd3bbe38304a9420b104f3ea052acd60564c40b86185ff1779885 Loading...

	www.six-mile-ranch.ca/wp-content/themes/newspaperss/js/newspaperss.min.js?ver=1	3.3 kB	2024-05-08	2024-05-10
Pretty URL www.six-mile-ranch.ca/wp-content/themes/newspaperss/js/newspaperss.min.js?ver=1 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 07:57:20 Last Seen2024-05-10 06:07:35 Times Seen4 Hash 1c1708d574b2191e39d1b0d6cd4ac3f3 6ec172a6e919e525d37d386fa7da79941992c279 7b4f9d14c07fcb7e61e1aaee43c746bc88dfc1e16eca20a9f4f0724721e30913 Loading...

	www.six-mile-ranch.ca/sp-news/2024/05/08/sevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst/	87 B	2023-03-07	2024-05-19
Pretty URL www.six-mile-ranch.ca/sp-news/2024/05/08/sevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:06:26 Last Seen2024-05-19 20:14:08 Times Seen6339 Hash bd5f648f4fa75f28b17faffe66049687 c9c2791b295684a919a2bfd7b7e2ef5aab3c178a 1a4ba4a340b3f30596d32c1b272ddcfdbf3ccb8e89c2fa917ea60469017aeee4 Loading...

	www.six-mile-ranch.ca/sp-news/2024/05/08/sevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst/	255 B	2024-05-08	2024-05-08
Pretty URL www.six-mile-ranch.ca/sp-news/2024/05/08/sevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-08 12:38:00 Last Seen2024-05-08 12:38:00 Times Seen1 Hash 270cffce1945262e30b20718f1035a02 1c955b6dc515c1fa9f4a0369566b4b5280e6f2d0 e74d5c6cd35ed2d2b9e7025e53a5326d3ba8482edeb27b428de64780f43196cf Loading...

	downstairsnegotiatebarren.com/sfp.js	86 kB	2024-03-29	2024-05-17
Pretty URL downstairsnegotiatebarren.com/sfp.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-29 13:13:34 Last Seen2024-05-17 14:49:08 Times Seen3553 Hash f4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716 Loading...

	intelligenceconcerning.com/4b/bc/23/4bbc23a92db768bab73820890bd8fa3d.js	84 kB	2024-05-08	2024-05-08
Pretty URL intelligenceconcerning.com/4b/bc/23/4bbc23a92db768bab73820890bd8fa3d.js IP 172.240.108.76 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 12:38:00 Last Seen2024-05-08 12:38:01 Times Seen2 Hash bbce594570a601cc484ead9ae865ebfb 4324cc2fe8422527552118b0b5416778e27daa58 bc4c3e9c9eef6834751ea954cd8e6a7227b6ddf5b141e9368434530efaae5452 Loading...

	shapedcongest.com/4b/bc/23/4bbc23a92db768bab73820890bd8fa3d.js	84 kB	2024-05-08	2024-05-08
Pretty URL shapedcongest.com/4b/bc/23/4bbc23a92db768bab73820890bd8fa3d.js IP 192.243.59.13 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 12:38:00 Last Seen2024-05-08 12:38:01 Times Seen2 Hash d07f99ddde42e01d88ba3574dc3ef691 e1d02db5c8437a3e55501710bc0a4f56c65367a7 baff1a0124d383fa105e5d3295f55245acfb588a25cb2fa9d16b8ceac269eb58 Loading...

	unknown	3.3 kB	2024-05-08	2024-05-08
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 12:38:00 Last Seen2024-05-08 12:38:00 Times Seen1 Hash 5d192e79c04e69e52e2d1c2da2479c42 11c6971d61f3d20e953f791ce0125772ea71cf46 ad05b6b09f73f4002c294ff95d64a6680ca28a46a23e0dbe652f06a8b90c83d8 Loading...

	www.six-mile-ranch.ca/wp-includes/js/jquery/jquery.min.js?ver=3.7.1	88 kB	2023-11-03	2024-05-19
Pretty URL www.six-mile-ranch.ca/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-03 09:26:43 Last Seen2024-05-19 21:09:51 Times Seen49131 Hash 826eb77e86b02ab7724fe3d0141ff87c 79cd3587d565afe290076a8d36c31c305a573d18 cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf Loading...

	www.six-mile-ranch.ca/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1	14 kB	2023-05-09	2024-05-19
Pretty URL www.six-mile-ranch.ca/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-09 19:21:05 Last Seen2024-05-19 21:09:51 Times Seen87645 Hash 9ffeb32e2d9efbf8f70caabded242267 3ad0c10e501ac2a9bfa18f9cd7e700219b378738 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89 Loading...

	www.six-mile-ranch.ca/sp-news/2024/05/08/sevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst/	395 B	2023-03-11	2024-05-10
Pretty URL www.six-mile-ranch.ca/sp-news/2024/05/08/sevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-11 14:04:45 Last Seen2024-05-10 06:07:35 Times Seen21 Hash 672d106ab2384e770f1ad8a0c5e1a814 a89705d31b66ab51d6a6eea3ccd7d6046bcbd72f a422b9a7e051a4965fe788ab3086d8b0ec19cc372607ba929542dbd213c1db47 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 39d2d8a826867ae60e8eb9c45029af1d	2.1 kB	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 12:38:00 Last Seen2024-05-08 12:38:01 Times Seen1 Hash 39d2d8a826867ae60e8eb9c45029af1d cb8c32c61491e9dd0bf37a26cf9c7b4122ec894e 5fd2cb414c0de9b1cfb178d971d482bc8b21bd8960988b4d7d13aa9c026710e9 Loading...

	#2 Eval - 20991e2e414b9cc0888245a9d77e8eba	2.1 kB	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 12:38:01 Last Seen2024-05-08 12:38:01 Times Seen1 Hash 20991e2e414b9cc0888245a9d77e8eba d6c347b320326875b408376d3816229dc8116bed 55dc748efc981654739c1972d3421e9e4e46fe8147d4a70b4034e872d3ceb5ea Loading...

		Size	First Seen	Last Seen
	#1 Write - 818b6b129690c0e47bb408865b7f30de	116 B	2024-04-26	2024-05-11
Pretty Observations First Seen2024-04-26 23:59:44 Last Seen2024-05-11 19:07:47 Times Seen13 Hash 818b6b129690c0e47bb408865b7f30de 8723f5326ad6350069a8d6cdc6a32f0969937581 4c732d6c2f5f6950e3768f6c873d21b38427ce2eb6e4c967a9478e1e7238e45e Loading...

HTTP Transactions (35)

URL IP Response Size

www.six-mile-ranch.ca/wp-content/themes/newspaperss/css/newspaperss.min.css?ver=1.0

188.114.96.1

200 OK

22 kB

URL GET HTTP/3
www.six-mile-ranch.ca/wp-content/themes/newspaperss/css/newspaperss.min.css?ver=1.0
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.six-mile-ranch.ca/sp-news/2024/05/08/sevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst/
Certificate
IssuerLet's Encrypt
Subjectsix-mile-ranch.ca
Fingerprint28:C5:C9:4E:34:F2:E7:6E:C7:EE:FC:C9:76:B8:6B:B8:9D:6E:AE:A1
ValiditySun, 28 Apr 2024 14:19:52 GMT - Sat, 27 Jul 2024 14:19:51 GMT

File type
Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size
22 kB (22528 bytes)
Hash
d39c26cf9a6a4eefab9832a20f1ff5fc
7d58e1c7c1d29203ef8efc9aeffd7e67eeaf6e32
077dfd9a39946d218e3052428a9281909f7ae77142e35f2b3e9eeb60a0bf4b2c

HTTP Headers

GET /wp-content/themes/newspaperss/css/newspaperss.min.css?ver=1.0 HTTP/1.1
Host: www.six-mile-ranch.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.six-mile-ranch.ca/sp-news/2024/05/08/sevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 10:37:26 GMT
content-type: text/css
cache-control: public, max-age=43200
expires: Mon, 29 Apr 2024 03:30:02 GMT
etag: W/"25208-662a0abc-5aa175;br"
last-modified: Thu, 25 Apr 2024 07:48:12 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 888
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OB0SR1N7RS4qKO4Kh%2FoWRBMKgNZ6E3KqgUpLYBEToeygEsHd12X0kmhOLFKS0CDxos9EcKdIRAocJJRddKo%2F2DMH1xfgJfh2GHJIehW8V6WxNl%2FVMrpubHDiwypZOZSMPHv12VcQr4g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8808d07facb20b55-OSL
content-encoding: br

fonts.googleapis.com/css?family=Ubuntu%3A400%2C500%2C700%7CLato%3A400%2C700%2C400italic%2C700italic%7COpen+Sans%3A400%2C400italic%2C700&subset=latin%2Clatin-ext

142.250.74.106

2.6 kB

URL
fonts.googleapis.com/css?family=Ubuntu%3A400%2C500%2C700%7CLato%3A400%2C700%2C400italic%2C700italic%7COpen+Sans%3A400%2C400italic%2C700&subset=latin%2Clatin-ext
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
gzip compressed data, max compression
Size
2.6 kB (2600 bytes)
Hash
f2087f8d4aede0acda2b6ea73dbf15f2
fea921630762ba14dc881b4d8540156f8510bef1
5654fe591fac09205ea9aa04b4892163490944dcb452cf0739a143542942846e

HTTP Headers

GET /css?family=Ubuntu%3A400%2C500%2C700%7CLato%3A400%2C700%2C400italic%2C700italic%7COpen+Sans%3A400%2C400italic%2C700&subset=latin%2Clatin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.six-mile-ranch.ca/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 10:37:26 GMT
date: Wed, 08 May 2024 10:37:26 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

i0.wp.com/c104216-ucdn.mp.lura.live/expiretime=2082787200/6c71704f1e32073a0bfc2d5deb4bade50bc87d65258d803e8822278134674fbc/iupl_lin/074/DA5/074DA5DAFF8E20DD50D39EF54ED24849.jpg?w=1920&resize=1920,600&ssl=1

192.0.77.2

25 kB

URL
i0.wp.com/c104216-ucdn.mp.lura.live/expiretime=2082787200/6c71704f1e32073a0bfc2d5deb4bade50bc87d65258d803e8822278134674fbc/iupl_lin/074/DA5/074DA5DAFF8E20DD50D39EF54ED24849.jpg?w=1920&resize=1920,600&ssl=1
IP
192.0.77.2:0
ASN
#2635 AUTOMATTIC

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x600, Scaling: [none]x[none], YUV color, decoders should clamp
Size
25 kB (25412 bytes)
Hash
02cd7ea90cb76b8b03b84c027a3ed797
655dc34a233c85ed449f640a392159baf700cd6d
7da6f4631b8f776be29d91d4a6127e78eca085f3b12deee47b15f12260894745

HTTP Headers

GET /c104216-ucdn.mp.lura.live/expiretime=2082787200/6c71704f1e32073a0bfc2d5deb4bade50bc87d65258d803e8822278134674fbc/iupl_lin/074/DA5/074DA5DAFF8E20DD50D39EF54ED24849.jpg?w=1920&resize=1920,600&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.six-mile-ranch.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 10:37:26 GMT
content-type: image/webp
content-length: 25412
last-modified: Wed, 08 May 2024 10:37:26 GMT
expires: Fri, 08 May 2026 22:37:26 GMT
cache-control: public, max-age=63115200
link: <https://c104216-ucdn.mp.lura.live/expiretime=2082787200/6c71704f1e32073a0bfc2d5deb4bade50bc87d65258d803e8822278134674fbc/iupl_lin/074/DA5/074DA5DAFF8E20DD50D39EF54ED24849.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "880365f308c969f9"
vary: Accept
x-nc: MISS arn 6
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

142.250.74.99

200 OK

24 kB

URL GET HTTP/2
fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://www.six-mile-ranch.ca/sp-news/2024/05/08/sevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 23580, version 1.0
Size
24 kB (23580 bytes)
Hash
e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

HTTP Headers

GET /s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.six-mile-ranch.ca
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 23:17:17 GMT
expires: Fri, 02 May 2025 23:17:17 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
age: 472809
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

heedlessplanallusion.com/9d3b448e547be241c68efc985e24dcc2/invoke.js

172.240.108.76

200 OK

12 kB

URL GET HTTP/1.1
heedlessplanallusion.com/9d3b448e547be241c68efc985e24dcc2/invoke.js
IP
172.240.108.76:443
ASN
#7979 SERVERS-COM

Requested by
https://www.six-mile-ranch.ca/sp-news/2024/05/08/sevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst/
Certificate
IssuerLet's Encrypt
Subjectheedlessplanallusion.com
Fingerprint22:FE:62:81:B7:05:16:32:08:5A:33:B1:A4:DE:C2:EC:39:69:1B:DB
ValiditySun, 17 Mar 2024 07:41:47 GMT - Sat, 15 Jun 2024 07:41:46 GMT

File type
JavaScript source, ASCII text, with very long lines (31342), with no line terminators
Size
12 kB (11868 bytes)
Hash
b3a89c5cdfeee80bf44d510794a5ccbe
54602170469f7f58f307cf734753b45c8848ad01
ac13cba96a01d774dbcf6acf6bba774735adb83073c2fbdb66204423a946130e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /9d3b448e547be241c68efc985e24dcc2/invoke.js HTTP/1.1
Host: heedlessplanallusion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.six-mile-ranch.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 08 May 2024 10:37:27 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 73ee7d1ca9c53b22268da28f3937c74e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ocsp.r2m03.amazontrust.com/

143.204.53.97

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
143.204.53.97:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
3a1e61864f6877260287982fa7e36085
6d426b2327915af4f120ff6b18ebd20ed03c2a2b
9ee2ee3f0b60937becb4aa057c348332dd277e32b268f5c0ea260c0d2a2af498

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Wed, 08 May 2024 10:37:27 GMT
Last-Modified: Wed, 08 May 2024 09:11:32 GMT
Server: ECAcc (ska/F7A5)
X-Cache: Miss from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: MJmvu_ov0TmtXTuYd2Vd2D0WT9KagUBSd5wSrmGQxlYp6KKcTP-Erg==
Age: 5155

www.six-mile-ranch.ca/wp-includes/js/comment-reply.min.js?ver=6.5.3

188.114.96.1

200 OK

13 kB

URL GET HTTP/3
www.six-mile-ranch.ca/wp-includes/js/comment-reply.min.js?ver=6.5.3
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.six-mile-ranch.ca/sp-news/2024/05/08/sevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst/
Certificate
IssuerLet's Encrypt
Subjectsix-mile-ranch.ca
Fingerprint28:C5:C9:4E:34:F2:E7:6E:C7:EE:FC:C9:76:B8:6B:B8:9D:6E:AE:A1
ValiditySun, 28 Apr 2024 14:19:52 GMT - Sat, 27 Jul 2024 14:19:51 GMT

File type
ASCII text, with very long lines (2946)
Size
13 kB (13159 bytes)
Hash
492f2c1a7ea7eb83fe42e0ff7cb51aa2
db36a77f6aaa2063bfbec02c2c0e967438c5a245
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

HTTP Headers

GET /wp-includes/js/comment-reply.min.js?ver=6.5.3 HTTP/1.1
Host: www.six-mile-ranch.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.six-mile-ranch.ca/sp-news/2024/05/08/sevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 10:37:26 GMT
content-type: text/javascript
etag: W/"ba5-65f308ae-2797b3;br"
last-modified: Thu, 14 Mar 2024 14:24:46 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 888
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=drvltyXPlSQWKkKamgaZEbEwuzpGPJqt1mzb%2B4i5QgY871jzUCDo2Esm02enyH97ZGtfgWC5r05yQSoBbiykyY59fb9uIHuntVSLg6Oe3gYxxEthug5XmoVuK6cXWf20JpMy1pkhiOA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8808d07fccd50b55-OSL
content-encoding: br

proftrafficcounter.com/stats

52.29.105.35

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
52.29.105.35:443
ASN
#16509 AMAZON-02

Requested by
https://www.six-mile-ranch.ca/sp-news/2024/05/08/sevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst/
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
1b7c815ec52e7efbb985516bcfb4326e
9457c2393c7bd5a5dd84d5eeabd16ea4c0627916
a687bde53e2f0fe82004454e7386fe22f74a1c551611341cb36e6be7a112988f

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.six-mile-ranch.ca
DNT: 1
Connection: keep-alive
Referer: https://www.six-mile-ranch.ca/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 10:37:27 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.six-mile-ranch.ca
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=4dc5784b-62d8-4866-9313-446b9250fb74:2:1; expires=Sat, 06 May 2034 10:37:27 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

52.29.105.35

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
52.29.105.35:443
ASN
#16509 AMAZON-02

Requested by
https://www.six-mile-ranch.ca/sp-news/2024/05/08/sevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst/
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
1b7c815ec52e7efbb985516bcfb4326e
9457c2393c7bd5a5dd84d5eeabd16ea4c0627916
a687bde53e2f0fe82004454e7386fe22f74a1c551611341cb36e6be7a112988f

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.six-mile-ranch.ca
DNT: 1
Connection: keep-alive
Referer: https://www.six-mile-ranch.ca/
Cookie: uid_id2=4dc5784b-62d8-4866-9313-446b9250fb74:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 10:37:27 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.six-mile-ranch.ca
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2

www.six-mile-ranch.ca/wp-content/themes/newspaperss/fonts/awesome/fonts/fontawesome-webfont.woff2?v=4.7.0

188.114.96.1

200 OK

77 kB

URL GET HTTP/3
www.six-mile-ranch.ca/wp-content/themes/newspaperss/fonts/awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.six-mile-ranch.ca/sp-news/2024/05/08/sevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst/
Certificate
IssuerLet's Encrypt
Subjectsix-mile-ranch.ca
Fingerprint28:C5:C9:4E:34:F2:E7:6E:C7:EE:FC:C9:76:B8:6B:B8:9D:6E:AE:A1
ValiditySun, 28 Apr 2024 14:19:52 GMT - Sat, 27 Jul 2024 14:19:51 GMT

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /wp-content/themes/newspaperss/fonts/awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: www.six-mile-ranch.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.six-mile-ranch.ca/wp-content/themes/newspaperss/fonts/awesome/css/font-awesome.min.css?ver=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 10:37:27 GMT
content-type: font/woff2
content-length: 77160
cache-control: public, max-age=43200
expires: Mon, 29 Apr 2024 03:36:25 GMT
etag: "12d68-662a0abc-62713b;;;"
last-modified: Thu, 25 Apr 2024 07:48:12 GMT
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 19298
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bc0pCXu4XP3HN459yiyZQbf3DXntoXGVY7%2FjJp9MhAgZgUMSbNw8ZGDmwlZJgcDP8l8y3km8u1Cne%2Bjhw0ZY6M8XqirrclNZWuRxSjF%2Bs2iaIJG7fBxuK9rSoQVXYQjD3VgOjDwT7kY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8808d0887cf10b55-OSL

fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

142.250.74.99

23 kB

URL
fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP
142.250.74.99:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 23040, version 1.0
Size
23 kB (23040 bytes)
Hash
de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

HTTP Headers

GET /s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.six-mile-ranch.ca
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:06:03 GMT
expires: Fri, 02 May 2025 02:06:03 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:07:25 GMT
content-type: font/woff2
age: 549084
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

intelligenceconcerning.com/4b/bc/23/4bbc23a92db768bab73820890bd8fa3d.js

172.240.108.76

30 kB

URL
intelligenceconcerning.com/4b/bc/23/4bbc23a92db768bab73820890bd8fa3d.js
IP
172.240.108.76:0
ASN
#7979 SERVERS-COM

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
30 kB (30407 bytes)
Hash
bbce594570a601cc484ead9ae865ebfb
4324cc2fe8422527552118b0b5416778e27daa58
bc4c3e9c9eef6834751ea954cd8e6a7227b6ddf5b141e9368434530efaae5452

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /4b/bc/23/4bbc23a92db768bab73820890bd8fa3d.js HTTP/1.1
Host: intelligenceconcerning.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.six-mile-ranch.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 08 May 2024 10:37:27 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3cb6cc4169271588ecdcfd316859c429
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

proftrafficcounter.com/stats

52.29.105.35

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
52.29.105.35:443
ASN
#16509 AMAZON-02

Requested by
https://www.six-mile-ranch.ca/sp-news/2024/05/08/sevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst/
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
1b7c815ec52e7efbb985516bcfb4326e
9457c2393c7bd5a5dd84d5eeabd16ea4c0627916
a687bde53e2f0fe82004454e7386fe22f74a1c551611341cb36e6be7a112988f

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.six-mile-ranch.ca
DNT: 1
Connection: keep-alive
Referer: https://www.six-mile-ranch.ca/
Cookie: uid_id2=4dc5784b-62d8-4866-9313-446b9250fb74:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 10:37:28 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.six-mile-ranch.ca
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2

shapedcongest.com/4b/bc/23/4bbc23a92db768bab73820890bd8fa3d.js

192.243.59.13

200 OK

30 kB

URL GET HTTP/1.1
shapedcongest.com/4b/bc/23/4bbc23a92db768bab73820890bd8fa3d.js
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.six-mile-ranch.ca/sp-news/2024/05/08/sevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst/
Certificate
IssuerLet's Encrypt
Subjectshapedcongest.com
Fingerprint92:A2:D9:7A:1E:FD:F7:37:DF:46:9B:BD:2F:92:7E:81:1D:89:61:01
ValidityMon, 06 May 2024 12:44:57 GMT - Sun, 04 Aug 2024 12:44:56 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
30 kB (30392 bytes)
Hash
d07f99ddde42e01d88ba3574dc3ef691
e1d02db5c8437a3e55501710bc0a4f56c65367a7
baff1a0124d383fa105e5d3295f55245acfb588a25cb2fa9d16b8ceac269eb58

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /4b/bc/23/4bbc23a92db768bab73820890bd8fa3d.js HTTP/1.1
Host: shapedcongest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.six-mile-ranch.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 08 May 2024 10:37:28 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b676ff94ca9639ab83aa3452bb55f16a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

intelligenceconcerning.com/watch.1649074185275.js?key=9d3b448e547be241c68efc985e24dcc2&kw=%5B%22sevyn%22%2C%22streeter%22%2C%22to%22%2C%22headline%22%2C%22rochester%22%2C%22s%22%2C%22juneteenth%22%2C%22festival%22%2C%22%E2%80%93%22%2C%22rochesterfirst%22%2C%22-%22%2C%22mrc%22%2C%22online%22%5D&refer=https%3A%2F%2Fwww.six-mile-ranch.ca%2Fsp-news%2F2024%2F05%2F08%2Fsevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst%2F&tz=0&dev=e&res=14.2071&uuid=4dc5784b-62d8-4866-9313-446b9250fb74%3A2%3A1

172.240.108.76

0 B

URL
intelligenceconcerning.com/watch.1649074185275.js?key=9d3b448e547be241c68efc985e24dcc2&kw=%5B%22sevyn%22%2C%22streeter%22%2C%22to%22%2C%22headline%22%2C%22rochester%22%2C%22s%22%2C%22juneteenth%22%2C%22festival%22%2C%22%E2%80%93%22%2C%22rochesterfirst%22%2C%22-%22%2C%22mrc%22%2C%22online%22%5D&refer=https%3A%2F%2Fwww.six-mile-ranch.ca%2Fsp-news%2F2024%2F05%2F08%2Fsevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst%2F&tz=0&dev=e&res=14.2071&uuid=4dc5784b-62d8-4866-9313-446b9250fb74%3A2%3A1
IP
172.240.108.76:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.1649074185275.js?key=9d3b448e547be241c68efc985e24dcc2&kw=%5B%22sevyn%22%2C%22streeter%22%2C%22to%22%2C%22headline%22%2C%22rochester%22%2C%22s%22%2C%22juneteenth%22%2C%22festival%22%2C%22%E2%80%93%22%2C%22rochesterfirst%22%2C%22-%22%2C%22mrc%22%2C%22online%22%5D&refer=https%3A%2F%2Fwww.six-mile-ranch.ca%2Fsp-news%2F2024%2F05%2F08%2Fsevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst%2F&tz=0&dev=e&res=14.2071&uuid=4dc5784b-62d8-4866-9313-446b9250fb74%3A2%3A1 HTTP/1.1
Host: intelligenceconcerning.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.six-mile-ranch.ca
DNT: 1
Connection: keep-alive
Referer: https://www.six-mile-ranch.ca/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Wed, 08 May 2024 10:37:28 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.six-mile-ranch.ca
Access-Control-Allow-Origin: https://www.six-mile-ranch.ca
Access-Control-Allow-Credentials: true
Location: https://intelligenceconcerning.com/watch.1649074185275.js?dev=e&key=9d3b448e547be241c68efc985e24dcc2&kw=%5B%22sevyn%22%2C%22streeter%22%2C%22to%22%2C%22headline%22%2C%22rochester%22%2C%22s%22%2C%22juneteenth%22%2C%22festival%22%2C%22%E2%80%93%22%2C%22rochesterfirst%22%2C%22-%22%2C%22mrc%22%2C%22online%22%5D&pst=1715164708&refer=https%3A%2F%2Fwww.six-mile-ranch.ca%2Fsp-news%2F2024%2F05%2F08%2Fsevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst%2F&res=14.2071&rmtc=t&shu=318f6915db21bd56b1808b52fb3f2d92ed93dc12b99284b7033e5ac163079524bed99024b0993acc635b45bfd743f09675db7bb98306d998d66ceb9c375d07dd489c1e23b70c31c42cac6d9f3add6f4c196d01d2177fed08d7fcd424e0b1&tz=0&uuid=4dc5784b-62d8-4866-9313-446b9250fb74%3A2%3A1
Set-Cookie: u_pl=16664818; expires=Thu, 09 May 2024 10:37:28 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY2NDgxOCwiayI6IjlkM2I0NDhlNTQ3YmUyNDFjNjhlZmM5ODVlMjRkY2MyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjgxODg4LCJwaWQiOjE1NDYxMiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6Imo2YzYxNGp3YmciLCJjcGtzIjp7IjI4IjoiNGJiYzIzYTkyZGI3NjhiYWI3MzgyMDg5MGJkOGZhM2QiLCIyOSI6IjczMzQzNmNkNjM5YWRjNjlkN2IxMTBlNzQ4NmYwYWVhIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy5zaXgtbWlsZS1yYW5jaC5jYS9zcC1uZXdzLzIwMjQvMDUvMDgvc2V2eW4tc3RyZWV0ZXItdG8taGVhZGxpbmUtcm9jaGVzdGVycy1qdW5ldGVlbnRoLWZlc3RpdmFsLXJvY2hlc3RlcmZpcnN0LyIsImFyIjpbXX19.YNJoG-IAy2Dwgm1CV3ERzB3bAag4G91_bltWht-Aq3Q; expires=Wed, 08 May 2024 10:38:28 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 75cc10d7c45d798d9aaf58a8e9a4563d
Strict-Transport-Security: max-age=0; includeSubdomains

shapedcongest.com/watch.1182072946737.js?key=9d3b448e547be241c68efc985e24dcc2&kw=%5B%22sevyn%22%2C%22streeter%22%2C%22to%22%2C%22headline%22%2C%22rochester%22%2C%22s%22%2C%22juneteenth%22%2C%22festival%22%2C%22%E2%80%93%22%2C%22rochesterfirst%22%2C%22-%22%2C%22mrc%22%2C%22online%22%5D&refer=https%3A%2F%2Fwww.six-mile-ranch.ca%2Fsp-news%2F2024%2F05%2F08%2Fsevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst%2F&tz=0&dev=e&res=14.2071&uuid=4dc5784b-62d8-4866-9313-446b9250fb74%3A2%3A1

192.243.59.13

0 B

URL
shapedcongest.com/watch.1182072946737.js?key=9d3b448e547be241c68efc985e24dcc2&kw=%5B%22sevyn%22%2C%22streeter%22%2C%22to%22%2C%22headline%22%2C%22rochester%22%2C%22s%22%2C%22juneteenth%22%2C%22festival%22%2C%22%E2%80%93%22%2C%22rochesterfirst%22%2C%22-%22%2C%22mrc%22%2C%22online%22%5D&refer=https%3A%2F%2Fwww.six-mile-ranch.ca%2Fsp-news%2F2024%2F05%2F08%2Fsevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst%2F&tz=0&dev=e&res=14.2071&uuid=4dc5784b-62d8-4866-9313-446b9250fb74%3A2%3A1
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

Certificate
IssuerLet's Encrypt
Subjectshapedcongest.com
Fingerprint92:A2:D9:7A:1E:FD:F7:37:DF:46:9B:BD:2F:92:7E:81:1D:89:61:01
ValidityMon, 06 May 2024 12:44:57 GMT - Sun, 04 Aug 2024 12:44:56 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.1182072946737.js?key=9d3b448e547be241c68efc985e24dcc2&kw=%5B%22sevyn%22%2C%22streeter%22%2C%22to%22%2C%22headline%22%2C%22rochester%22%2C%22s%22%2C%22juneteenth%22%2C%22festival%22%2C%22%E2%80%93%22%2C%22rochesterfirst%22%2C%22-%22%2C%22mrc%22%2C%22online%22%5D&refer=https%3A%2F%2Fwww.six-mile-ranch.ca%2Fsp-news%2F2024%2F05%2F08%2Fsevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst%2F&tz=0&dev=e&res=14.2071&uuid=4dc5784b-62d8-4866-9313-446b9250fb74%3A2%3A1 HTTP/1.1
Host: shapedcongest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.six-mile-ranch.ca
DNT: 1
Connection: keep-alive
Referer: https://www.six-mile-ranch.ca/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Wed, 08 May 2024 10:37:28 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.six-mile-ranch.ca
Access-Control-Allow-Origin: https://www.six-mile-ranch.ca
Access-Control-Allow-Credentials: true
Location: https://shapedcongest.com/watch.1182072946737.js?dev=e&key=9d3b448e547be241c68efc985e24dcc2&kw=%5B%22sevyn%22%2C%22streeter%22%2C%22to%22%2C%22headline%22%2C%22rochester%22%2C%22s%22%2C%22juneteenth%22%2C%22festival%22%2C%22%E2%80%93%22%2C%22rochesterfirst%22%2C%22-%22%2C%22mrc%22%2C%22online%22%5D&pst=1715164708&refer=https%3A%2F%2Fwww.six-mile-ranch.ca%2Fsp-news%2F2024%2F05%2F08%2Fsevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst%2F&res=14.2071&rmtc=t&shu=cf8544be411e8fbe31c3b19c2cc651ce7257f3a78b5e26a4917848d4f0094be7a1af2964dd21489acba58f9a068af2d7cdc6e207ac39b9606b216275afcfce0f0dba7dd4f3792857313ada6b906f566e32f1a3&tz=0&uuid=4dc5784b-62d8-4866-9313-446b9250fb74%3A2%3A1
Set-Cookie: u_pl=16664818; expires=Thu, 09 May 2024 10:37:28 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY2NDgxOCwiayI6IjlkM2I0NDhlNTQ3YmUyNDFjNjhlZmM5ODVlMjRkY2MyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjgxODg4LCJwaWQiOjE1NDYxMiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6Imo2YzYxNGp3YmciLCJjcGtzIjp7IjI4IjoiNGJiYzIzYTkyZGI3NjhiYWI3MzgyMDg5MGJkOGZhM2QiLCIyOSI6IjczMzQzNmNkNjM5YWRjNjlkN2IxMTBlNzQ4NmYwYWVhIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy5zaXgtbWlsZS1yYW5jaC5jYS9zcC1uZXdzLzIwMjQvMDUvMDgvc2V2eW4tc3RyZWV0ZXItdG8taGVhZGxpbmUtcm9jaGVzdGVycy1qdW5ldGVlbnRoLWZlc3RpdmFsLXJvY2hlc3RlcmZpcnN0LyIsImFyIjpbXX19.YNJoG-IAy2Dwgm1CV3ERzB3bAag4G91_bltWht-Aq3Q; expires=Wed, 08 May 2024 10:38:28 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ba425e038f780c44e89f491d033ede2e
Strict-Transport-Security: max-age=0; includeSubdomains

intelligenceconcerning.com/watch.1649074185275.js?dev=e&key=9d3b448e547be241c68efc985e24dcc2&kw=%5B%22sevyn%22%2C%22streeter%22%2C%22to%22%2C%22headline%22%2C%22rochester%22%2C%22s%22%2C%22juneteenth%22%2C%22festival%22%2C%22%E2%80%93%22%2C%22rochesterfirst%22%2C%22-%22%2C%22mrc%22%2C%22online%22%5D&pst=1715164708&refer=https%3A%2F%2Fwww.six-mile-ranch.ca%2Fsp-news%2F2024%2F05%2F08%2Fsevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst%2F&res=14.2071&rmtc=t&shu=318f6915db21bd56b1808b52fb3f2d92ed93dc12b99284b7033e5ac163079524bed99024b0993acc635b45bfd743f09675db7bb98306d998d66ceb9c375d07dd489c1e23b70c31c42cac6d9f3add6f4c196d01d2177fed08d7fcd424e0b1&tz=0&uuid=4dc5784b-62d8-4866-9313-446b9250fb74%3A2%3A1

172.240.108.76

200 OK

2.0 kB

URL GET HTTP/1.1
intelligenceconcerning.com/watch.1649074185275.js?dev=e&key=9d3b448e547be241c68efc985e24dcc2&kw=%5B%22sevyn%22%2C%22streeter%22%2C%22to%22%2C%22headline%22%2C%22rochester%22%2C%22s%22%2C%22juneteenth%22%2C%22festival%22%2C%22%E2%80%93%22%2C%22rochesterfirst%22%2C%22-%22%2C%22mrc%22%2C%22online%22%5D&pst=1715164708&refer=https%3A%2F%2Fwww.six-mile-ranch.ca%2Fsp-news%2F2024%2F05%2F08%2Fsevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst%2F&res=14.2071&rmtc=t&shu=318f6915db21bd56b1808b52fb3f2d92ed93dc12b99284b7033e5ac163079524bed99024b0993acc635b45bfd743f09675db7bb98306d998d66ceb9c375d07dd489c1e23b70c31c42cac6d9f3add6f4c196d01d2177fed08d7fcd424e0b1&tz=0&uuid=4dc5784b-62d8-4866-9313-446b9250fb74%3A2%3A1
IP
172.240.108.76:443
ASN
#7979 SERVERS-COM

Requested by
https://www.six-mile-ranch.ca/sp-news/2024/05/08/sevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst/
Certificate
IssuerLet's Encrypt
Subjectintelligenceconcerning.com
FingerprintC0:A5:42:A6:FF:2A:A2:5A:B8:05:95:E6:77:40:C1:82:5F:95:09:51
ValidityMon, 06 May 2024 08:11:10 GMT - Sun, 04 Aug 2024 08:11:09 GMT

File type
JavaScript source, ASCII text, with very long lines (2468)
Size
2.0 kB (2003 bytes)
Hash
ad365de04cecaaa953b82eb15ff802e7
7a7bab2b9431ea5f8f3298074c9dbb9772ba083a
3bdf00a087e0d7cf879e7d6fb3529023cd58c8692ef55709c50c5accdb310e14

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.1649074185275.js?dev=e&key=9d3b448e547be241c68efc985e24dcc2&kw=%5B%22sevyn%22%2C%22streeter%22%2C%22to%22%2C%22headline%22%2C%22rochester%22%2C%22s%22%2C%22juneteenth%22%2C%22festival%22%2C%22%E2%80%93%22%2C%22rochesterfirst%22%2C%22-%22%2C%22mrc%22%2C%22online%22%5D&pst=1715164708&refer=https%3A%2F%2Fwww.six-mile-ranch.ca%2Fsp-news%2F2024%2F05%2F08%2Fsevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst%2F&res=14.2071&rmtc=t&shu=318f6915db21bd56b1808b52fb3f2d92ed93dc12b99284b7033e5ac163079524bed99024b0993acc635b45bfd743f09675db7bb98306d998d66ceb9c375d07dd489c1e23b70c31c42cac6d9f3add6f4c196d01d2177fed08d7fcd424e0b1&tz=0&uuid=4dc5784b-62d8-4866-9313-446b9250fb74%3A2%3A1 HTTP/1.1
Host: intelligenceconcerning.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.six-mile-ranch.ca
Referer: https://www.six-mile-ranch.ca/
DNT: 1
Connection: keep-alive
Cookie: u_pl=16664818; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY2NDgxOCwiayI6IjlkM2I0NDhlNTQ3YmUyNDFjNjhlZmM5ODVlMjRkY2MyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjgxODg4LCJwaWQiOjE1NDYxMiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6Imo2YzYxNGp3YmciLCJjcGtzIjp7IjI4IjoiNGJiYzIzYTkyZGI3NjhiYWI3MzgyMDg5MGJkOGZhM2QiLCIyOSI6IjczMzQzNmNkNjM5YWRjNjlkN2IxMTBlNzQ4NmYwYWVhIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy5zaXgtbWlsZS1yYW5jaC5jYS9zcC1uZXdzLzIwMjQvMDUvMDgvc2V2eW4tc3RyZWV0ZXItdG8taGVhZGxpbmUtcm9jaGVzdGVycy1qdW5ldGVlbnRoLWZlc3RpdmFsLXJvY2hlc3RlcmZpcnN0LyIsImFyIjpbXX19.YNJoG-IAy2Dwgm1CV3ERzB3bAag4G91_bltWht-Aq3Q
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 08 May 2024 10:37:28 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.six-mile-ranch.ca
Access-Control-Allow-Origin: https://www.six-mile-ranch.ca
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=4dc5784b-62d8-4866-9313-446b9250fb74:2:1; expires=Wed, 15 May 2024 10:37:28 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 09 May 2024 10:37:28 GMT; secure; SameSite=None
uncs=1; expires=Thu, 09 May 2024 10:37:28 GMT; secure; SameSite=None
pdhtkv5=true; expires=Thu, 09 May 2024 10:37:28 GMT; secure; SameSite=None
uncs5=1; expires=Thu, 09 May 2024 10:37:28 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 456335b0fb862362ca118104e9cf4233
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

www.six-mile-ranch.ca/wp-includes/js/wp-emoji-release.min.js?ver=6.5.3

188.114.96.1

6.9 kB

URL
www.six-mile-ranch.ca/wp-includes/js/wp-emoji-release.min.js?ver=6.5.3
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectsix-mile-ranch.ca
Fingerprint28:C5:C9:4E:34:F2:E7:6E:C7:EE:FC:C9:76:B8:6B:B8:9D:6E:AE:A1
ValiditySun, 28 Apr 2024 14:19:52 GMT - Sat, 27 Jul 2024 14:19:51 GMT

File type
JavaScript source, ASCII text, with very long lines (15752)
Size
6.9 kB (6922 bytes)
Hash
b976b651932bfd25b9ddb5b7693d88a7
7fcb7cb5c11227f9213b1e08a07d0212209e1432
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.5.3 HTTP/1.1
Host: www.six-mile-ranch.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.six-mile-ranch.ca/sp-news/2024/05/08/sevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 10:37:28 GMT
content-type: text/javascript
etag: W/"4926-660cda9f-2797f4;br"
last-modified: Wed, 03 Apr 2024 04:27:11 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hICGec2hsLjyf9v%2FkHEy7x5PFRmd8jzQDPtoHX6h1pxE6Udz0ThSPsc0FB%2FmCOsL9sj9iRhCKFdup1jiv0HPQ%2BTc6TTug4H8BbflHgkFkxchRfn5JAVAIpPEcm0EzvOBatSRuKLjSAY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8808d088dd350b55-OSL
content-encoding: br

coordinatereopen.com/pixel/purst?dl=0&th=0&sc=0&rs=2338&rd=2338&fd=527&bv=24.5.6485&tmpl=136

172.240.108.76

200 OK

0 B

URL GET HTTP/1.1
coordinatereopen.com/pixel/purst?dl=0&th=0&sc=0&rs=2338&rd=2338&fd=527&bv=24.5.6485&tmpl=136
IP
172.240.108.76:443
ASN
#7979 SERVERS-COM

Requested by
https://www.six-mile-ranch.ca/sp-news/2024/05/08/sevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst/
Certificate
IssuerLet's Encrypt
Subjectcoordinatereopen.com
Fingerprint50:B4:D6:69:01:CA:60:05:4D:2C:55:98:1C:68:5D:64:DE:67:14:BD
ValidityMon, 06 May 2024 12:55:45 GMT - Sun, 04 Aug 2024 12:55:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=2338&rd=2338&fd=527&bv=24.5.6485&tmpl=136 HTTP/1.1
Host: coordinatereopen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.six-mile-ranch.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 08 May 2024 10:37:28 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

www.six-mile-ranch.ca/wp-content/uploads/2024/04/cropped-Screen-Shot-2024-04-28-at-23.35.14-32x32.png

188.114.96.1

754 B

URL
www.six-mile-ranch.ca/wp-content/uploads/2024/04/cropped-Screen-Shot-2024-04-28-at-23.35.14-32x32.png
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectsix-mile-ranch.ca
Fingerprint28:C5:C9:4E:34:F2:E7:6E:C7:EE:FC:C9:76:B8:6B:B8:9D:6E:AE:A1
ValiditySun, 28 Apr 2024 14:19:52 GMT - Sat, 27 Jul 2024 14:19:51 GMT

File type
PNG image data, 32 x 32, 8-bit grayscale, non-interlaced
Size
754 B (754 bytes)
Hash
513d877c384225e0dce3e09fdd4fbda1
8af0ff2265d5d07a6e93de77b27acc24c0a2c14a
cbb6c90ca9c960ba2218ed1e96134c9b10e7c6805840bb74360ace52def85ff2

HTTP Headers

GET /wp-content/uploads/2024/04/cropped-Screen-Shot-2024-04-28-at-23.35.14-32x32.png HTTP/1.1
Host: www.six-mile-ranch.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.six-mile-ranch.ca/sp-news/2024/05/08/sevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst/
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=4dc5784b-62d8-4866-9313-446b9250fb74%3A2%3A1; pp_main_4bbc23a92db768bab73820890bd8fa3d=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 10:37:28 GMT
content-type: image/png
content-length: 754
cache-control: public, max-age=43200
expires: Mon, 29 Apr 2024 03:36:13 GMT
etag: "2f2-662e6ce4-3f0ada;;;"
last-modified: Sun, 28 Apr 2024 15:36:04 GMT
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 886
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iLgQwNrMH9FczU0vik%2BOxoaYmYJAN5rZd5kmom0wHaTo3%2Bw6YgvDZtKN%2FaF1QS5%2BjdIdD6mEdKrDPealfF2nzMN7fWZMBaLek0mK6S13nb6oXoXJfdlL6Qt%2F4yzUi7OKjtYxvrha84U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8808d08e499a0b55-OSL

secure.gravatar.com/avatar/8de23714f6330d48377941441b3ed38f?s=140&d=mm&r=g

192.0.73.2

200 OK

1.9 kB

URL GET HTTP/2
secure.gravatar.com/avatar/8de23714f6330d48377941441b3ed38f?s=140&d=mm&r=g
IP
192.0.73.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://www.six-mile-ranch.ca/sp-news/2024/05/08/sevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst/
Certificate
IssuerSectigo Limited
Subject*.gravatar.com
Fingerprint28:34:17:4E:69:95:4B:B9:70:DF:D4:0F:AA:2C:8D:60:F2:45:E7:D0
ValidityTue, 05 Dec 2023 00:00:00 GMT - Sat, 04 Jan 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 140x140, components 3
Size
1.9 kB (1890 bytes)
Hash
724711adff838728ee631ff6cf65bb53
c1f01222a22ab2f664ed96a2b2d6d01fd52689e9
266e57f17f36e1539eff8c03e9c1b86b18d83d089c09994a65c5ad8fc2cfa603

HTTP Headers

GET /avatar/8de23714f6330d48377941441b3ed38f?s=140&d=mm&r=g HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.six-mile-ranch.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 10:37:28 GMT
content-type: image/jpeg
content-length: 1890
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
link: <https://gravatar.com/avatar/8de23714f6330d48377941441b3ed38f?s=140&d=mm&r=g>; rel="canonical"
access-control-allow-origin: *
content-disposition: inline; filename="8de23714f6330d48377941441b3ed38f.png"
expires: Wed, 08 May 2024 10:42:28 GMT
cache-control: max-age=300
x-nc: HIT arn 2
alt-svc: h3=":443"; ma=86400
accept-ranges: bytes
X-Firefox-Spdy: h2

www.six-mile-ranch.ca/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

188.114.96.1

200 OK

6.0 kB

URL GET HTTP/3
www.six-mile-ranch.ca/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.six-mile-ranch.ca/sp-news/2024/05/08/sevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst/
Certificate
IssuerLet's Encrypt
Subjectsix-mile-ranch.ca
Fingerprint28:C5:C9:4E:34:F2:E7:6E:C7:EE:FC:C9:76:B8:6B:B8:9D:6E:AE:A1
ValiditySun, 28 Apr 2024 14:19:52 GMT - Sat, 27 Jul 2024 14:19:51 GMT

File type
JavaScript source, ASCII text, with very long lines (13479)
Size
6.0 kB (5984 bytes)
Hash
9ffeb32e2d9efbf8f70caabded242267
3ad0c10e501ac2a9bfa18f9cd7e700219b378738
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
Host: www.six-mile-ranch.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.six-mile-ranch.ca/sp-news/2024/05/08/sevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 10:37:26 GMT
content-type: text/javascript
etag: W/"3509-65f308ad-2796d9;br"
last-modified: Thu, 14 Mar 2024 14:24:45 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 888
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YtJv1fzs44Og5JmvxoTlzrI2feGzP3kyiJaHxql8Se07IEw7OaotyOHR1Crr2CQvEI1V5UAxQqsSniN%2Bw5z0gxVlA48hlrMAzb0oHq1KG0RSKNYMZcYknMjVVmaJMNdgzIpaLADjh%2FM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8808d07fbcc40b55-OSL
content-encoding: br

www.six-mile-ranch.ca/wp-content/uploads/2024/04/cropped-Screen-Shot-2024-04-28-at-23.35.14-192x192.png

188.114.96.1

200 OK

8.2 kB

URL GET HTTP/3
www.six-mile-ranch.ca/wp-content/uploads/2024/04/cropped-Screen-Shot-2024-04-28-at-23.35.14-192x192.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.six-mile-ranch.ca/sp-news/2024/05/08/sevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst/
Certificate
IssuerLet's Encrypt
Subjectsix-mile-ranch.ca
Fingerprint28:C5:C9:4E:34:F2:E7:6E:C7:EE:FC:C9:76:B8:6B:B8:9D:6E:AE:A1
ValiditySun, 28 Apr 2024 14:19:52 GMT - Sat, 27 Jul 2024 14:19:51 GMT

File type
PNG image data, 192 x 192, 8-bit grayscale, non-interlaced
Size
8.2 kB (8237 bytes)
Hash
7b2b7b2afe6a2eea8da641796eb32989
75c5179bf4710dd534127af03cd4655e412cf749
f19999b5ccf85d6c28fbbb15c3155ad0d79dda55e5aa0ad621ec879aa1d9148a

HTTP Headers

GET /wp-content/uploads/2024/04/cropped-Screen-Shot-2024-04-28-at-23.35.14-192x192.png HTTP/1.1
Host: www.six-mile-ranch.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.six-mile-ranch.ca/sp-news/2024/05/08/sevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst/
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=4dc5784b-62d8-4866-9313-446b9250fb74%3A2%3A1; pp_main_4bbc23a92db768bab73820890bd8fa3d=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 10:37:28 GMT
content-type: image/png
content-length: 8237
cache-control: public, max-age=43200
expires: Mon, 29 Apr 2024 04:33:44 GMT
etag: "202d-662e6ce4-3f0ad8;;;"
last-modified: Sun, 28 Apr 2024 15:36:04 GMT
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jl7%2FVBprNwaJp6UlKCBpeLjfBBSXSC9INbXawapub7D2qX6Om9bhCU7scdgrunBqF2o4xom2szRHt6iSnZp21i6l1YokOTA1TiVTXpX4Q2bAa%2F7vWmT0fD9ihW3%2BmF5ka%2BJX%2Bs7VPN4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8808d08e39930b55-OSL

cdn.cloudimagesb.com/cti/a6/98/59/a69859f4eba916402d687172cccc4814/1708072295.png

45.133.44.10

200 OK

73 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/a6/98/59/a69859f4eba916402d687172cccc4814/1708072295.png
IP
45.133.44.10:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.six-mile-ranch.ca/sp-news/2024/05/08/sevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0
ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT

File type
PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced
Size
73 kB (73016 bytes)
Hash
967ccbf525790b3d6e9ca46b436acef7
0351b0b4fab8bc70e1bce3872bc538fc976a7b44
1698a3cc4a295999590b0dd32fb7d21426a94d2578d3d9ebffa4b1b788aca43a

HTTP Headers

GET /cti/a6/98/59/a69859f4eba916402d687172cccc4814/1708072295.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 10:37:28 GMT
content-type: image/png
content-length: 73016
server: nginx/1.21.6
last-modified: Fri, 16 Feb 2024 08:31:43 GMT
etag: "65cf1d6f-11d38"
expires: Fri, 10 May 2024 10:37:28 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/cti/fe/3b/00/fe3b00c58303840cb3ab664e9686952e/1627915911.png

45.133.44.10

200 OK

136 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/fe/3b/00/fe3b00c58303840cb3ab664e9686952e/1627915911.png
IP
45.133.44.10:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.six-mile-ranch.ca/sp-news/2024/05/08/sevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0
ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT

File type
PNG image data, 300 x 250, 8-bit/color RGB, non-interlaced
Size
136 kB (136090 bytes)
Hash
11675ef6f5c8559ec0ade47755155665
20df6be038de603b97f849e07460cd0600b34867
4d361374b3e2e4f8de896a1f1014d500ed0802bf028d2c7bbd606f9e87ba88a4

HTTP Headers

GET /cti/fe/3b/00/fe3b00c58303840cb3ab664e9686952e/1627915911.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 10:37:28 GMT
content-type: image/png
content-length: 136090
server: nginx/1.21.6
last-modified: Mon, 02 Aug 2021 14:51:59 GMT
etag: "6108068f-2139a"
expires: Fri, 10 May 2024 10:37:28 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

unseenreport.com/pxf.gif?uuid=4dc5784b-62d8-4866-9313-446b9250fb74&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=4bbc23a92db768bab73820890bd8fa3d&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=10

192.243.61.225

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=4dc5784b-62d8-4866-9313-446b9250fb74&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=4bbc23a92db768bab73820890bd8fa3d&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=10
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.six-mile-ranch.ca/sp-news/2024/05/08/sevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst/
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13
ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=4dc5784b-62d8-4866-9313-446b9250fb74&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=4bbc23a92db768bab73820890bd8fa3d&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=10 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.six-mile-ranch.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 08 May 2024 10:37:29 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e7486eaf3180b8f257634c047b9a5392
Strict-Transport-Security: max-age=0; includeSubdomains

www.six-mile-ranch.ca/wp-content/plugins/wp-automatic/css/wp-automatic.css?ver=1.0.0

188.114.96.1

7.2 kB

URL
www.six-mile-ranch.ca/wp-content/plugins/wp-automatic/css/wp-automatic.css?ver=1.0.0
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectsix-mile-ranch.ca
Fingerprint28:C5:C9:4E:34:F2:E7:6E:C7:EE:FC:C9:76:B8:6B:B8:9D:6E:AE:A1
ValiditySun, 28 Apr 2024 14:19:52 GMT - Sat, 27 Jul 2024 14:19:51 GMT

File type
ASCII text, with very long lines (2367), with no line terminators
Size
7.2 kB (7211 bytes)
Hash
79dc2fc9e9be25c4e4b65af78a1cf86a
36b819e4e1c0761f95c86743a307cff518e4c7ef
da26f75773d686f672adddeabc4378a593a11845f01c01dbd2c941744d2ff96a

HTTP Headers

GET /wp-content/plugins/wp-automatic/css/wp-automatic.css?ver=1.0.0 HTTP/1.1
Host: www.six-mile-ranch.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.six-mile-ranch.ca/sp-news/2024/05/08/sevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 10:37:26 GMT
content-type: text/css
cache-control: public, max-age=43200
cf-bgj: minify
cf-polished: origSize=2713
alt-svc: h3=":443"; ma=86400
etag: W/"a99-660daf50-3f1069;br"
expires: Mon, 29 Apr 2024 03:30:02 GMT
last-modified: Wed, 03 Apr 2024 19:34:40 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 19299
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=umIVa7An2IZYkGFbkeQVNg%2FLigRJe8LQhEwPSD7pWroDwVq9YDoVcwKJ5SzovKxs7nwGbXLQeyLdVntnHjm%2BSST1R4u%2F%2B22LPKuZXSGl7Ra9REtpK%2F6%2FArbgPNeFLflW%2FljqZ%2B21Hd0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8808d07facb00b55-OSL
content-encoding: br

www.six-mile-ranch.ca/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

188.114.96.1

200 OK

88 kB

URL GET HTTP/3
www.six-mile-ranch.ca/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.six-mile-ranch.ca/sp-news/2024/05/08/sevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst/
Certificate
IssuerLet's Encrypt
Subjectsix-mile-ranch.ca
Fingerprint28:C5:C9:4E:34:F2:E7:6E:C7:EE:FC:C9:76:B8:6B:B8:9D:6E:AE:A1
ValiditySun, 28 Apr 2024 14:19:52 GMT - Sat, 27 Jul 2024 14:19:51 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
88 kB (87553 bytes)
Hash
826eb77e86b02ab7724fe3d0141ff87c
79cd3587d565afe290076a8d36c31c305a573d18
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
Host: www.six-mile-ranch.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.six-mile-ranch.ca/sp-news/2024/05/08/sevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 10:37:26 GMT
content-type: text/javascript
etag: W/"15601-65f308ae-2796e0;br"
last-modified: Thu, 14 Mar 2024 14:24:46 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 888
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rhmrYNmTe1%2FF24b1nJf1tSzvBpsm2LscX%2FqvZdMO6Iaeqiub4jWuWjXF6qqOrHyQ0nJ2cO9cZGv8GLlTDsDGEb7CqOtKWlratDODvWB%2FSfbLnXeQRN9HRLeBum7FdGd%2B6HzuEfSgfAw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8808d07fbcc10b55-OSL
content-encoding: br

www.six-mile-ranch.ca/wp-content/plugins/wp-automatic/js/main-front.js?ver=6.5.3

188.114.96.1

200 OK

1.0 kB

URL GET HTTP/3
www.six-mile-ranch.ca/wp-content/plugins/wp-automatic/js/main-front.js?ver=6.5.3
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.six-mile-ranch.ca/sp-news/2024/05/08/sevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst/
Certificate
IssuerLet's Encrypt
Subjectsix-mile-ranch.ca
Fingerprint28:C5:C9:4E:34:F2:E7:6E:C7:EE:FC:C9:76:B8:6B:B8:9D:6E:AE:A1
ValiditySun, 28 Apr 2024 14:19:52 GMT - Sat, 27 Jul 2024 14:19:51 GMT

File type
JavaScript source, ASCII text, with very long lines (1092), with no line terminators
Size
1.0 kB (1017 bytes)
Hash
cb9255d8f9b56663038c8fb95c3ccd21
465ae30e920f88dc421d065a348c5f0d75a0af5f
1e1c484d9c4ccc48ff66e0d2e1504fd9e22cb3efdb567b0dd1deeaac5ee0ff21

HTTP Headers

GET /wp-content/plugins/wp-automatic/js/main-front.js?ver=6.5.3 HTTP/1.1
Host: www.six-mile-ranch.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.six-mile-ranch.ca/sp-news/2024/05/08/sevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 10:37:26 GMT
content-type: text/javascript
etag: W/"3f9-660daf50-3f104a;br"
last-modified: Wed, 03 Apr 2024 19:34:40 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 888
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fx%2FAG2iNz2EEWoZ1H8XXyit1LM8L8EBe4a4TLvj9jS%2FXAUcXAEQio2%2B4Rt60ehMDMdJ8iFYC5HkCQNaGovb6zjtny7UNCRstoOOClT14pR3dtoiKHusUUiwLpbilmYNOKBJXMVKSbjg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8808d07fbcc50b55-OSL
content-encoding: br

www.six-mile-ranch.ca/wp-includes/css/dist/block-library/style.min.css?ver=6.5.3

188.114.96.1

200 OK

113 kB

URL GET HTTP/3
www.six-mile-ranch.ca/wp-includes/css/dist/block-library/style.min.css?ver=6.5.3
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.six-mile-ranch.ca/sp-news/2024/05/08/sevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst/
Certificate
IssuerLet's Encrypt
Subjectsix-mile-ranch.ca
Fingerprint28:C5:C9:4E:34:F2:E7:6E:C7:EE:FC:C9:76:B8:6B:B8:9D:6E:AE:A1
ValiditySun, 28 Apr 2024 14:19:52 GMT - Sat, 27 Jul 2024 14:19:51 GMT

File type

Size
113 kB (113381 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.5.3 HTTP/1.1
Host: www.six-mile-ranch.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.six-mile-ranch.ca/sp-news/2024/05/08/sevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 10:37:26 GMT
content-type: text/css
cache-control: public, max-age=43200
expires: Wed, 08 May 2024 14:25:29 GMT
etag: W/"1bae5-660cda9f-3f0a70;br"
last-modified: Wed, 03 Apr 2024 04:27:11 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 19299
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kJnu0w67f4SGPjiRlxmNMOfADjv%2Bf8BhvSsJvllE5yt4EI0iH%2FNQHS%2Fm3CNaSayXYBAs4q5M5VLUjxbUM%2Bt%2BZqb%2B45F0aMST3O%2FVGbWyM%2BzV4iUYD%2FPeFxknRvHBEMSrjnULqU1zNio%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8808d07facaf0b55-OSL
content-encoding: br

www.six-mile-ranch.ca/wp-content/themes/newspaperss/js/newspaperss.min.js?ver=1

188.114.96.1

200 OK

3.3 kB

URL GET HTTP/3
www.six-mile-ranch.ca/wp-content/themes/newspaperss/js/newspaperss.min.js?ver=1
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.six-mile-ranch.ca/sp-news/2024/05/08/sevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst/
Certificate
IssuerLet's Encrypt
Subjectsix-mile-ranch.ca
Fingerprint28:C5:C9:4E:34:F2:E7:6E:C7:EE:FC:C9:76:B8:6B:B8:9D:6E:AE:A1
ValiditySun, 28 Apr 2024 14:19:52 GMT - Sat, 27 Jul 2024 14:19:51 GMT

File type
JavaScript source, ASCII text, with very long lines (3421), with no line terminators
Size
3.3 kB (3295 bytes)
Hash
4c5f2b7d3ef3417df6f1b4f23f70fd63
c5d26046202083582e27b074fbd8145e7e6d586d
a5f5ccb7a5084ecacf956958ff039e38d554c22e9fe4776ad3582b47d115a080

HTTP Headers

GET /wp-content/themes/newspaperss/js/newspaperss.min.js?ver=1 HTTP/1.1
Host: www.six-mile-ranch.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.six-mile-ranch.ca/sp-news/2024/05/08/sevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 10:37:26 GMT
content-type: text/javascript
etag: W/"cdf-662a0abd-6272ef;br"
last-modified: Thu, 25 Apr 2024 07:48:13 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 888
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JaqVGMkCO1nyLmRhyPSac%2B9fTzFOdqcSXag6S4xkRgUBYaLEk0MOS2HaCULRTVbrIpytRXXMVksQSQ0PXpHe%2FbGUx%2BbxkP4uvL4qWfY%2FK0VsM%2BTdKK88rqgoKHUe41XQRLKwCMNOM%2Fg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8808d07fbcc70b55-OSL
content-encoding: br

secure.gravatar.com/avatar/8de23714f6330d48377941441b3ed38f?s=40&d=mm&r=g

192.0.73.2

200 OK

983 B

URL GET HTTP/2
secure.gravatar.com/avatar/8de23714f6330d48377941441b3ed38f?s=40&d=mm&r=g
IP
192.0.73.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://www.six-mile-ranch.ca/sp-news/2024/05/08/sevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst/
Certificate
IssuerSectigo Limited
Subject*.gravatar.com
Fingerprint28:34:17:4E:69:95:4B:B9:70:DF:D4:0F:AA:2C:8D:60:F2:45:E7:D0
ValidityTue, 05 Dec 2023 00:00:00 GMT - Sat, 04 Jan 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 40x40, components 3
Size
983 B (983 bytes)
Hash
75dfb23da6e6730d066e698773b3fd45
3b45961e6fcf7708b89f59d28b18edc96a641016
ca775cd8ab837239f9497e8afe90403d78cb37581c0adfe4003012d24bea020e

HTTP Headers

GET /avatar/8de23714f6330d48377941441b3ed38f?s=40&d=mm&r=g HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.six-mile-ranch.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 10:37:28 GMT
content-type: image/jpeg
content-length: 983
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
link: <https://gravatar.com/avatar/8de23714f6330d48377941441b3ed38f?s=40&d=mm&r=g>; rel="canonical"
access-control-allow-origin: *
content-disposition: inline; filename="8de23714f6330d48377941441b3ed38f.png"
expires: Wed, 08 May 2024 10:42:28 GMT
cache-control: max-age=300
x-nc: HIT arn 2
alt-svc: h3=":443"; ma=86400
accept-ranges: bytes
X-Firefox-Spdy: h2

www.six-mile-ranch.ca/wp-content/themes/silk-newspaper/style.css?ver=1.1.0

188.114.96.1

200 OK

3.7 kB

URL GET HTTP/3
www.six-mile-ranch.ca/wp-content/themes/silk-newspaper/style.css?ver=1.1.0
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.six-mile-ranch.ca/sp-news/2024/05/08/sevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst/
Certificate
IssuerLet's Encrypt
Subjectsix-mile-ranch.ca
Fingerprint28:C5:C9:4E:34:F2:E7:6E:C7:EE:FC:C9:76:B8:6B:B8:9D:6E:AE:A1
ValiditySun, 28 Apr 2024 14:19:52 GMT - Sat, 27 Jul 2024 14:19:51 GMT

File type
ASCII text, with very long lines (3688), with no line terminators
Size
3.7 kB (3688 bytes)
Hash
0c38873963984766aede3d91255121c7
9257f51772471b88719d612f875cdf2f005d7648
60d60ee1da0a197cc7612f74dab62392ae5c55c8edeb09af823422e5023c3026

HTTP Headers

GET /wp-content/themes/silk-newspaper/style.css?ver=1.1.0 HTTP/1.1
Host: www.six-mile-ranch.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.six-mile-ranch.ca/sp-news/2024/05/08/sevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 10:37:26 GMT
content-type: text/css
cache-control: public, max-age=43200
cf-bgj: minify
cf-polished: origSize=6127
alt-svc: h3=":443"; ma=86400
etag: W/"17ef-662a0ab2-56b57b;br"
expires: Mon, 29 Apr 2024 03:30:02 GMT
last-modified: Thu, 25 Apr 2024 07:48:02 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 19298
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5iKYNqZVJZSl3oD5qCwom07Tfo0jLJY7dkdl2JXYXQ4vfOapX9vhVvrtdRf8bdJAzb%2FWBTSTPd%2BK1tW4Rv09tfYAtrXFHrX9SAH1bQmMD29kLqJt%2BOpNEuzMG3bz2WNcNe3LY1rwm6c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8808d07fbcbd0b55-OSL
content-encoding: br

www.six-mile-ranch.ca/wp-content/plugins/featured-image-from-url/includes/html/js/json-ld.js?ver=4.7.4

188.114.96.1

200 OK

507 B

URL GET HTTP/3
www.six-mile-ranch.ca/wp-content/plugins/featured-image-from-url/includes/html/js/json-ld.js?ver=4.7.4
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.six-mile-ranch.ca/sp-news/2024/05/08/sevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst/
Certificate
IssuerLet's Encrypt
Subjectsix-mile-ranch.ca
Fingerprint28:C5:C9:4E:34:F2:E7:6E:C7:EE:FC:C9:76:B8:6B:B8:9D:6E:AE:A1
ValiditySun, 28 Apr 2024 14:19:52 GMT - Sat, 27 Jul 2024 14:19:51 GMT

File type
JavaScript source, ASCII text, with very long lines (532), with no line terminators
Size
507 B (507 bytes)
Hash
b1e7be7360a73835c0b44b7bf834b4bb
394b871cf36b2f356d12e971c8a8fb6149cfd2a7
1745266d2215ef0c2563fe02c7ae9d23b7f818a9f075970b680d57440edb8f47

HTTP Headers

GET /wp-content/plugins/featured-image-from-url/includes/html/js/json-ld.js?ver=4.7.4 HTTP/1.1
Host: www.six-mile-ranch.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.six-mile-ranch.ca/sp-news/2024/05/08/sevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 10:37:26 GMT
content-type: text/javascript
etag: W/"1fb-66383f7c-52eb28;br"
last-modified: Mon, 06 May 2024 02:25:00 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 888
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HHtco4eEyEDgvRBsg2IdUH3X7H%2Boa%2FLrSQiaG4tRiCJDQhWYtx5tyPeCYJyh3FygiDnfAwgoW%2Bf5wLubwdL%2Bzmg74dVSaVDchKJmPhnQmuIT0DJfFaSQmeAC%2BoZuzfTJjNjkTfRPYKQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8808d07fccd60b55-OSL
content-encoding: br

www.six-mile-ranch.ca/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1711014324

188.114.96.1

200 OK

11 kB

URL GET HTTP/3
www.six-mile-ranch.ca/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1711014324
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.six-mile-ranch.ca/sp-news/2024/05/08/sevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst/
Certificate
IssuerLet's Encrypt
Subjectsix-mile-ranch.ca
Fingerprint28:C5:C9:4E:34:F2:E7:6E:C7:EE:FC:C9:76:B8:6B:B8:9D:6E:AE:A1
ValiditySun, 28 Apr 2024 14:19:52 GMT - Sat, 27 Jul 2024 14:19:51 GMT

File type
ASCII text
Size
11 kB (11388 bytes)
Hash
91954b488a9bfcade528d6ff5c7ce83f
edf589eb28247c73ccc04e5b34ad107b90bd1b2e
6bc5622bfab1a16855ad49b99a3f9ed8eb24f49da469a113f9000b866f109e2e

HTTP Headers

GET /wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1711014324 HTTP/1.1
Host: www.six-mile-ranch.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.six-mile-ranch.ca/sp-news/2024/05/08/sevyn-streeter-to-headline-rochesters-juneteenth-festival-rochesterfirst/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 10:37:26 GMT
content-type: text/javascript
etag: W/"2c7c-65fc01b4-628200;br"
last-modified: Thu, 21 Mar 2024 09:45:24 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 888
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7A1Q2tjEVs1JMVRmOEhU%2FPWISQ1av%2FT7PEMAI0hw3ijA2Zn8r8aAC4711QEqlaTMI3rABYBWeuXp3mBJ9h7ZJWGW7ZgW7LShWNr%2FjXvgq1dRUibBC%2FGggZAOE5aeZCAzz8w39c7%2F%2BH8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8808d07fccd80b55-OSL
content-encoding: br

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (27)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL