Report - juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/

Report Overview

Visited public
2023-10-13 11:34:56
Tags
URL
juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Finishing URL
juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
IP / ASN
188.114.96.1
#13335 CLOUDFLARENET
Title
(1) New Message!

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
professionalswebcheck.com	unknown	2022-04-01	2022-04-02 00:47:29	2023-10-12 20:50:46	900 B	858 B	18.194.67.120
www.profitabledisplaynetwork.com	unknown	2023-03-02	2023-03-03 20:51:52	2023-10-12 14:14:27	1.4 kB	35 kB	192.243.59.20
judicialfizzysoftball.com	unknown	2023-09-27	2023-09-27 07:27:02	2023-10-13 00:19:22	2.8 kB	7.1 kB	192.243.61.227
gentlynudegranny.com	unknown	2023-09-27	2023-09-27 03:35:27	2023-10-12 02:34:15	6.5 kB	8.0 kB	173.233.137.52
hissedassessmentmistake.com	unknown	2023-09-27	2023-09-27 03:39:37	2023-10-13 04:33:56	2.8 kB	5.8 kB	192.243.59.20
i2.wp.com	5618	1997-03-28	2017-01-30 06:03:40	2023-10-12 08:33:39	12 kB	5.4 MB	192.0.77.2
tse1.mm.bing.net	7917	1997-09-03	2014-03-13 15:42:52	2023-10-01 19:14:24	3.9 kB	361 kB	204.79.197.200
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-10-13 00:24:52	1.1 kB	42 kB	142.250.74.106
encrypted-tbn0.gstatic.com	unknown	2008-02-11	2013-05-31 04:32:18	2023-10-13 01:33:33	500 B	3.2 kB	142.250.74.78
friendshipmale.com	unknown	2022-10-21	2022-10-21 14:15:25	2023-10-13 09:28:51	820 B	173 kB	104.21.234.32
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21 01:06:24	2023-10-13 05:09:19	680 B	1.9 kB	143.204.48.16
banquetunarmedgrater.com	unknown	2022-08-04	2022-08-04 17:12:50	2023-10-12 21:47:06	422 B	843 B	172.67.196.166
unseenreport.com	unknown	2022-03-30	2022-03-30 16:33:17	2023-10-13 09:20:24	1.5 kB	846 B	192.243.59.13
cdn.creative-bars1.com	unknown	2022-11-01	2022-11-15 17:46:22	2023-10-13 05:18:27	2.5 kB	122 kB	172.64.102.10
cdn.barscreative1.com	25648	2021-09-08	2021-09-16 13:14:42	2023-10-13 05:18:27	509 B	2.2 kB	45.133.44.3
ocsp.pki.goog	175	2016-06-13	2018-07-01 08:43:07	2023-10-12 18:12:01	999 B	2.1 kB	142.250.74.131
juanitazrora.pages.dev	unknown	2020-09-02	2023-09-28 06:22:46	2023-09-28 06:22:46	13 kB	2.3 MB	188.114.96.1
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-10-13 00:40:47	3.4 kB	156 kB	142.250.74.163
cdn.cloudimagesb.com	23099	2020-10-06	2021-02-12 17:15:41	2023-10-13 05:16:00	1.4 kB	386 kB	45.133.44.10
rabblespidersrenaissance.com	unknown	2023-09-27	2023-09-27 04:01:16	2023-10-12 13:14:44	506 B	469 B	173.233.137.44
pl17601119.highrevenuegate.com	unknown	2023-03-02	2023-04-23 21:45:10	2023-04-23 21:45:10	458 B	15 kB	192.243.61.225
pl16907464.highrevenuegate.com	unknown	2023-03-02	2023-07-04 11:23:46	2023-07-14 12:45:37	458 B	18 kB	192.243.59.13
reliablemiraculouscaleb.com	unknown	2023-10-10	2023-10-10 11:25:13	2023-10-13 02:35:10	2.8 kB	5.5 kB	192.243.59.20

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-10-13	medium	highrevenuegate.com	Sinkholed
2023-10-13	medium	highrevenuegate.com	Sinkholed
2023-10-13	medium	profitabledisplaynetwork.com	Sinkholed
2023-10-13	medium	profitabledisplaynetwork.com	Sinkholed
2023-10-13	medium	profitabledisplaynetwork.com	Sinkholed
2023-10-13	medium	judicialfizzysoftball.com	Sinkholed
2023-10-13	medium	gentlynudegranny.com	Sinkholed
2023-10-13	medium	hissedassessmentmistake.com	Sinkholed
2023-10-13	medium	gentlynudegranny.com	Sinkholed
2023-10-13	medium	reliablemiraculouscaleb.com	Sinkholed
2023-10-13	medium	reliablemiraculouscaleb.com	Sinkholed
2023-10-13	medium	hissedassessmentmistake.com	Sinkholed
2023-10-13	medium	gentlynudegranny.com	Sinkholed
2023-10-13	medium	gentlynudegranny.com	Sinkholed
2023-10-13	medium	unseenreport.com	Sinkholed
2023-10-13	medium	unseenreport.com	Sinkholed
2023-10-13	medium	judicialfizzysoftball.com	Sinkholed
2023-10-13	medium	gentlynudegranny.com	Sinkholed
2023-10-13	medium	gentlynudegranny.com	Sinkholed
2023-10-13	medium	gentlynudegranny.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (36)

	URL	From	Size	First Seen	Last Seen
	juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/	ScriptElement	3.0 kB	2023-10-13	2024-08-21
Pretty URL juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-13 13:35 Last Seen2024-08-21 04:52 Times Seen14 Hash 89b85e9a4a8e361ddb7b8d0aaed5701c ffe5f9bab07793dc622bb768255e3dbb6e97b07e a11c432b3f412bba4229539850a411786b746da8e858fd72a58d1302a4aceee1 Loading...

	unknown	ScriptElement	145 B	2023-07-04	2025-01-07
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-04 11:24 Last Seen2025-01-07 12:18 Times Seen47 Hash 5c230a903d9f540e5bc2bd8bc8a174e2 918da5a38448ca1200ddb3f412b039b108721f28 aebb22da0f2aad93690d165d4c43a6a77cb0dacfeb2be05c81b2d3dfbbbcaa49 Loading...

	juanitazrora.pages.dev/wp-content/themes/blossom-feminine/js/sticky-kit.min.js?ver=1.1.3	ScriptElement	3.3 kB	2023-03-07	2025-05-03
Pretty URL juanitazrora.pages.dev/wp-content/themes/blossom-feminine/js/sticky-kit.min.js?ver=1.1.3 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:38 Last Seen2025-05-03 14:50 Times Seen511 Hash 894bf69a88c8406680629c151343ff1e c51154c3433802a7b8d1a7f31e7aad54a3a2abf5 7a39f30800c1ef8779686fd48037bb5d95fc6471cefe29e60c61f00ae2a846db Loading...

	juanitazrora.pages.dev/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1	ScriptElement	14 kB	2023-05-09	2025-05-04
Pretty URL juanitazrora.pages.dev/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-09 19:21 Last Seen2025-05-04 03:59 Times Seen104430 Hash 9ffeb32e2d9efbf8f70caabded242267 3ad0c10e501ac2a9bfa18f9cd7e700219b378738 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89 Loading...

	friendshipmale.com/sfp.js	ScriptElement	86 kB	2023-08-25	2023-11-23
Pretty URL friendshipmale.com/sfp.js IP 104.21.234.32 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-25 12:30 Last Seen2023-11-23 01:47 Times Seen6642 Hash 2d0450888479d4ddda305bd96206b240 5b4595aab1cd3f854718e05db9be0c65a12ab2f6 44de073e74ff24c6b1c0fe1f3ac5b33d793560e85ef24fb6ce89e76c2cf90af6 Loading...

	juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/	ScriptElement	348 B	2023-10-13	2024-08-21
Pretty URL juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-13 13:35 Last Seen2024-08-21 04:52 Times Seen2 Hash 81ca75660e903f04f1073a23ccbebf39 062cc3ac300cf6c043af65ce55610580157c7c7a b345028167a6a70e27d500e37af3a7f3ba8e0303f5f425bb1e0ed464080e564f Loading...

	juanitazrora.pages.dev/wp-content/themes/blossom-feminine/js/all.min.js?ver=6.1.1	ScriptElement	1.7 MB	2023-03-07	2025-05-03
Pretty URL juanitazrora.pages.dev/wp-content/themes/blossom-feminine/js/all.min.js?ver=6.1.1 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59 Last Seen2025-05-03 17:47 Times Seen768 Hash 735c741071f8d6c8ce8b5d50efe5516a 1b67e9bb36ae7104676591491c69c9b767777ab9 8735c609d465ac29d79bd284e7f08bfe7777de77c4743ca96bb55284d041a785 Loading...

	unknown	ScriptElement	3.3 kB	2024-08-21	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-21 04:52 Last Seen2024-08-21 04:52 Times Seen1 Hash 83694f4c6d1521e111df116e9b871812 1eff91272fe7f2ecc79d28cedcefaa4134b3537a ae4b3db8b0e6708430af4ea2625c4002d6bd5543edba3001c699e23d5e14d033 Loading...

	unknown	EventHandler	134 B	2023-04-13	2025-04-13
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-13 04:47 Last Seen2025-04-13 06:21 Times Seen66 Hash 7ad5a10e33bf15a299499ade7762b03f ce1455d1508d122e6f79551a77c6c1c1600115fd 029136506b122dbe15c6b48451810a844d52a51fc3c06bc31fec403c8e214505 Loading...

	www.profitabledisplaynetwork.com/0a1f35073c594f712b44ac459670782f/invoke.js	ScriptElement	30 kB	2023-10-13	2024-08-21
Pretty URL www.profitabledisplaynetwork.com/0a1f35073c594f712b44ac459670782f/invoke.js IP 192.243.59.20 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-13 03:18 Last Seen2024-08-21 04:56 Times Seen29 Hash f8eebe0e6393dd36287b243ffea18e86 3d8aba98a6d5324f67abe128eda3088c52b00d75 4062a3d277361cce84ef2c3a415e9a993c0eecbc5f3063e92cbd29918195d6f7 Loading...

	juanitazrora.pages.dev/wp-content/themes/blossom-feminine/js/owlcarousel2-a11ylayer.min.js?ver=0.2.1	ScriptElement	3.9 kB	2023-03-10	2023-10-13
Pretty URL juanitazrora.pages.dev/wp-content/themes/blossom-feminine/js/owlcarousel2-a11ylayer.min.js?ver=0.2.1 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:41 Last Seen2023-10-13 13:35 Times Seen1 Hash 374ec4bf0fcd3e085fb90db462d3d050 c220d36ecae52e15204be69fca0c194eb0647f0f d448c501f4240eb6df89577fe0b157189651fca48232c3134fb7e8aec810ff33 Loading...

	juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/	ScriptElement	352 B	2023-07-04	2024-08-21
Pretty URL juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-04 11:24 Last Seen2024-08-21 04:52 Times Seen4 Hash b41957daa33ce6f50c587d7edbae4695 51d1963b61f3131b40322c87d6b3be08590f5f8d d82e4954b56c61f73436307c72b44bf61c5feb5d2b4848cc6d9010548a750770 Loading...

	unknown	ScriptElement	187 B	2023-10-13	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-13 13:35 Last Seen2024-08-21 04:52 Times Seen6 Hash 3641334fed4d329a6f3911e1f4e34656 7f7a7d5e227ff4b364b7eb6d447993c30d9c53f5 f5bde8d0da828a770223f7cce6015094605240cb3c22c29c9ac8fb0d2c2aee33 Loading...

	juanitazrora.pages.dev/wp-content/themes/blossom-feminine/js/modal-accessibility.min.js?ver=1.1.1	ScriptElement	6.3 kB	2023-10-13	2023-10-13
Pretty URL juanitazrora.pages.dev/wp-content/themes/blossom-feminine/js/modal-accessibility.min.js?ver=1.1.1 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-13 13:35 Last Seen2023-10-13 13:35 Times Seen1 Hash d760abc3f6f9c23ecddac57acf0c6699 45ad8c490e828c7502f6ff72331c768639612d72 3901377847620c1d5817d11fd4b6d93c0a5a393ec7939ad6fc06b036581bdc38 Loading...

	juanitazrora.pages.dev/wp-includes/js/jquery/jquery.min.js?ver=3.7.0	ScriptElement	88 kB	2023-06-13	2025-05-02
Pretty URL juanitazrora.pages.dev/wp-includes/js/jquery/jquery.min.js?ver=3.7.0 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-13 23:41 Last Seen2025-05-02 21:43 Times Seen26124 Hash ff04dd1ef5c67998d8652330c0441689 5e6ff5bd5240181a8bdea983837f39ac231dac4d 5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164 Loading...

	juanitazrora.pages.dev/wp-content/themes/blossom-chic/js/custom.js?ver=1.1.1	ScriptElement	1.0 kB	2024-08-21	2024-08-21
Pretty URL juanitazrora.pages.dev/wp-content/themes/blossom-chic/js/custom.js?ver=1.1.1 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-21 04:52 Last Seen2024-08-21 04:52 Times Seen1 Hash 9e8d86257cd686e5eb0b4c3e695baf43 d41f59147279bd5874946b804f17acc52d554374 0260e1faad57c02c3744328a6f535175ea18a7b6353c74a42418108ab0462498 Loading...

	unknown	ScriptElement	3.3 kB	2024-08-21	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-21 04:52 Last Seen2024-08-21 04:52 Times Seen1 Hash 293541839de9a4d43890d657e9c61959 48ba3d3e4818e166b51dfeeb2974967b2d9f0ec3 67021e10e88bd237587e68d1786d7a47271f1d61d653caf74e11b154c43a547e Loading...

	unknown	ScriptElement	678 B	2024-08-21	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-21 04:52 Last Seen2024-08-21 04:52 Times Seen1 Hash b91d2b72b2ae3cf7895ca2466880bc3a 1453eb15b40280a7d2c82359f6be374837fef00b 90c5c335f4c8d8ff429063c042ad5c1c217645fdc8dfb68776e9ab4b86771a19 Loading...

	pl17601119.highrevenuegate.com/c8/30/e6/c830e61dc7b13dddffbcf2286546b8d3.js	ScriptElement	40 kB	2023-10-13	2023-10-13
Pretty URL pl17601119.highrevenuegate.com/c8/30/e6/c830e61dc7b13dddffbcf2286546b8d3.js IP 192.243.61.225 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-13 13:35 Last Seen2023-10-13 13:35 Times Seen1 Hash 72b8ec0602aa208257a792ca1ae8dbfa 6b76832cb825b5896e4ab4d975f74d04b5ab0ce2 30eb106a401f8bba3538b41bf8d7bc3d2d968dcccc31b353f5d65e1a49e3e794 Loading...

	juanitazrora.pages.dev/wp-content/themes/blossom-feminine/js/v4-shims.min.js?ver=6.1.1	ScriptElement	26 kB	2023-03-13	2025-03-28
Pretty URL juanitazrora.pages.dev/wp-content/themes/blossom-feminine/js/v4-shims.min.js?ver=6.1.1 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:50 Last Seen2025-03-28 21:57 Times Seen6 Hash f57fd9be4df163ac76e8fcaf50e4e218 f75a7099889b5261571f12ca4ca430835033aed0 ff8651f861b64aee1b3cb44a2cc7ebed9acbeb924d6e3019938ef2af7c7a15a2 Loading...

	juanitazrora.pages.dev/wp-content/themes/blossom-feminine/js/wow.min.js?ver=1.1.3	ScriptElement	8.4 kB	2023-03-07	2025-05-03
Pretty URL juanitazrora.pages.dev/wp-content/themes/blossom-feminine/js/wow.min.js?ver=1.1.3 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-03 18:01 Times Seen2536 Hash 36050285bfeeb7395752f0f9bbc08273 5924f7bbbf1dfa3f0926851d01f782f23a59e805 0ec632e6ab02d4fdd514da7f5edc74aa28c9d4c71af76f1c8b93a1fba85bcc69 Loading...

	unknown	ScriptElement	3.3 kB	2024-08-21	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-21 04:52 Last Seen2024-08-21 04:52 Times Seen1 Hash 1beb81c16121888e2d0d5029a390d1ab 87ec5dc166ce7bcd4759eb65270ae0b237c5faaa 9655c793afbd3e680b461f1b2fb7968568200962af794a24b06cbda40c93e59a Loading...

	www.profitabledisplaynetwork.com/0a1f35073c594f712b44ac459670782f/invoke.js	ScriptElement	30 kB	2023-09-28	2023-11-07
Pretty URL www.profitabledisplaynetwork.com/0a1f35073c594f712b44ac459670782f/invoke.js IP 192.243.59.20 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-28 17:28 Last Seen2023-11-07 02:36 Times Seen31 Hash 5c4041109f5f62fc64157c5b8aa293be 4e84642545842564c966f81557927e88b1eb6279 ef871f82f06a667cfe9a0ec8f3763bbfa168a93483f7a3ba688a8fbb621d7e9e Loading...

	www.profitabledisplaynetwork.com/0a1f35073c594f712b44ac459670782f/invoke.js	ScriptElement	30 kB	2023-09-28	2023-11-06
Pretty URL www.profitabledisplaynetwork.com/0a1f35073c594f712b44ac459670782f/invoke.js IP 192.243.59.20 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-28 00:32 Last Seen2023-11-06 21:05 Times Seen34 Hash d1e67ba6c3dc3ebf1bfdbcd3570537bf 42d6b02a23325782331a755679a66a7580e4ba40 d1a0e841ea090bb0c68fb20289e8015ca3cf23d36227e9bf3ef7b3162d018194 Loading...

	juanitazrora.pages.dev/wp-content/themes/blossom-feminine/js/owl.carousel.min.js?ver=2.2.1	ScriptElement	43 kB	2023-03-07	2025-05-04
Pretty URL juanitazrora.pages.dev/wp-content/themes/blossom-feminine/js/owl.carousel.min.js?ver=2.2.1 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-04 02:49 Times Seen5168 Hash b7b9c97cd68ec336d01a79d5be48c58d 1a99890b57c9859a622337ed0b2f989d6e30cc0e b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43 Loading...

	juanitazrora.pages.dev/wp-content/themes/blossom-feminine/js/jquery.matchHeight.min.js?ver=0.7.2	ScriptElement	3.4 kB	2023-03-07	2025-05-03
Pretty URL juanitazrora.pages.dev/wp-content/themes/blossom-feminine/js/jquery.matchHeight.min.js?ver=0.7.2 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26 Last Seen2025-05-03 14:05 Times Seen1839 Hash 3182b2beddb1f798f66d27425b9f99d9 ebfe39b9b22623bf3b289d7d8548f04215b7a820 fa87904726726364ad19a7c4b2f2b20ee10637325601b5aa88ed8bfdcb7117a7 Loading...

	juanitazrora.pages.dev/wp-content/themes/blossom-feminine/js/custom.min.js?ver=1.1.1	ScriptElement	2.9 kB	2024-08-21	2024-08-21
Pretty URL juanitazrora.pages.dev/wp-content/themes/blossom-feminine/js/custom.min.js?ver=1.1.1 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-21 04:52 Last Seen2024-08-21 04:52 Times Seen1 Hash fce19af66123f6eeba62eeecaadfad50 d87aff48e67b6082c73c7b6b89dcf48be0732da5 c19883490601605fd37fcb309e6e30c391f3f85d4dbf78a2b9db59b3e5ec2a09 Loading...

	banquetunarmedgrater.com/advertisers.js	ScriptElement	0 B	0001-01-01	2025-05-04
Pretty URL banquetunarmedgrater.com/advertisers.js IP 172.67.196.166 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-05-04 03:59 Times Seen4604715 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/	ScriptElement	74 B	2023-07-04	2024-08-21
Pretty URL juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-04 11:24 Last Seen2024-08-21 04:52 Times Seen13 Hash c4dab8fd808ac118ba1e4d5b6b4bc5a4 177d413400bb195acdb60b2e4252d1114df93365 a744ec0839f2f9f6d2702f303817d0653f98bfec9d7d67409ef616b8aeb4e24e Loading...

	pl16907464.highrevenuegate.com/70/fc/c4/70fcc49edd080ac52f417ceb88fa752a.js	ScriptElement	43 kB	2023-10-13	2023-10-13
Pretty URL pl16907464.highrevenuegate.com/70/fc/c4/70fcc49edd080ac52f417ceb88fa752a.js IP 192.243.59.13 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-13 13:35 Last Seen2023-10-13 13:35 Times Seen1 Hash f06f7e0f9dda22df32c97ee93ec46c71 818be13c7d7e077c3859338021577f970e4fa06c d1bd3811c4e67be51754d1659be35774a4203f9eafbb573d51bc7b2633d872fb Loading...

	juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/	ScriptElement	89 B	2023-03-11	2024-08-21
Pretty URL juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-11 08:32 Last Seen2024-08-21 04:52 Times Seen1 Hash 82d368308c9ec19ae6fb5ebc24c0c304 e3b6a0a734692cc2a3f5dd75f0cab18c5fa9c26c 156d9935c31b059f5126d807d2b865cce4c23df4811deca0965ae58aa81b9f2b Loading...

	juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/	ScriptElement	93 B	2023-03-08	2025-04-26
Pretty URL juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 16:09 Last Seen2025-04-26 13:02 Times Seen12 Hash 86d87a8fc9e04d77c8332ef600637132 3c6d091cc0e2b7f2b8a3a15323d107a4e443993b 6b9f8f324133c918dd6e9a26750e97b0bb4e4995927ee178a358345cba08cb16 Loading...

		Size	First Seen	Last Seen
	#1 Eval - fb34ae434975fa566ee7fd81831f6e19	2.1 kB	2024-08-21 04:52	2024-08-21 04:52
Pretty Observations First Seen2024-08-21 04:52 Last Seen2024-08-21 04:52 Times Seen1 Hash fb34ae434975fa566ee7fd81831f6e19 55f78b30292af200dc26efbe8cc8b2c1801d5e14 bd9ab2747104b995e0c2339e45ce8c6ede318d90fa77701c0f068746f1ef4805 Loading...

	#2 Eval - bb2a4020d09a1fa767da7380be758754	2.1 kB	2024-08-21 04:52	2024-08-21 04:52
Pretty Observations First Seen2024-08-21 04:52 Last Seen2024-08-21 04:52 Times Seen1 Hash bb2a4020d09a1fa767da7380be758754 45a1816a788886b9722572ffb0c07b2b3fba0472 e017e761c0c603fa9291e74a7638e505597dbb67d0656d671f92ec5417accff2 Loading...

	#3 Eval - 009a7693eba7106896ebe2f702a845a8	2.1 kB	2024-08-21 04:52	2024-08-21 04:52
Pretty Observations First Seen2024-08-21 04:52 Last Seen2024-08-21 04:52 Times Seen1 Hash 009a7693eba7106896ebe2f702a845a8 3fa4d10e626f43b8152c77a05d2639e78c2f7b71 9d290750e1ef7294ee392423d5e3769e63dc583a9934c9744a570df061143c6c Loading...

		Size	First Seen	Last Seen
	#1 Write - 2eded7f01d4b1722aab4a474fc735721	130 B	2023-07-04 11:24	2024-08-21 04:52
Pretty Observations First Seen2023-07-04 11:24 Last Seen2024-08-21 04:52 Times Seen7 Hash 2eded7f01d4b1722aab4a474fc735721 cf4a6033fdc059527c296ea3896a95749d6f2327 7266e15849cf58b4b9b22ec7e70f34a5e59b24152f35f9ae696d8a8dc15b4846 Loading...

HTTP Transactions (104)

URL IP Response Size

i2.wp.com/static.wixstatic.com/media/5f12ff_26abb3a3158b4db692d0a9f3814f31ee~mv2.png/v1/fill/w_1000,h_707,al_c,usm_0.66_1.00_0.01/5f12ff_26abb3a3158b4db692d0a9f3814f31ee~mv2.png

192.0.77.2

200 OK

486 kB

URL GET HTTP/2
i2.wp.com/static.wixstatic.com/media/5f12ff_26abb3a3158b4db692d0a9f3814f31ee~mv2.png/v1/fill/w_1000,h_707,al_c,usm_0.66_1.00_0.01/5f12ff_26abb3a3158b4db692d0a9f3814f31ee~mv2.png
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image\012- data
Size
486 kB (485992 bytes)
Hash
30f11b952e2e1d711aa193ad3f0c4ba3
86b4504451a18ebc765e6bc5b0ed4e8e655c9097
147a463061d9e8efface416cd47274ee1822522cab17c0756a021ae83a381cac

HTTP Headers

GET /static.wixstatic.com/media/5f12ff_26abb3a3158b4db692d0a9f3814f31ee~mv2.png/v1/fill/w_1000,h_707,al_c,usm_0.66_1.00_0.01/5f12ff_26abb3a3158b4db692d0a9f3814f31ee~mv2.png HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 13 Oct 2023 11:34:34 GMT
content-type: image/webp
content-length: 485992
last-modified: Fri, 13 Oct 2023 07:20:19 GMT
expires: Sun, 12 Oct 2025 19:20:19 GMT
cache-control: public, max-age=63115200
link: <http://static.wixstatic.com/media/5f12ff_26abb3a3158b4db692d0a9f3814f31ee~mv2.png/v1/fill/w_1000,h_707,al_c,usm_0.66_1.00_0.01/5f12ff_26abb3a3158b4db692d0a9f3814f31ee~mv2.png>; rel="canonical"
x-content-type-options: nosniff
etag: "f44bfdd4fc903cb1"
vary: Accept
x-nc: HIT arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

i2.wp.com/themacweekly.com/wp-content/uploads/2020/06/First-year-graphic_by-Rebecca-Edwards-900x900.png

192.0.77.2

200 OK

158 kB

URL GET HTTP/2
i2.wp.com/themacweekly.com/wp-content/uploads/2020/06/First-year-graphic_by-Rebecca-Edwards-900x900.png
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image\012- data
Size
158 kB (158454 bytes)
Hash
504c7ffb6fa18fe97ed396c50534a34d
6c3217c1e6270139b57db28d11418e79c282a944
c759bd7318deea6e42a6704ca8a4d560c9a1d287808c50d8b1a16ecc68168d18

HTTP Headers

GET /themacweekly.com/wp-content/uploads/2020/06/First-year-graphic_by-Rebecca-Edwards-900x900.png HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 13 Oct 2023 11:34:35 GMT
content-type: image/webp
content-length: 158454
last-modified: Wed, 11 Oct 2023 09:05:36 GMT
expires: Fri, 10 Oct 2025 21:05:36 GMT
cache-control: public, max-age=63115200
link: <http://themacweekly.com/wp-content/uploads/2020/06/First-year-graphic_by-Rebecca-Edwards-900x900.png>; rel="canonical"
x-content-type-options: nosniff
etag: "4f507fe86dc585fd"
vary: Accept
x-nc: MISS arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

i2.wp.com/bellechassebridge.com/wp-content/uploads/2020/06/timeline-6.jpg

192.0.77.2

200 OK

300 kB

URL GET HTTP/2
i2.wp.com/bellechassebridge.com/wp-content/uploads/2020/06/timeline-6.jpg
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1900x1268, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
300 kB (299944 bytes)
Hash
3bdb45de26a1a26e17c35d749531f069
4e0b2abca2486eec30b36c245325e4cf30d23a52
84eeba738e99a1fffb434ac5d442244ef7277aabe7e66a29dcd6470c1fd41d61

HTTP Headers

GET /bellechassebridge.com/wp-content/uploads/2020/06/timeline-6.jpg HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 13 Oct 2023 11:34:35 GMT
content-type: image/webp
content-length: 299944
last-modified: Fri, 13 Oct 2023 11:21:10 GMT
expires: Sun, 12 Oct 2025 23:21:10 GMT
cache-control: public, max-age=63115200
link: <http://bellechassebridge.com/wp-content/uploads/2020/06/timeline-6.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "a460e918f7a49951"
vary: Accept
x-nc: MISS arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2ce1eb0a081cc326c64f59c2515473ef
62a9f26be5d03b1726da755369b6eeb814150c56
78d8522a7548edf4ccd533df3a8cf44749f249661f626befcc441c31b6630908

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 13 Oct 2023 11:34:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

tse1.mm.bing.net/th?q=Marshall%20Thundering%20Herd%20Football%20Schedule%202024

204.79.197.200

200 OK

30 kB

URL GET HTTP/2
tse1.mm.bing.net/th?q=Marshall%20Thundering%20Herd%20Football%20Schedule%202024
IP
204.79.197.200:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintCD:30:E8:F8:D2:A7:C2:85:A1:F7:A2:2E:B6:B3:FD:F9:08:FA:31:D1
ValidityWed, 26 Jul 2023 23:57:23 GMT - Mon, 22 Jan 2024 23:57:23 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x266, components 3\012- data
Size
30 kB (30065 bytes)
Hash
cd4c2dbcb6e12dca7ea82548488d42d8
175ddb688e4bfdff8dcd5a961f5ca5f6c78dfcd8
2574425cea6de5f0eda17bef4396fb8c4196fc69169a30b26f6fc07293062976

HTTP Headers

GET /th?q=Marshall%20Thundering%20Herd%20Football%20Schedule%202024 HTTP/1.1
Host: tse1.mm.bing.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=5184000
content-length: 30065
content-type: image/jpeg
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 81BFF25079074C58A9F4408ADC24524E Ref B: OSL30EDGE0317 Ref C: 2023-10-13T11:34:35Z
date: Fri, 13 Oct 2023 11:34:35 GMT
X-Firefox-Spdy: h2

tse1.mm.bing.net/th?q=Rtr%20Aero%20Exam%20Schedule%202024

204.79.197.200

200 OK

16 kB

URL GET HTTP/2
tse1.mm.bing.net/th?q=Rtr%20Aero%20Exam%20Schedule%202024
IP
204.79.197.200:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintCD:30:E8:F8:D2:A7:C2:85:A1:F7:A2:2E:B6:B3:FD:F9:08:FA:31:D1
ValidityWed, 26 Jul 2023 23:57:23 GMT - Mon, 22 Jan 2024 23:57:23 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x249, components 3\012- data
Size
16 kB (15529 bytes)
Hash
6fcfe3de9df39652170f4d429eb94e75
3e39e806942314451f4ea6a0c7f93180e12009ac
7e90dbe6b6d9e8b5f97563c0a2e45bb8ce38fc2da98435bbb51afd4e77fdf90c

HTTP Headers

GET /th?q=Rtr%20Aero%20Exam%20Schedule%202024 HTTP/1.1
Host: tse1.mm.bing.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=5184000
content-length: 15529
content-type: image/jpeg
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FC72D2943B5C423AAEFFB7B088A12928 Ref B: OSL30EDGE0317 Ref C: 2023-10-13T11:34:35Z
date: Fri, 13 Oct 2023 11:34:35 GMT
X-Firefox-Spdy: h2

tse1.mm.bing.net/th?q=Macalester%20Spring%202024%20Schedule

204.79.197.200

200 OK

49 kB

URL GET HTTP/2
tse1.mm.bing.net/th?q=Macalester%20Spring%202024%20Schedule
IP
204.79.197.200:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintCD:30:E8:F8:D2:A7:C2:85:A1:F7:A2:2E:B6:B3:FD:F9:08:FA:31:D1
ValidityWed, 26 Jul 2023 23:57:23 GMT - Mon, 22 Jan 2024 23:57:23 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x474, components 3\012- data
Size
49 kB (49165 bytes)
Hash
23ef5b30d4c9104bdbec4ba63f6b2139
cdd576259731fd1e3649ff9f09b665809098bce0
97b225da82d654df27cfa1836a82a68bb3ce879fcdc7d0b178dd8e2b82243efa

HTTP Headers

GET /th?q=Macalester%20Spring%202024%20Schedule HTTP/1.1
Host: tse1.mm.bing.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=5184000
content-length: 49165
content-type: image/jpeg
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 93E502CE6CEC471CBB87F72CC7FB7C75 Ref B: OSL30EDGE0317 Ref C: 2023-10-13T11:34:35Z
date: Fri, 13 Oct 2023 11:34:35 GMT
X-Firefox-Spdy: h2

tse1.mm.bing.net/th?q=Lahaina%20Harbor%20Cruise%20Ship%20Schedule%202024

204.79.197.200

200 OK

46 kB

URL GET HTTP/2
tse1.mm.bing.net/th?q=Lahaina%20Harbor%20Cruise%20Ship%20Schedule%202024
IP
204.79.197.200:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintCD:30:E8:F8:D2:A7:C2:85:A1:F7:A2:2E:B6:B3:FD:F9:08:FA:31:D1
ValidityWed, 26 Jul 2023 23:57:23 GMT - Mon, 22 Jan 2024 23:57:23 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x548, components 3\012- data
Size
46 kB (46200 bytes)
Hash
4d83388f01f4920200e5f66d7eea573e
38c99c91231d1ef48659bc9b13c4969aa1a61c52
4e4745429b9675a22b41e0babe32ffd823df5f8f2d9bf4687c68a990c62a08c2

HTTP Headers

GET /th?q=Lahaina%20Harbor%20Cruise%20Ship%20Schedule%202024 HTTP/1.1
Host: tse1.mm.bing.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=5184000
content-length: 46200
content-type: image/jpeg
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CCBE9397636647B5B74B26F81FC6F300 Ref B: OSL30EDGE0317 Ref C: 2023-10-13T11:34:35Z
date: Fri, 13 Oct 2023 11:34:35 GMT
X-Firefox-Spdy: h2

tse1.mm.bing.net/th?q=This%20Is%20Us%20Schedule%202024

204.79.197.200

200 OK

57 kB

URL GET HTTP/2
tse1.mm.bing.net/th?q=This%20Is%20Us%20Schedule%202024
IP
204.79.197.200:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintCD:30:E8:F8:D2:A7:C2:85:A1:F7:A2:2E:B6:B3:FD:F9:08:FA:31:D1
ValidityWed, 26 Jul 2023 23:57:23 GMT - Mon, 22 Jan 2024 23:57:23 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x613, components 3\012- data
Size
57 kB (57121 bytes)
Hash
2043b1f768f10dcf8de674d0764a4ef7
b930ae55fc87d669c5638180a7709b9dd55ce91a
cab20ada48d5272c999b30149c207c9538ef91f9f1436719fde2c414e0c070da

HTTP Headers

GET /th?q=This%20Is%20Us%20Schedule%202024 HTTP/1.1
Host: tse1.mm.bing.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=5184000
content-length: 57121
content-type: image/jpeg
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 877635F431924C36BF22A9563A2F65E4 Ref B: OSL30EDGE0317 Ref C: 2023-10-13T11:34:35Z
date: Fri, 13 Oct 2023 11:34:35 GMT
X-Firefox-Spdy: h2

tse1.mm.bing.net/th?q=2024%20World%20Cup%20Tv%20Schedule%20Canada

204.79.197.200

200 OK

29 kB

URL GET HTTP/2
tse1.mm.bing.net/th?q=2024%20World%20Cup%20Tv%20Schedule%20Canada
IP
204.79.197.200:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintCD:30:E8:F8:D2:A7:C2:85:A1:F7:A2:2E:B6:B3:FD:F9:08:FA:31:D1
ValidityWed, 26 Jul 2023 23:57:23 GMT - Mon, 22 Jan 2024 23:57:23 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x237, components 3\012- data
Size
29 kB (28644 bytes)
Hash
bea08c1cc8c803c13f8bcc281bda398b
b7e74e0c3c2a08024c33af364c6b3999fa49ff51
a1ae2a410f89e0a788d1f60f171eb817aface4a7c28b2cf6aca1e1b6a0d5fbdd

HTTP Headers

GET /th?q=2024%20World%20Cup%20Tv%20Schedule%20Canada HTTP/1.1
Host: tse1.mm.bing.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=5184000
content-length: 28644
content-type: image/jpeg
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 354D156C380748D085D17DFBE4350C87 Ref B: OSL30EDGE0317 Ref C: 2023-10-13T11:34:35Z
date: Fri, 13 Oct 2023 11:34:35 GMT
X-Firefox-Spdy: h2

tse1.mm.bing.net/th?q=U%20Of%20A%20Football%20Schedule%202024

204.79.197.200

200 OK

59 kB

URL GET HTTP/2
tse1.mm.bing.net/th?q=U%20Of%20A%20Football%20Schedule%202024
IP
204.79.197.200:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintCD:30:E8:F8:D2:A7:C2:85:A1:F7:A2:2E:B6:B3:FD:F9:08:FA:31:D1
ValidityWed, 26 Jul 2023 23:57:23 GMT - Mon, 22 Jan 2024 23:57:23 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x666, components 3\012- data
Size
59 kB (58767 bytes)
Hash
6357f35e0b52bef70de744e81e1a8226
e15040d60cc5754bc6c960ed17ca8b561c4d4b0d
5a1cbcedcd2820caabe0f0f211c98c0e195a81353b8d386094cb0b6c0a18e986

HTTP Headers

GET /th?q=U%20Of%20A%20Football%20Schedule%202024 HTTP/1.1
Host: tse1.mm.bing.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=5184000
content-length: 58767
content-type: image/jpeg
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3B3E884453E74A48A5F9700B22A0C460 Ref B: OSL30EDGE0317 Ref C: 2023-10-13T11:34:35Z
date: Fri, 13 Oct 2023 11:34:35 GMT
X-Firefox-Spdy: h2

tse1.mm.bing.net/th?q=Georgia%20Southern%20Final%20Exam%20Schedule%20Spring%202024

204.79.197.200

200 OK

69 kB

URL GET HTTP/2
tse1.mm.bing.net/th?q=Georgia%20Southern%20Final%20Exam%20Schedule%20Spring%202024
IP
204.79.197.200:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintCD:30:E8:F8:D2:A7:C2:85:A1:F7:A2:2E:B6:B3:FD:F9:08:FA:31:D1
ValidityWed, 26 Jul 2023 23:57:23 GMT - Mon, 22 Jan 2024 23:57:23 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x613, components 3\012- data
Size
69 kB (68575 bytes)
Hash
fce226d45893c27daf11d4ce0189b346
40463a1dfd41924bfbc4b72347c2889db1a6c21f
abcb918462074578235597e8ae7480f069473285d70ed1433f1d373352902b9d

HTTP Headers

GET /th?q=Georgia%20Southern%20Final%20Exam%20Schedule%20Spring%202024 HTTP/1.1
Host: tse1.mm.bing.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=5184000
content-length: 68575
content-type: image/jpeg
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 267260318E7D4A53855FEB4FB126AE91 Ref B: OSL30EDGE0317 Ref C: 2023-10-13T11:34:35Z
date: Fri, 13 Oct 2023 11:34:35 GMT
X-Firefox-Spdy: h2

i2.wp.com/townsquare.media/site/67/files/2019/11/Macalester-College5.jpg?w=1200&h=0&zc=1&s=0&a=t&q=89

192.0.77.2

200 OK

211 kB

URL GET HTTP/2
i2.wp.com/townsquare.media/site/67/files/2019/11/Macalester-College5.jpg?w=1200&h=0&zc=1&s=0&a=t&q=89
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1200x796, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
211 kB (210786 bytes)
Hash
6350c5492a98127bb4add8a0e163bf3e
5d096e2a1aaf009b689d287603f711b59d2375ed
14c921dc4ca4c3e33b2b7023c6c40b1ac0ccc6d7a05fe2ff795228c7555f359a

HTTP Headers

GET /townsquare.media/site/67/files/2019/11/Macalester-College5.jpg?w=1200&h=0&zc=1&s=0&a=t&q=89 HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 13 Oct 2023 11:34:35 GMT
content-type: image/webp
content-length: 210786
last-modified: Fri, 13 Oct 2023 11:34:35 GMT
expires: Sun, 12 Oct 2025 23:34:35 GMT
cache-control: public, max-age=63115200
link: <http://townsquare.media/site/67/files/2019/11/Macalester-College5.jpg?89>; rel="canonical"
x-content-type-options: nosniff
etag: "ddff94248a1284c7"
vary: Accept
x-nc: MISS arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

i2.wp.com/www.macalester.edu/about/wp-content/uploads/sites/191/2019/12/location-amplifies.jpg

192.0.77.2

200 OK

111 kB

URL GET HTTP/2
i2.wp.com/www.macalester.edu/about/wp-content/uploads/sites/191/2019/12/location-amplifies.jpg
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
111 kB (110830 bytes)
Hash
428b64d40eca445d5fc63d313a558c6c
c4b5a35e4685d124e1efcf7103a4428ab12c5c53
f6d067620a4b29c1aa0784ed13fbc193c27774dd33e7e716d81c90ba947cb02a

HTTP Headers

GET /www.macalester.edu/about/wp-content/uploads/sites/191/2019/12/location-amplifies.jpg HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 13 Oct 2023 11:34:35 GMT
content-type: image/webp
content-length: 110830
last-modified: Fri, 13 Oct 2023 11:34:35 GMT
expires: Sun, 12 Oct 2025 23:34:35 GMT
cache-control: public, max-age=63115200
link: <http://www.macalester.edu/about/wp-content/uploads/sites/191/2019/12/location-amplifies.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "d07f4011db0e86a5"
vary: Accept
x-nc: MISS arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

i2.wp.com/freecalendardate.com/wp-content/uploads/2020/01/2020-braves-schedule-image-braves-reddit-regarding-atlanta-braves-schedule-2020-printable.jpg

192.0.77.2

200 OK

583 kB

URL GET HTTP/2
i2.wp.com/freecalendardate.com/wp-content/uploads/2020/01/2020-braves-schedule-image-braves-reddit-regarding-atlanta-braves-schedule-2020-printable.jpg
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image\012- data
Size
583 kB (583248 bytes)
Hash
5b3ddfc129306f48a31ee1ae17aeae14
7d69822ffae9b42631b74605bc91340d5ee2487a
ffd13c4d866f13f4c3cb4bbb35f57392039a23d4d76950de5f015c7407fde72e

HTTP Headers

GET /freecalendardate.com/wp-content/uploads/2020/01/2020-braves-schedule-image-braves-reddit-regarding-atlanta-braves-schedule-2020-printable.jpg HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 13 Oct 2023 11:34:35 GMT
content-type: image/webp
content-length: 583248
last-modified: Fri, 13 Oct 2023 11:34:35 GMT
expires: Sun, 12 Oct 2025 23:34:35 GMT
cache-control: public, max-age=63115200
link: <http://freecalendardate.com/wp-content/uploads/2020/01/2020-braves-schedule-image-braves-reddit-regarding-atlanta-braves-schedule-2020-printable.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "6620dce05f2e151e"
vary: Accept
x-nc: MISS arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

i2.wp.com/www.macalester.edu/isp/wp-content/uploads/sites/95/2021/04/IMG_20181218_140524126-1152x1536.jpg

192.0.77.2

200 OK

103 kB

URL GET HTTP/2
i2.wp.com/www.macalester.edu/isp/wp-content/uploads/sites/95/2021/04/IMG_20181218_140524126-1152x1536.jpg
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1152x1536, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
103 kB (102850 bytes)
Hash
05355577de571068d3789db707f79f64
448af4f701b9d5ed20c0a787596d7cf4a0588641
ae987db9eafea6388b49089aac92396f68a7fb279c87af48923c6645839906bc

HTTP Headers

GET /www.macalester.edu/isp/wp-content/uploads/sites/95/2021/04/IMG_20181218_140524126-1152x1536.jpg HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 13 Oct 2023 11:34:35 GMT
content-type: image/webp
content-length: 102850
last-modified: Fri, 13 Oct 2023 11:34:35 GMT
expires: Sun, 12 Oct 2025 23:34:35 GMT
cache-control: public, max-age=63115200
link: <http://www.macalester.edu/isp/wp-content/uploads/sites/95/2021/04/IMG_20181218_140524126-1152x1536.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "7238ffb4490ff3ad"
vary: Accept
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

i2.wp.com/www.gotolouisville.com/imager/assets_simpleviewinc_com/simpleview/image/upload/w_1024,h_1024,c_limit/crm/louisville/PGA-2024_4A812019-5056-BF65-D62E076B95E1B748_4a9528bf-5056-bf65-d610fc5b9ba26053_f69c17b56b270deda0220b2ba6b4d051.png

192.0.77.2

200 OK

20 kB

URL GET HTTP/2
i2.wp.com/www.gotolouisville.com/imager/assets_simpleviewinc_com/simpleview/image/upload/w_1024,h_1024,c_limit/crm/louisville/PGA-2024_4A812019-5056-BF65-D62E076B95E1B748_4a9528bf-5056-bf65-d610fc5b9ba26053_f69c17b56b270deda0220b2ba6b4d051.png
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image\012- data
Size
20 kB (20296 bytes)
Hash
bcbcae1853f7245f68dfae807d5aa340
722d62bb5e4727dabbe13340f57936539c867270
c228892cdc73e194f84e64de4241e1e99d73dfe9daa2456a093af9a8a6f745cb

HTTP Headers

GET /www.gotolouisville.com/imager/assets_simpleviewinc_com/simpleview/image/upload/w_1024,h_1024,c_limit/crm/louisville/PGA-2024_4A812019-5056-BF65-D62E076B95E1B748_4a9528bf-5056-bf65-d610fc5b9ba26053_f69c17b56b270deda0220b2ba6b4d051.png HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 13 Oct 2023 11:34:35 GMT
content-type: image/webp
content-length: 20296
last-modified: Fri, 13 Oct 2023 11:34:35 GMT
expires: Sun, 12 Oct 2025 23:34:35 GMT
cache-control: public, max-age=63115200
link: <http://www.gotolouisville.com/imager/assets_simpleviewinc_com/simpleview/image/upload/w_1024,h_1024,c_limit/crm/louisville/PGA-2024_4A812019-5056-BF65-D62E076B95E1B748_4a9528bf-5056-bf65-d610fc5b9ba26053_f69c17b56b270deda0220b2ba6b4d051.png>; rel="canonical"
x-content-type-options: nosniff
etag: "f788131a7b1a6fb8"
vary: Accept
x-nc: MISS arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

juanitazrora.pages.dev/wp-content/themes/blossom-feminine/js/owlcarousel2-a11ylayer.min.js?ver=0.2.1

188.114.96.1

200 OK

1.8 kB

URL GET HTTP/3
juanitazrora.pages.dev/wp-content/themes/blossom-feminine/js/owlcarousel2-a11ylayer.min.js?ver=0.2.1
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerGoogle Trust Services LLC
Subjectjuanitazrora.pages.dev
Fingerprint4E:52:46:D2:D0:B1:50:BC:4C:7F:8B:AD:14:8B:67:9E:7F:71:9F:D1
ValidityThu, 28 Sep 2023 03:21:22 GMT - Wed, 27 Dec 2023 03:21:21 GMT

File type
ASCII text, with very long lines (732)
Size
1.8 kB (1766 bytes)
Hash
374ec4bf0fcd3e085fb90db462d3d050
c220d36ecae52e15204be69fca0c194eb0647f0f
d448c501f4240eb6df89577fe0b157189651fca48232c3134fb7e8aec810ff33

HTTP Headers

GET /wp-content/themes/blossom-feminine/js/owlcarousel2-a11ylayer.min.js?ver=0.2.1 HTTP/1.1
Host: juanitazrora.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 13 Oct 2023 11:34:35 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"90ab1b6adcb65cd3fc2724a75a4276c8"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QC0TJv9VonaGP6ispwntq5Av%2FPo93JVJT6CL27CDGaH3nW%2BltC8y1WMH7S%2FK1koroXVB%2FwGyMmj%2B4Ghcc%2FJUzWZrR7j1sw9B%2BZ5SBynHUVMAE3TmToFrRhI%2BneAAea0WG%2FAGeRqXfnl%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81574634dcd856ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

i2.wp.com/www.macalester.edu/news/wp-content/uploads/sites/5/2017/01/spring1920.jpg

192.0.77.2

200 OK

361 kB

URL GET HTTP/2
i2.wp.com/www.macalester.edu/news/wp-content/uploads/sites/5/2017/01/spring1920.jpg
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x1080, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
361 kB (360694 bytes)
Hash
f09884b19a199a6f5cc7f305c950e925
dca96d312c95687f21b78b0697f217c0bc260e39
c3a21365985c7e1e4f26e578a90c8c821f54838c71b5825809a279f1b36f363c

HTTP Headers

GET /www.macalester.edu/news/wp-content/uploads/sites/5/2017/01/spring1920.jpg HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 13 Oct 2023 11:34:35 GMT
content-type: image/webp
content-length: 360694
last-modified: Fri, 13 Oct 2023 11:34:35 GMT
expires: Sun, 12 Oct 2025 23:34:35 GMT
cache-control: public, max-age=63115200
link: <http://www.macalester.edu/news/wp-content/uploads/sites/5/2017/01/spring1920.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "9815db8dd1e17794"
vary: Accept
x-nc: MISS arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

i2.wp.com/d1dhn91mufybwl.cloudfront.net/collections/items/d5533119526c7f5f1732a7i104626325/covers/page_1/medium

192.0.77.2

200 OK

306 kB

URL GET HTTP/2
i2.wp.com/d1dhn91mufybwl.cloudfront.net/collections/items/d5533119526c7f5f1732a7i104626325/covers/page_1/medium
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 900x1059, components 3\012- data
Size
306 kB (305634 bytes)
Hash
08c6fc9602ffbeb00fe5d21046c47b5d
a34b9640c159f6578d0f8285ff040c6b7161f7ec
5a4a1734316c21542f27f86865e4669667ab6d820fe453dfa0ec0117254dca1a

HTTP Headers

GET /d1dhn91mufybwl.cloudfront.net/collections/items/d5533119526c7f5f1732a7i104626325/covers/page_1/medium HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 13 Oct 2023 11:34:35 GMT
content-type: image/jpeg
content-length: 305634
last-modified: Fri, 13 Oct 2023 11:34:35 GMT
expires: Sun, 12 Oct 2025 23:34:35 GMT
cache-control: public, max-age=63115200
link: <http://d1dhn91mufybwl.cloudfront.net/collections/items/d5533119526c7f5f1732a7i104626325/covers/page_1/medium>; rel="canonical"
x-content-type-options: nosniff
etag: "6c17df500b2743c8"
x-bytes-saved: 7393
vary: Accept
x-nc: MISS arn 6
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

i2.wp.com/www.macalester.edu/news/wp-content/uploads/sites/5/2020/10/Class-of-2024-feature.jpg

192.0.77.2

200 OK

353 kB

URL GET HTTP/2
i2.wp.com/www.macalester.edu/news/wp-content/uploads/sites/5/2020/10/Class-of-2024-feature.jpg
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x1080, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
353 kB (353400 bytes)
Hash
33806924cb935df9e394cbdece3ec9bb
42dbd20d96fc818d7fc60de159314feb99e33d00
a9914d2164514df54d08e1dbd6e91888bb7074011346917e5946e6e8e1ff15ea

HTTP Headers

GET /www.macalester.edu/news/wp-content/uploads/sites/5/2020/10/Class-of-2024-feature.jpg HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 13 Oct 2023 11:34:36 GMT
content-type: image/webp
content-length: 353400
last-modified: Fri, 13 Oct 2023 11:34:35 GMT
expires: Sun, 12 Oct 2025 23:34:35 GMT
cache-control: public, max-age=63115200
link: <http://www.macalester.edu/news/wp-content/uploads/sites/5/2020/10/Class-of-2024-feature.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "bf9ea6e4922e387a"
vary: Accept
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

juanitazrora.pages.dev/wp-content/themes/blossom-feminine/js/sticky-kit.min.js?ver=1.1.3

188.114.96.1

200 OK

1.9 kB

URL GET HTTP/3
juanitazrora.pages.dev/wp-content/themes/blossom-feminine/js/sticky-kit.min.js?ver=1.1.3
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerGoogle Trust Services LLC
Subjectjuanitazrora.pages.dev
Fingerprint4E:52:46:D2:D0:B1:50:BC:4C:7F:8B:AD:14:8B:67:9E:7F:71:9F:D1
ValidityThu, 28 Sep 2023 03:21:22 GMT - Wed, 27 Dec 2023 03:21:21 GMT

File type
ASCII text, with very long lines (546)
Size
1.9 kB (1881 bytes)
Hash
894bf69a88c8406680629c151343ff1e
c51154c3433802a7b8d1a7f31e7aad54a3a2abf5
7a39f30800c1ef8779686fd48037bb5d95fc6471cefe29e60c61f00ae2a846db

HTTP Headers

GET /wp-content/themes/blossom-feminine/js/sticky-kit.min.js?ver=1.1.3 HTTP/1.1
Host: juanitazrora.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 13 Oct 2023 11:34:35 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"f8033704f5bc28f63fe91e46e55f329e"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4nr1RSFXQHNQzXvMonTkOBPBPSGmkJTdDIAas2Y%2BK%2FS%2B2RDKs9M9uw%2BMnCnFElWIQpRf8YsDRzcL6y%2BJeJYBq6Ejs%2B4kSBXka1MQ2ukqTEaNsioxP2y4983V6F4yXE9AwTg2qdhZf7Xd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81574634dcd656ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

i2.wp.com/www.macalester.edu/news/wp-content/uploads/sites/5/2019/04/campus-spring-1920.jpg

192.0.77.2

200 OK

899 kB

URL GET HTTP/2
i2.wp.com/www.macalester.edu/news/wp-content/uploads/sites/5/2019/04/campus-spring-1920.jpg
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x1080, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
899 kB (899138 bytes)
Hash
5406c6b2b21a8e8be5e4a727879de496
a86ccaa1a3ecdd120191da444dcb529ff7875232
43be5b2e2dfba6f1ec6f875aacf42d62fada8fe89ef38b7ac4872da319cef5f0

HTTP Headers

GET /www.macalester.edu/news/wp-content/uploads/sites/5/2019/04/campus-spring-1920.jpg HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 13 Oct 2023 11:34:36 GMT
content-type: image/webp
content-length: 899138
last-modified: Fri, 13 Oct 2023 11:34:36 GMT
expires: Sun, 12 Oct 2025 23:34:36 GMT
cache-control: public, max-age=63115200
link: <http://www.macalester.edu/news/wp-content/uploads/sites/5/2019/04/campus-spring-1920.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "20cb2ceb0d8c1b60"
vary: Accept
x-nc: MISS arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

pl17601119.highrevenuegate.com/c8/30/e6/c830e61dc7b13dddffbcf2286546b8d3.js

192.243.61.225

200 OK

14 kB

URL GET HTTP/1.1
pl17601119.highrevenuegate.com/c8/30/e6/c830e61dc7b13dddffbcf2286546b8d3.js
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerLet's Encrypt
Subjecthighrevenuegate.com
FingerprintBF:3D:34:A1:6D:63:FB:EC:A2:AB:69:9D:4D:6C:85:44:B0:EC:84:20
ValidityWed, 30 Aug 2023 22:18:39 GMT - Tue, 28 Nov 2023 22:18:38 GMT

File type
ASCII text, with very long lines (40512), with no line terminators
Size
14 kB (14443 bytes)
Hash
72b8ec0602aa208257a792ca1ae8dbfa
6b76832cb825b5896e4ab4d975f74d04b5ab0ce2
30eb106a401f8bba3538b41bf8d7bc3d2d968dcccc31b353f5d65e1a49e3e794

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /c8/30/e6/c830e61dc7b13dddffbcf2286546b8d3.js HTTP/1.1
Host: pl17601119.highrevenuegate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 13 Oct 2023 11:34:36 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e110415c733cfbe50d81e53305993a2a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

pl16907464.highrevenuegate.com/70/fc/c4/70fcc49edd080ac52f417ceb88fa752a.js

192.243.59.13

200 OK

18 kB

URL GET HTTP/1.1
pl16907464.highrevenuegate.com/70/fc/c4/70fcc49edd080ac52f417ceb88fa752a.js
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerLet's Encrypt
Subjecthighrevenuegate.com
FingerprintBF:3D:34:A1:6D:63:FB:EC:A2:AB:69:9D:4D:6C:85:44:B0:EC:84:20
ValidityWed, 30 Aug 2023 22:18:39 GMT - Tue, 28 Nov 2023 22:18:38 GMT

File type
ASCII text, with very long lines (43186), with no line terminators
Size
18 kB (17621 bytes)
Hash
f06f7e0f9dda22df32c97ee93ec46c71
818be13c7d7e077c3859338021577f970e4fa06c
d1bd3811c4e67be51754d1659be35774a4203f9eafbb573d51bc7b2633d872fb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /70/fc/c4/70fcc49edd080ac52f417ceb88fa752a.js HTTP/1.1
Host: pl16907464.highrevenuegate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 13 Oct 2023 11:34:36 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b331c7831210664d5cbb5ef727bfd814
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
86dd6d9049c9126ed4d892019fe202f7
0a8c428748a264457cb0d21dd0446c781091ec0f
3e37edfb573c2be91caa2a0d41fa3dbb8c7f5d459c685cac67407e9c980b4dd5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 13 Oct 2023 11:34:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

i2.wp.com/www.calendar2023.net/wp-content/uploads/2022/09/delaware-state-university-academic-calendar-2022-2023-november-1.jpg

192.0.77.2

200 OK

782 kB

URL GET HTTP/2
i2.wp.com/www.calendar2023.net/wp-content/uploads/2022/09/delaware-state-university-academic-calendar-2022-2023-november-1.jpg
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image\012- data
Size
782 kB (782058 bytes)
Hash
284a8d45e40f71376837ca446b3a5167
080651cf10f10e41df0331e8f9de69df854ba4c5
90081c34f4a239899fb8d0ca36436386e7d718cf9de65a230177299c73fc046f

HTTP Headers

GET /www.calendar2023.net/wp-content/uploads/2022/09/delaware-state-university-academic-calendar-2022-2023-november-1.jpg HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 13 Oct 2023 11:34:36 GMT
content-type: image/webp
content-length: 782058
last-modified: Fri, 13 Oct 2023 11:34:36 GMT
expires: Sun, 12 Oct 2025 23:34:36 GMT
cache-control: public, max-age=63115200
link: <http://www.calendar2023.net/wp-content/uploads/2022/09/delaware-state-university-academic-calendar-2022-2023-november-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "8a07a9dfc26c305e"
vary: Accept
x-nc: MISS arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

fonts.gstatic.com/s/playfairdisplay/v36/nuFRD-vYSZviVYUb_rj3ij__anPXDTnCjmHKM4nYO7KN_k-UXtHA-Q.woff2

142.250.74.163

200 OK

23 kB

URL GET HTTP/2
fonts.gstatic.com/s/playfairdisplay/v36/nuFRD-vYSZviVYUb_rj3ij__anPXDTnCjmHKM4nYO7KN_k-UXtHA-Q.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint24:E0:20:DC:DE:E3:A8:D9:A8:17:BA:26:F5:41:32:19:98:D0:30:F3
ValidityMon, 18 Sep 2023 08:25:05 GMT - Mon, 11 Dec 2023 08:25:04 GMT

File type
Web Open Font Format (Version 2), TrueType, length 23276, version 1.0\012- data
Size
23 kB (23276 bytes)
Hash
57c1819ddc26798ba8573d53d8d1eb1a
3845a262d76f5f6e03719c60e562996ac5055025
d4bd07bee1ae9aa11e2bb6540f9d587d934ac0e64fe4f263cf0cd033b5ff8733

HTTP Headers

GET /s/playfairdisplay/v36/nuFRD-vYSZviVYUb_rj3ij__anPXDTnCjmHKM4nYO7KN_k-UXtHA-Q.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://juanitazrora.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23276
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 06 Oct 2023 16:03:27 GMT
expires: Sat, 05 Oct 2024 16:03:27 GMT
cache-control: public, max-age=31536000
age: 588669
last-modified: Thu, 24 Aug 2023 20:47:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Nunito+Sans%3A200%2C300%2Cregular%2C500%2C600%2C700%2C800%2C900%2C200italic%2C300italic%2Citalic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CCormorant%3A300%2Cregular%2C500%2C600%2C700%2C300italic%2Citalic%2C500italic%2C600italic%2C700italic%7CPlayfair+Display%3A700italic

142.250.74.106

200 OK

34 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Nunito+Sans%3A200%2C300%2Cregular%2C500%2C600%2C700%2C800%2C900%2C200italic%2C300italic%2Citalic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CCormorant%3A300%2Cregular%2C500%2C600%2C700%2C300italic%2Citalic%2C500italic%2C600italic%2C700italic%7CPlayfair+Display%3A700italic
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint73:C0:B4:AB:41:0A:6A:68:D4:AE:EE:E2:11:A4:38:23:EF:D2:86:B7
ValidityMon, 18 Sep 2023 08:25:07 GMT - Mon, 11 Dec 2023 08:25:06 GMT

File type
gzip compressed data, max compression\012- data
Size
34 kB (33907 bytes)
Hash
b13578aed546277e7648a24343809ae7
5350d4d2b0144cd0b35d82104814bad56b12ef29
2801b462095a3754a9c6f053736f2767bdcd8e42f50cefc61ae6268727b1e80f

HTTP Headers

GET /css?family=Nunito+Sans%3A200%2C300%2Cregular%2C500%2C600%2C700%2C800%2C900%2C200italic%2C300italic%2Citalic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CCormorant%3A300%2Cregular%2C500%2C600%2C700%2C300italic%2Citalic%2C500italic%2C600italic%2C700italic%7CPlayfair+Display%3A700italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 13 Oct 2023 11:34:35 GMT
date: Fri, 13 Oct 2023 11:34:35 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

juanitazrora.pages.dev/wp-includes/js/jquery/jquery.min.js?ver=3.7.0

188.114.96.1

200 OK

63 kB

URL GET HTTP/3
juanitazrora.pages.dev/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerGoogle Trust Services LLC
Subjectjuanitazrora.pages.dev
Fingerprint4E:52:46:D2:D0:B1:50:BC:4C:7F:8B:AD:14:8B:67:9E:7F:71:9F:D1
ValidityThu, 28 Sep 2023 03:21:22 GMT - Wed, 27 Dec 2023 03:21:21 GMT

File type
ASCII text, with very long lines (65447)
Size
63 kB (62568 bytes)
Hash
ff04dd1ef5c67998d8652330c0441689
5e6ff5bd5240181a8bdea983837f39ac231dac4d
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.0 HTTP/1.1
Host: juanitazrora.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 13 Oct 2023 11:34:34 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"130b4ba2dd351c4ccfd435a97b37d4f3"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tHzrDRpmJ6d2NEzwAjq883dLHLZrr4f4ebhbJKXIfk8CGuExvAX1HCtWepU9YMPfhpqvDGi%2BNL%2FqX6d8ofBpOLePxHt3ecxF%2BS30%2F5Hvt%2F%2Bh1lzdKH3Zf5zGcuocz2hylfmbuM%2BfkSB0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 815746341bd956ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/nunitosans/v15/pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2

142.250.74.163

200 OK

31 kB

URL GET HTTP/2
fonts.gstatic.com/s/nunitosans/v15/pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint24:E0:20:DC:DE:E3:A8:D9:A8:17:BA:26:F5:41:32:19:98:D0:30:F3
ValidityMon, 18 Sep 2023 08:25:05 GMT - Mon, 11 Dec 2023 08:25:04 GMT

File type
Web Open Font Format (Version 2), TrueType, length 31052, version 1.0\012- data
Size
31 kB (31052 bytes)
Hash
5c4f357d4926fc197d43abc63b7fca8c
686af7000d038d7479ed36b48a8ebb0ea9b98aea
1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3

HTTP Headers

GET /s/nunitosans/v15/pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://juanitazrora.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31052
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 07 Oct 2023 03:40:12 GMT
expires: Sun, 06 Oct 2024 03:40:12 GMT
cache-control: public, max-age=31536000
age: 546864
last-modified: Thu, 27 Apr 2023 00:27:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/nunitosans/v15/pe0RMImSLYBIv1o4X1M8cce4OdVisMz5nZRqy6cmmmU3t2FQWEAEOvV9wNvrwlNstMKW3Y6K5WMwd-laLQ.woff2

142.250.74.163

200 OK

33 kB

URL GET HTTP/2
fonts.gstatic.com/s/nunitosans/v15/pe0RMImSLYBIv1o4X1M8cce4OdVisMz5nZRqy6cmmmU3t2FQWEAEOvV9wNvrwlNstMKW3Y6K5WMwd-laLQ.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint24:E0:20:DC:DE:E3:A8:D9:A8:17:BA:26:F5:41:32:19:98:D0:30:F3
ValidityMon, 18 Sep 2023 08:25:05 GMT - Mon, 11 Dec 2023 08:25:04 GMT

File type
Web Open Font Format (Version 2), TrueType, length 32972, version 1.0\012- data
Size
33 kB (32972 bytes)
Hash
ccc822c8aee131fcb221fc3257a83991
e15730e1e1ed021b25b89c81309308d67a3c0172
c8e4df00bdad9ee1602ded3b28ca40610b3866740f0d70272ffaaf748dedf694

HTTP Headers

GET /s/nunitosans/v15/pe0RMImSLYBIv1o4X1M8cce4OdVisMz5nZRqy6cmmmU3t2FQWEAEOvV9wNvrwlNstMKW3Y6K5WMwd-laLQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://juanitazrora.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 32972
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 06 Oct 2023 23:32:12 GMT
expires: Sat, 05 Oct 2024 23:32:12 GMT
cache-control: public, max-age=31536000
age: 561744
last-modified: Thu, 27 Apr 2023 01:04:46 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

juanitazrora.pages.dev/wp-content/plugins/wp-author-date-and-meta-remover/css/entrymetastyle.css?ver=1.0

188.114.96.1

200 OK

31 kB

URL GET HTTP/3
juanitazrora.pages.dev/wp-content/plugins/wp-author-date-and-meta-remover/css/entrymetastyle.css?ver=1.0
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerGoogle Trust Services LLC
Subjectjuanitazrora.pages.dev
Fingerprint4E:52:46:D2:D0:B1:50:BC:4C:7F:8B:AD:14:8B:67:9E:7F:71:9F:D1
ValidityThu, 28 Sep 2023 03:21:22 GMT - Wed, 27 Dec 2023 03:21:21 GMT

File type
ASCII text
Size
31 kB (31257 bytes)
Hash
ed8e0debcc5d5da76c2fb558b74d6442
81854bb3b2c2950543466cca29719184ef8c5b5c
e8456c6f58105dfef69d2e2e3213aca84019d8e1a9ab5766e2951ad9693b5ebb

HTTP Headers

GET /wp-content/plugins/wp-author-date-and-meta-remover/css/entrymetastyle.css?ver=1.0 HTTP/1.1
Host: juanitazrora.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 13 Oct 2023 11:34:35 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"778814af68f9e82706e2f2f9337e92b5"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8P%2BX1teAemoJRw%2FmVPTOIS8IZfgbrszlX961kCyKkbvR2JhzFhDLVFoH6%2BiLmFG9A%2FM%2BZpAYkWa7JTOAGRMyU3ZWxG7cpLo0GXXnZ5QoAC7Vs6TZP5VdihiW%2FT4%2FLu6PDId4aN0rwaXp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81574634bcb056ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

juanitazrora.pages.dev/wp-content/themes/blossom-feminine/style.css?ver=6.3.1

188.114.96.1

200 OK

58 kB

URL GET HTTP/3
juanitazrora.pages.dev/wp-content/themes/blossom-feminine/style.css?ver=6.3.1
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerGoogle Trust Services LLC
Subjectjuanitazrora.pages.dev
Fingerprint4E:52:46:D2:D0:B1:50:BC:4C:7F:8B:AD:14:8B:67:9E:7F:71:9F:D1
ValidityThu, 28 Sep 2023 03:21:22 GMT - Wed, 27 Dec 2023 03:21:21 GMT

File type
ASCII text, with very long lines (6120)
Size
58 kB (58079 bytes)
Hash
6e9fd5da967e882e8226b491236b50ba
eeda49b453e14fb1f9d9dcede3e39ca3fd212050
02f0c406e1693568c444fcda3b07764cb8b3cfad280517793441f06216e0b2d8

HTTP Headers

GET /wp-content/themes/blossom-feminine/style.css?ver=6.3.1 HTTP/1.1
Host: juanitazrora.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 13 Oct 2023 11:34:34 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"72ebd96ba31cbdbc9049e1251ccb8f7f"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a7%2FlnWIhFQa3thNb79w1jgh%2BVN7rmD4VwUwsWriKG32gmn9KODlMNWJiB1rTdhVfcZ10mAgePpldg0I6scaN4%2Fp5uhv18YVmAcKmZ1yVyv1rF54y6Fr3e7wy0Aiek0vA7X%2FVxhvh01Ya"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 815746341bcc56ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ocsp.r2m03.amazontrust.com/

143.204.48.16

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
143.204.48.16:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
a0730c1aea729bfff643501dff753c76
c96821eda8eec169a7bf1213ebc3c48dc81e9e5f
a3efdfa1f561f8acfcb256d79bce25f4233cb01b34044f8a8ad02fad6e01ee69

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Fri, 13 Oct 2023 11:34:36 GMT
Last-Modified: Fri, 13 Oct 2023 10:47:41 GMT
Server: ECAcc (ska/F73C)
X-Cache: Miss from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: hovxfofpRnqUdvo0u3OR6q5MhH3UIj3gysa8zYP7UZU9QTBI-YWzCg==
Age: 2815

ocsp.r2m03.amazontrust.com/

143.204.48.16

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
143.204.48.16:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
a0730c1aea729bfff643501dff753c76
c96821eda8eec169a7bf1213ebc3c48dc81e9e5f
a3efdfa1f561f8acfcb256d79bce25f4233cb01b34044f8a8ad02fad6e01ee69

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Fri, 13 Oct 2023 11:34:36 GMT
Last-Modified: Fri, 13 Oct 2023 10:48:49 GMT
Server: ECAcc (ska/F75B)
X-Cache: Miss from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: s7akZ_5g2CymIjjrACg-lofpyp5E5PxsFupeB-ZIMV4lemvyCcEb2w==
Age: 2747

i2.wp.com/www.macalester.edu/news/wp-content/uploads/sites/5/2018/04/solvingSustainability-2.jpg

192.0.77.2

200 OK

436 kB

URL GET HTTP/2
i2.wp.com/www.macalester.edu/news/wp-content/uploads/sites/5/2018/04/solvingSustainability-2.jpg
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 3863x2173, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
436 kB (436308 bytes)
Hash
40bcc21e6ae12842482fefd62eb4d312
b558fb8b7547833106128fa93dd6f9ce816d8a8c
9d81dc16fc58c8d7f2c37167438b3a5536ba2a6fe53138dd6539e85ee89593d4

HTTP Headers

GET /www.macalester.edu/news/wp-content/uploads/sites/5/2018/04/solvingSustainability-2.jpg HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 13 Oct 2023 11:34:36 GMT
content-type: image/webp
content-length: 436308
last-modified: Fri, 13 Oct 2023 11:34:36 GMT
expires: Sun, 12 Oct 2025 23:34:36 GMT
cache-control: public, max-age=63115200
link: <http://www.macalester.edu/news/wp-content/uploads/sites/5/2018/04/solvingSustainability-2.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "e6581650aa544466"
vary: Accept
x-nc: MISS arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

juanitazrora.pages.dev/wp-content/themes/blossom-feminine/css/owl.carousel.min.css?ver=2.2.1

188.114.96.1

200 OK

1.4 kB

URL GET HTTP/3
juanitazrora.pages.dev/wp-content/themes/blossom-feminine/css/owl.carousel.min.css?ver=2.2.1
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerGoogle Trust Services LLC
Subjectjuanitazrora.pages.dev
Fingerprint4E:52:46:D2:D0:B1:50:BC:4C:7F:8B:AD:14:8B:67:9E:7F:71:9F:D1
ValidityThu, 28 Sep 2023 03:21:22 GMT - Wed, 27 Dec 2023 03:21:21 GMT

File type
ASCII text, with very long lines (2886)
Size
1.4 kB (1392 bytes)
Hash
2c2dcac58f7dbc17dc6897072ac84add
5c8fae90411cbe52ef2857ce443d05651fd4b78d
420de5da65c4ff98640b396ddefea4eb4079dd8e8047bf1214262c02637f0163

HTTP Headers

GET /wp-content/themes/blossom-feminine/css/owl.carousel.min.css?ver=2.2.1 HTTP/1.1
Host: juanitazrora.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 13 Oct 2023 11:34:34 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"c61273cbbd1fa4048f6e11e98ad30f1f"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wCvvqb7uQ7R3PQP0VlnE34Y4niBbxLtr%2Bddl4%2FO8BH64WNDFxGU8L1uP4%2BJCUvb7UesOlGSi%2BF%2B5SaG748J2NCGKj9sEsk99Z767vbts7WYqpirx1C4Yy54LQY9qnuSm3dpaoEf7twC4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 815746341bd056ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
86dd6d9049c9126ed4d892019fe202f7
0a8c428748a264457cb0d21dd0446c781091ec0f
3e37edfb573c2be91caa2a0d41fa3dbb8c7f5d459c685cac67407e9c980b4dd5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 13 Oct 2023 11:34:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

professionalswebcheck.com/stats

18.194.67.120

200 OK

40 B

URL GET HTTP/2
professionalswebcheck.com/stats
IP
18.194.67.120:443
ASN
#16509 AMAZON-02

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerAmazon
Subjectprofessionalswebcheck.com
Fingerprint75:E9:08:FD:96:58:C7:98:43:E8:21:27:A8:E9:B9:A4:55:28:F2:0C
ValidityWed, 30 Aug 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
4ee46b633f5b55f749ffa2e7c042a9b2
f73a9b0122b48628c95e78eaa2289522e8fc1102
7752f519d0eccfa12c1d4d16dfbb8547cb35fbbdb2e1eec5fe6259ea599c26aa

HTTP Headers

GET /stats HTTP/1.1
Host: professionalswebcheck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
Origin: https://juanitazrora.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 13 Oct 2023 11:34:36 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://juanitazrora.pages.dev
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=bb02faa7-0d68-4b73-a9c4-3a12d79d9870:2:1; expires=Mon, 10 Oct 2033 11:34:36 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

professionalswebcheck.com/stats

18.194.67.120

200 OK

40 B

URL GET HTTP/2
professionalswebcheck.com/stats
IP
18.194.67.120:443
ASN
#16509 AMAZON-02

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerAmazon
Subjectprofessionalswebcheck.com
Fingerprint75:E9:08:FD:96:58:C7:98:43:E8:21:27:A8:E9:B9:A4:55:28:F2:0C
ValidityWed, 30 Aug 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
62727e001c0c5a7f2629f33bd53d15eb
c518b998f9ba8c8146703903f425c5682f9918e7
78f0a5b6b6383c31964956f01306c70d1a1aa764d84bff3ae0288a24f8b8fb06

HTTP Headers

GET /stats HTTP/1.1
Host: professionalswebcheck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
Origin: https://juanitazrora.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 13 Oct 2023 11:34:36 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://juanitazrora.pages.dev
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=3894483c-7212-4528-aec4-28a04d820195:2:1; expires=Mon, 10 Oct 2033 11:34:36 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

juanitazrora.pages.dev/wp-content/themes/blossom-feminine/js/jquery.matchHeight.min.js?ver=0.7.2

188.114.96.1

200 OK

1.4 kB

URL GET HTTP/3
juanitazrora.pages.dev/wp-content/themes/blossom-feminine/js/jquery.matchHeight.min.js?ver=0.7.2
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerGoogle Trust Services LLC
Subjectjuanitazrora.pages.dev
Fingerprint4E:52:46:D2:D0:B1:50:BC:4C:7F:8B:AD:14:8B:67:9E:7F:71:9F:D1
ValidityThu, 28 Sep 2023 03:21:22 GMT - Wed, 27 Dec 2023 03:21:21 GMT

File type
ASCII text, with very long lines (521)
Size
1.4 kB (1371 bytes)
Hash
3182b2beddb1f798f66d27425b9f99d9
ebfe39b9b22623bf3b289d7d8548f04215b7a820
fa87904726726364ad19a7c4b2f2b20ee10637325601b5aa88ed8bfdcb7117a7

HTTP Headers

GET /wp-content/themes/blossom-feminine/js/jquery.matchHeight.min.js?ver=0.7.2 HTTP/1.1
Host: juanitazrora.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 13 Oct 2023 11:34:35 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"eb1af6a14ebde53b11287fbefb3d3531"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OQtSmjgAlV7j99v4GTTuhLBJAMPUGwbR%2B%2BLFPVOm3d1YUOB6%2BkiDYjOVjrVHoLDo9dq8DBekzosPjkCm77irnWfARZesiYGVGnMS3w4e%2BRlwdDtnRTpituy1lrDsBoP5LNB4sO1pRJD6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81574634dcdb56ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.profitabledisplaynetwork.com/0a1f35073c594f712b44ac459670782f/invoke.js

192.243.59.20

200 OK

11 kB

URL GET HTTP/1.1
www.profitabledisplaynetwork.com/0a1f35073c594f712b44ac459670782f/invoke.js
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerLet's Encrypt
Subjectprofitabledisplaynetwork.com
Fingerprint65:91:36:B1:BC:12:0B:BF:7B:99:37:AF:FC:0A:EC:30:1B:40:DA:C8
ValidityWed, 30 Aug 2023 07:29:15 GMT - Tue, 28 Nov 2023 07:29:14 GMT

File type
exported SGML document, ASCII text, with very long lines (29625), with no line terminators
Size
11 kB (10915 bytes)
Hash
5c4041109f5f62fc64157c5b8aa293be
4e84642545842564c966f81557927e88b1eb6279
ef871f82f06a667cfe9a0ec8f3763bbfa168a93483f7a3ba688a8fbb621d7e9e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /0a1f35073c594f712b44ac459670782f/invoke.js HTTP/1.1
Host: www.profitabledisplaynetwork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 13 Oct 2023 11:34:36 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0c014c379f82949dd3d3b9ff42371a77
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

www.profitabledisplaynetwork.com/0a1f35073c594f712b44ac459670782f/invoke.js

192.243.59.20

200 OK

11 kB

URL GET HTTP/1.1
www.profitabledisplaynetwork.com/0a1f35073c594f712b44ac459670782f/invoke.js
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerLet's Encrypt
Subjectprofitabledisplaynetwork.com
Fingerprint65:91:36:B1:BC:12:0B:BF:7B:99:37:AF:FC:0A:EC:30:1B:40:DA:C8
ValidityWed, 30 Aug 2023 07:29:15 GMT - Tue, 28 Nov 2023 07:29:14 GMT

File type
exported SGML document, ASCII text, with very long lines (29631), with no line terminators
Size
11 kB (10916 bytes)
Hash
d1e67ba6c3dc3ebf1bfdbcd3570537bf
42d6b02a23325782331a755679a66a7580e4ba40
d1a0e841ea090bb0c68fb20289e8015ca3cf23d36227e9bf3ef7b3162d018194

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /0a1f35073c594f712b44ac459670782f/invoke.js HTTP/1.1
Host: www.profitabledisplaynetwork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 13 Oct 2023 11:34:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e1ffe5847644448596a919c18c9f5851
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

www.profitabledisplaynetwork.com/0a1f35073c594f712b44ac459670782f/invoke.js

192.243.59.20

200 OK

11 kB

URL GET HTTP/1.1
www.profitabledisplaynetwork.com/0a1f35073c594f712b44ac459670782f/invoke.js
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerLet's Encrypt
Subjectprofitabledisplaynetwork.com
Fingerprint65:91:36:B1:BC:12:0B:BF:7B:99:37:AF:FC:0A:EC:30:1B:40:DA:C8
ValidityWed, 30 Aug 2023 07:29:15 GMT - Tue, 28 Nov 2023 07:29:14 GMT

File type
exported SGML document, ASCII text, with very long lines (29631), with no line terminators
Size
11 kB (10916 bytes)
Hash
f8eebe0e6393dd36287b243ffea18e86
3d8aba98a6d5324f67abe128eda3088c52b00d75
4062a3d277361cce84ef2c3a415e9a993c0eecbc5f3063e92cbd29918195d6f7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /0a1f35073c594f712b44ac459670782f/invoke.js HTTP/1.1
Host: www.profitabledisplaynetwork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 13 Oct 2023 11:34:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e3225e5c1161c43ce15c21831dd713fa
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

i2.wp.com/digitalcommons.macalester.edu/assets/md5images/7f5c7cb62aeff000b6ac3ac055fa4a3e.jpg

192.0.77.2

200 OK

286 kB

URL GET HTTP/2
i2.wp.com/digitalcommons.macalester.edu/assets/md5images/7f5c7cb62aeff000b6ac3ac055fa4a3e.jpg
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 2550x3263, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
286 kB (285950 bytes)
Hash
de8674f9216b82e69519813aab8b428e
596d6666b18af6fc1d5819e36d9fe2af6c10707b
1c8c0a8326e86859150013bd77dd7baf59f8278cef2b21590004d01fd48be23b

HTTP Headers

GET /digitalcommons.macalester.edu/assets/md5images/7f5c7cb62aeff000b6ac3ac055fa4a3e.jpg HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 13 Oct 2023 11:34:37 GMT
content-type: image/webp
content-length: 285950
last-modified: Fri, 13 Oct 2023 11:34:37 GMT
expires: Sun, 12 Oct 2025 23:34:37 GMT
cache-control: public, max-age=63115200
link: <http://digitalcommons.macalester.edu/assets/md5images/7f5c7cb62aeff000b6ac3ac055fa4a3e.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "1fb65831c515b39b"
vary: Accept
x-nc: MISS arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

192.243.61.227

307 Temporary Redirect

0 B

URL GET HTTP/1.1
judicialfizzysoftball.com/watch.223956145144.js?key=0a1f35073c594f712b44ac459670782f&kw=%5B%22macalester%22%2C%22spring%22%2C%222024%22%2C%22schedule%22%2C%22-%22%2C%22byu%22%2C%22football%22%2C%22schedule%22%2C%222024%22%5D&refer=https%3A%2F%2Fjuanitazrora.pages.dev%2Fjpuav-macalester-spring-2024-schedule-wicng%2F&tz=0&dev=e&res=14.2079&uuid=3894483c-7212-4528-aec4-28a04d820195%3A2%3A1
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerLet's Encrypt
Subjectjudicialfizzysoftball.com
FingerprintD8:F0:4C:41:5E:B8:53:DD:A9:DB:D0:B2:04:96:96:5B:BC:91:D2:91
ValidityWed, 27 Sep 2023 00:34:23 GMT - Tue, 26 Dec 2023 00:34:22 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.223956145144.js?key=0a1f35073c594f712b44ac459670782f&kw=%5B%22macalester%22%2C%22spring%22%2C%222024%22%2C%22schedule%22%2C%22-%22%2C%22byu%22%2C%22football%22%2C%22schedule%22%2C%222024%22%5D&refer=https%3A%2F%2Fjuanitazrora.pages.dev%2Fjpuav-macalester-spring-2024-schedule-wicng%2F&tz=0&dev=e&res=14.2079&uuid=3894483c-7212-4528-aec4-28a04d820195%3A2%3A1 HTTP/1.1
Host: judicialfizzysoftball.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
Origin: https://juanitazrora.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Fri, 13 Oct 2023 11:34:37 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent
Custom-Referer: https://juanitazrora.pages.dev
Access-Control-Allow-Origin: https://juanitazrora.pages.dev
Access-Control-Allow-Credentials: true
Location: https://judicialfizzysoftball.com/watch.223956145144.js?key=0a1f35073c594f712b44ac459670782f&kw=%5B%22macalester%22%2C%22spring%22%2C%222024%22%2C%22schedule%22%2C%22-%22%2C%22byu%22%2C%22football%22%2C%22schedule%22%2C%222024%22%5D&refer=https%3A%2F%2Fjuanitazrora.pages.dev%2Fjpuav-macalester-spring-2024-schedule-wicng%2F&tz=0&dev=e&res=14.2079&uuid=3894483c-7212-4528-aec4-28a04d820195%3A2%3A1&shu=d60baa7265a0c3d1735a044768f0aaf27b4e754a8bbd90829cc0f99b64bd7914389919374bc403c0959558f87a38f6c98122c493dfd867c055a9f6792615680437253fd50084d25d008f23a1d7aa2dd8324d3171711434ab810c98bd3139&pst=1697196937&rmtc=t
Set-Cookie: u_pl=16806972; expires=Sat, 14 Oct 2023 11:34:37 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjgwNjk3MiwiayI6IjBhMWYzNTA3M2M1OTRmNzEyYjQ0YWM0NTk2NzA3ODJmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzI3MTYzLCJwaWQiOjMzMDQxOCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6InFidW40cWF4NiIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoxNzkwODg5NDgsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTI0Mzg2LCJibiI6IkZpcmVmb3giLCJidiI6IjExMS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vanVhbml0YXpyb3JhLnBhZ2VzLmRldi9qcHVhdi1tYWNhbGVzdGVyLXNwcmluZy0yMDI0LXNjaGVkdWxlLXdpY25nLyJ9fQ.P5clt2NRPwU1kCE77KwvZ0wfeyqridOZQ06WRuQb8mc; expires=Fri, 13 Oct 2023 11:35:37 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6b88c60448e01643bd49aaf0f641eff2
Strict-Transport-Security: max-age=0; includeSubdomains

gentlynudegranny.com/sbar.json?key=c830e61dc7b13dddffbcf2286546b8d3

173.233.137.52

200 OK

3.9 kB

URL GET HTTP/1.1
gentlynudegranny.com/sbar.json?key=c830e61dc7b13dddffbcf2286546b8d3
IP
173.233.137.52:443
ASN
#7979 SERVERS-COM

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerLet's Encrypt
Subjectgentlynudegranny.com
Fingerprint43:68:15:F3:32:79:D8:09:45:48:6E:C3:D5:AE:D9:75:DB:DD:C0:0A
ValidityWed, 27 Sep 2023 00:33:49 GMT - Tue, 26 Dec 2023 00:33:48 GMT

File type
JSON data\012- , ASCII text, with very long lines (5501), with no line terminators
Size
3.9 kB (3928 bytes)
Hash
a4322a3c6d4228e43f457b6d59152894
d7fdc6785a59e2475499f3a4ae037fbb7c555a28
3ad17d4d941302d26830f38d450ab2d71999dc1aab05cbd49588b77d05ed6a4d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sbar.json?key=c830e61dc7b13dddffbcf2286546b8d3 HTTP/1.1
Host: gentlynudegranny.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
Origin: https://juanitazrora.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 13 Oct 2023 11:34:37 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent
Custom-Referer: https://juanitazrora.pages.dev
Access-Control-Allow-Origin: https://juanitazrora.pages.dev
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17500620; expires=Sat, 14 Oct 2023 11:34:37 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 14 Oct 2023 11:34:37 GMT; secure; SameSite=None
uncs=1; expires=Sat, 14 Oct 2023 11:34:37 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sat, 14 Oct 2023 11:34:37 GMT; secure; SameSite=None
uncs29=1; expires=Sat, 14 Oct 2023 11:34:37 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 22af5d8c29f5981709bac86c83bc81c9
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

fonts.gstatic.com/s/cormorant/v21/H4clBXOCl9bbnla_nHIq75u9.woff2

142.250.74.163

200 OK

32 kB

URL GET HTTP/2
fonts.gstatic.com/s/cormorant/v21/H4clBXOCl9bbnla_nHIq75u9.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint24:E0:20:DC:DE:E3:A8:D9:A8:17:BA:26:F5:41:32:19:98:D0:30:F3
ValidityMon, 18 Sep 2023 08:25:05 GMT - Mon, 11 Dec 2023 08:25:04 GMT

File type
Web Open Font Format (Version 2), TrueType, length 32316, version 1.0\012- data
Size
32 kB (32316 bytes)
Hash
33fc15a618e8604c30ba2cb15f87cd8b
a00c23eaba48e629604be3e14d445e76ed869328
5553138957b1a7a87169ee4a2dbed5d66df20abbfcc9043e0f5cb38c19fd3eb3

HTTP Headers

GET /s/cormorant/v21/H4clBXOCl9bbnla_nHIq75u9.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://juanitazrora.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 32316
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Oct 2023 20:48:35 GMT
expires: Fri, 11 Oct 2024 20:48:35 GMT
cache-control: public, max-age=31536000
age: 53162
last-modified: Mon, 20 Mar 2023 20:59:34 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

juanitazrora.pages.dev/wp-content/themes/blossom-feminine/images/bg-search-white.png

188.114.96.1

200 OK

251 B

URL GET HTTP/3
juanitazrora.pages.dev/wp-content/themes/blossom-feminine/images/bg-search-white.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerGoogle Trust Services LLC
Subjectjuanitazrora.pages.dev
Fingerprint4E:52:46:D2:D0:B1:50:BC:4C:7F:8B:AD:14:8B:67:9E:7F:71:9F:D1
ValidityThu, 28 Sep 2023 03:21:22 GMT - Wed, 27 Dec 2023 03:21:21 GMT

File type
PNG image data, 18 x 17, 8-bit/color RGBA, non-interlaced\012- data
Size
251 B (251 bytes)
Hash
9b2812b629364a62e8c98924943c3130
f39461a0da47c24f0b38ff6a24081820c170df77
183d04fbaeb9c92514173d0de22983d8b97930cf5fbf7040c4c18a7f4312ac47

HTTP Headers

GET /wp-content/themes/blossom-feminine/images/bg-search-white.png HTTP/1.1
Host: juanitazrora.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/wp-content/themes/blossom-feminine/style.css?ver=6.3.1
DNT: 1
Connection: keep-alive
Cookie: ppu_main_70fcc49edd080ac52f417ceb88fa752a=1; sb_main_c830e61dc7b13dddffbcf2286546b8d3=1; sb_count_c830e61dc7b13dddffbcf2286546b8d3=1; dom3ic8zudi28v8lr6fgphwffqoz0j6c=3894483c-7212-4528-aec4-28a04d820195%3A2%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 13 Oct 2023 11:34:37 GMT
content-type: image/png
content-length: 251
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ffb8ff952b8b162b4dd1bc3e7787eac1"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WI8SSPb3%2BRJOSvyPwFUjH2RtKXPYscxr0phtbNLu7mqoGn9VCA2d5SVcDSUTiyQWzVMKxf8ZM5ctWzOIahsSZ2EmbTtTdiYmejXQrR0TS0LTkgnjNSLoyOkiq1vnmA%2BjFEFPNtkEZi2G"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 815746446d2156ae-OSL
alt-svc: h3=":443"; ma=86400

192.243.59.20

307 Temporary Redirect

0 B

URL GET HTTP/1.1
hissedassessmentmistake.com/watch.283763370792.js?key=0a1f35073c594f712b44ac459670782f&kw=%5B%22macalester%22%2C%22spring%22%2C%222024%22%2C%22schedule%22%2C%22-%22%2C%22byu%22%2C%22football%22%2C%22schedule%22%2C%222024%22%5D&refer=https%3A%2F%2Fjuanitazrora.pages.dev%2Fjpuav-macalester-spring-2024-schedule-wicng%2F&tz=0&dev=e&res=14.2079&uuid=3894483c-7212-4528-aec4-28a04d820195%3A2%3A1
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerLet's Encrypt
Subjecthissedassessmentmistake.com
Fingerprint3B:6D:08:D3:C3:01:89:76:E6:89:1D:DE:35:9D:BE:89:C6:C0:96:2F
ValidityWed, 27 Sep 2023 00:38:38 GMT - Tue, 26 Dec 2023 00:38:37 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.283763370792.js?key=0a1f35073c594f712b44ac459670782f&kw=%5B%22macalester%22%2C%22spring%22%2C%222024%22%2C%22schedule%22%2C%22-%22%2C%22byu%22%2C%22football%22%2C%22schedule%22%2C%222024%22%5D&refer=https%3A%2F%2Fjuanitazrora.pages.dev%2Fjpuav-macalester-spring-2024-schedule-wicng%2F&tz=0&dev=e&res=14.2079&uuid=3894483c-7212-4528-aec4-28a04d820195%3A2%3A1 HTTP/1.1
Host: hissedassessmentmistake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
Origin: https://juanitazrora.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Fri, 13 Oct 2023 11:34:37 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent
Custom-Referer: https://juanitazrora.pages.dev
Access-Control-Allow-Origin: https://juanitazrora.pages.dev
Access-Control-Allow-Credentials: true
Location: https://hissedassessmentmistake.com/watch.283763370792.js?key=0a1f35073c594f712b44ac459670782f&kw=%5B%22macalester%22%2C%22spring%22%2C%222024%22%2C%22schedule%22%2C%22-%22%2C%22byu%22%2C%22football%22%2C%22schedule%22%2C%222024%22%5D&refer=https%3A%2F%2Fjuanitazrora.pages.dev%2Fjpuav-macalester-spring-2024-schedule-wicng%2F&tz=0&dev=e&res=14.2079&uuid=3894483c-7212-4528-aec4-28a04d820195%3A2%3A1&shu=f50eba9a012a8d40dd25bbabb44ea6603e3baaa1d93bf09645258b4f05c0b46c057fdba55e01a32a31320ad3db71155e31116ec536471049803f3371e1a4ed5df38f9f15a911b29b6202b124cbc373352532e6ff992c8f6c7c0cc19cacfd94&pst=1697196937&rmtc=t
Set-Cookie: u_pl=16806972; expires=Sat, 14 Oct 2023 11:34:37 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjgwNjk3MiwiayI6IjBhMWYzNTA3M2M1OTRmNzEyYjQ0YWM0NTk2NzA3ODJmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzI3MTYzLCJwaWQiOjMzMDQxOCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6InFidW40cWF4NiIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoxNzkwODg5NDgsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTI0Mzg2LCJibiI6IkZpcmVmb3giLCJidiI6IjExMS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vanVhbml0YXpyb3JhLnBhZ2VzLmRldi9qcHVhdi1tYWNhbGVzdGVyLXNwcmluZy0yMDI0LXNjaGVkdWxlLXdpY25nLyJ9fQ.P5clt2NRPwU1kCE77KwvZ0wfeyqridOZQ06WRuQb8mc; expires=Fri, 13 Oct 2023 11:35:37 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 039a8cc58d3753c2ad811a9d6f8700f1
Strict-Transport-Security: max-age=0; includeSubdomains

gentlynudegranny.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2sdVRS%2B08aC7UrRhYLwlpbKy8y8yfthF9JYI8G0qa2iuJH7a16uuTN3uHfmzUt0ESxIl8%2F%2FYPK9pEENRd2KRSbuKkKeqyyMIPgXCF3Lewk%2BPXA533e%2Bs%2FjOOfeL3eKU%2BCjoycots620potLTb%2Fx6odBcL2xptJi2Bh22x%2B3o%2BsNO3g98HtN%2F2rjbck3zWLoB74f%2BEFjRVkZm%2BFiEARNHyo77AXNnt%2BMwmawFGFo%2F89d4cFRD2JwSp6HEpPLh48iKF4jTb69Kd1mbrLX3koKTXNjMRAH76ebqSlTJHMYWw9xenDeDeOOVx7DpPszwzCDfxuZmhDvrz%2FB0oNzl2CD%2FTOjTEOmYOIKykENqWsoWoOb%2B1DimABc4PY60uThbWNLunWm0qk6IQtP%2F4YqJ2Th9xeQJo%2BWtRo27hld5MqkDsO4ghrWUP0aWXGEfPsCVHkEnn8OJX4li0%2FXkCZ7604bKFHNhleqhopraDkCdR6K6VMeithDkXlIxEmjw6NuV3SXBJWchywOunEURz3K%2FZj7rV6Igk%2FtjZBnI3A9Arc7yOwONtUItvgJbqOCEx5cPiHeuzsYiAqlJCgdQUkJSkVQ5gTloNoX2oWueii0K1hwnsPz3KrGJu%2Fv0n2T92VKdrNT8tx0L96VZ3%2FBpjxp8G7Ll%2B1A8A4LWkKIOGY8DsNueylqs65owakKyl2YjbqtJuTlj35Apibkmcvfg9EjOH0Eri6CFq%2BAluNO6INujKOuj%2B30seMbUhRautiYnFGtm0ybvstM3uQmgTAVsnwB%2BZa3q0%2FJS7OLXft0A5I%2FIecBbitktsIn6meCvn4wvmtKsnfXlI58t57lKlHbdHrNeznN5aWv35FbpbFi9aYbfXWDT4UpPHxPunyNpkKlfUe%2BWVZCSLtiLJfkx1X3gWR3CrexXNi0yNbuvLmymmRWOqdMWoOq48%2Fa4GpCLt3Yn%2F3TF%2F9gULaGLSokxdypMjV4tgOXzWvOEFg95yzzUBbV2IZsXtSKQMs5p6yC%2Bw9nc7zrHqBvPdD8PtKkwsBWGOgKVI%2FgiovjPLNP3vitNQsw7Y2Ztt4e01Z%2FebZap04asiPbvV7kRx3h%2BywSYRgsSU5bEe3RMIw7yN1EXr126x8AAAD%2F%2FwEAAP%2F%2FYeXxqHQEAAA%3D

173.233.137.52

200 OK

7 B

URL GET HTTP/1.1
gentlynudegranny.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2sdVRS%2B08aC7UrRhYLwlpbKy8y8yfthF9JYI8G0qa2iuJH7a16uuTN3uHfmzUt0ESxIl8%2F%2FYPK9pEENRd2KRSbuKkKeqyyMIPgXCF3Lewk%2BPXA533e%2Bs%2FjOOfeL3eKU%2BCjoycots620potLTb%2Fx6odBcL2xptJi2Bh22x%2B3o%2BsNO3g98HtN%2F2rjbck3zWLoB74f%2BEFjRVkZm%2BFiEARNHyo77AXNnt%2BMwmawFGFo%2F89d4cFRD2JwSp6HEpPLh48iKF4jTb69Kd1mbrLX3koKTXNjMRAH76ebqSlTJHMYWw9xenDeDeOOVx7DpPszwzCDfxuZmhDvrz%2FB0oNzl2CD%2FTOjTEOmYOIKykENqWsoWoOb%2B1DimABc4PY60uThbWNLunWm0qk6IQtP%2F4YqJ2Th9xeQJo%2BWtRo27hld5MqkDsO4ghrWUP0aWXGEfPsCVHkEnn8OJX4li0%2FXkCZ7604bKFHNhleqhopraDkCdR6K6VMeithDkXlIxEmjw6NuV3SXBJWchywOunEURz3K%2FZj7rV6Igk%2FtjZBnI3A9Arc7yOwONtUItvgJbqOCEx5cPiHeuzsYiAqlJCgdQUkJSkVQ5gTloNoX2oWueii0K1hwnsPz3KrGJu%2Fv0n2T92VKdrNT8tx0L96VZ3%2FBpjxp8G7Ll%2B1A8A4LWkKIOGY8DsNueylqs65owakKyl2YjbqtJuTlj35Apibkmcvfg9EjOH0Eri6CFq%2BAluNO6INujKOuj%2B30seMbUhRautiYnFGtm0ybvstM3uQmgTAVsnwB%2BZa3q0%2FJS7OLXft0A5I%2FIecBbitktsIn6meCvn4wvmtKsnfXlI58t57lKlHbdHrNeznN5aWv35FbpbFi9aYbfXWDT4UpPHxPunyNpkKlfUe%2BWVZCSLtiLJfkx1X3gWR3CrexXNi0yNbuvLmymmRWOqdMWoOq48%2Fa4GpCLt3Yn%2F3TF%2F9gULaGLSokxdypMjV4tgOXzWvOEFg95yzzUBbV2IZsXtSKQMs5p6yC%2Bw9nc7zrHqBvPdD8PtKkwsBWGOgKVI%2FgiovjPLNP3vitNQsw7Y2Ztt4e01Z%2FebZap04asiPbvV7kRx3h%2BywSYRgsSU5bEe3RMIw7yN1EXr126x8AAAD%2F%2FwEAAP%2F%2FYeXxqHQEAAA%3D
IP
173.233.137.52:443
ASN
#7979 SERVERS-COM

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerLet's Encrypt
Subjectgentlynudegranny.com
Fingerprint43:68:15:F3:32:79:D8:09:45:48:6E:C3:D5:AE:D9:75:DB:DD:C0:0A
ValidityWed, 27 Sep 2023 00:33:49 GMT - Tue, 26 Dec 2023 00:33:48 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2sdVRS%2B08aC7UrRhYLwlpbKy8y8yfthF9JYI8G0qa2iuJH7a16uuTN3uHfmzUt0ESxIl8%2F%2FYPK9pEENRd2KRSbuKkKeqyyMIPgXCF3Lewk%2BPXA533e%2Bs%2FjOOfeL3eKU%2BCjoycots620potLTb%2Fx6odBcL2xptJi2Bh22x%2B3o%2BsNO3g98HtN%2F2rjbck3zWLoB74f%2BEFjRVkZm%2BFiEARNHyo77AXNnt%2BMwmawFGFo%2F89d4cFRD2JwSp6HEpPLh48iKF4jTb69Kd1mbrLX3koKTXNjMRAH76ebqSlTJHMYWw9xenDeDeOOVx7DpPszwzCDfxuZmhDvrz%2FB0oNzl2CD%2FTOjTEOmYOIKykENqWsoWoOb%2B1DimABc4PY60uThbWNLunWm0qk6IQtP%2F4YqJ2Th9xeQJo%2BWtRo27hld5MqkDsO4ghrWUP0aWXGEfPsCVHkEnn8OJX4li0%2FXkCZ7604bKFHNhleqhopraDkCdR6K6VMeithDkXlIxEmjw6NuV3SXBJWchywOunEURz3K%2FZj7rV6Igk%2FtjZBnI3A9Arc7yOwONtUItvgJbqOCEx5cPiHeuzsYiAqlJCgdQUkJSkVQ5gTloNoX2oWueii0K1hwnsPz3KrGJu%2Fv0n2T92VKdrNT8tx0L96VZ3%2FBpjxp8G7Ll%2B1A8A4LWkKIOGY8DsNueylqs65owakKyl2YjbqtJuTlj35Apibkmcvfg9EjOH0Eri6CFq%2BAluNO6INujKOuj%2B30seMbUhRautiYnFGtm0ybvstM3uQmgTAVsnwB%2BZa3q0%2FJS7OLXft0A5I%2FIecBbitktsIn6meCvn4wvmtKsnfXlI58t57lKlHbdHrNeznN5aWv35FbpbFi9aYbfXWDT4UpPHxPunyNpkKlfUe%2BWVZCSLtiLJfkx1X3gWR3CrexXNi0yNbuvLmymmRWOqdMWoOq48%2Fa4GpCLt3Yn%2F3TF%2F9gULaGLSokxdypMjV4tgOXzWvOEFg95yzzUBbV2IZsXtSKQMs5p6yC%2Bw9nc7zrHqBvPdD8PtKkwsBWGOgKVI%2FgiovjPLNP3vitNQsw7Y2Ztt4e01Z%2FebZap04asiPbvV7kRx3h%2BywSYRgsSU5bEe3RMIw7yN1EXr126x8AAAD%2F%2FwEAAP%2F%2FYeXxqHQEAAA%3D HTTP/1.1
Host: gentlynudegranny.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: u_pl=17500620; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 13 Oct 2023 11:34:37 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5422e6c3315ec72f95f8ff108cf1e7d8
Strict-Transport-Security: max-age=0; includeSubdomains

juanitazrora.pages.dev/wp-content/themes/blossom-feminine/js/modal-accessibility.min.js?ver=1.1.1

188.114.96.1

200 OK

31 kB

URL GET HTTP/3
juanitazrora.pages.dev/wp-content/themes/blossom-feminine/js/modal-accessibility.min.js?ver=1.1.1
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerGoogle Trust Services LLC
Subjectjuanitazrora.pages.dev
Fingerprint4E:52:46:D2:D0:B1:50:BC:4C:7F:8B:AD:14:8B:67:9E:7F:71:9F:D1
ValidityThu, 28 Sep 2023 03:21:22 GMT - Wed, 27 Dec 2023 03:21:21 GMT

File type
ASCII text, with very long lines (6221)
Size
31 kB (31191 bytes)
Hash
d760abc3f6f9c23ecddac57acf0c6699
45ad8c490e828c7502f6ff72331c768639612d72
3901377847620c1d5817d11fd4b6d93c0a5a393ec7939ad6fc06b036581bdc38

HTTP Headers

GET /wp-content/themes/blossom-feminine/js/modal-accessibility.min.js?ver=1.1.1 HTTP/1.1
Host: juanitazrora.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 13 Oct 2023 11:34:35 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"d9be6775cb868fc6dab8f7be2fce2d52"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sUXtdgeoEa%2FnWgo83%2Bx5BTBAOgZr6L0E%2BvDe7O30yMKWIsiJ7eBwCineS1NpmDjnknx1Y1LMrJM4fNqlUDnc%2BBFA0hDzZlR5beqjTIlR8g2WnRiv421M3ON7WvlrgJbBeV%2BbYLpw37DV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81574634ece156ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

192.243.59.20

307 Temporary Redirect

0 B

URL GET HTTP/1.1
reliablemiraculouscaleb.com/watch.532201478136.js?key=0a1f35073c594f712b44ac459670782f&kw=%5B%22macalester%22%2C%22spring%22%2C%222024%22%2C%22schedule%22%2C%22-%22%2C%22byu%22%2C%22football%22%2C%22schedule%22%2C%222024%22%5D&refer=https%3A%2F%2Fjuanitazrora.pages.dev%2Fjpuav-macalester-spring-2024-schedule-wicng%2F&tz=0&dev=e&res=14.2079&uuid=3894483c-7212-4528-aec4-28a04d820195%3A2%3A1
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerLet's Encrypt
Subjectreliablemiraculouscaleb.com
FingerprintB0:CB:B2:A8:72:53:1B:CF:E0:77:F1:45:F2:12:5A:26:1F:A2:04:41
ValidityTue, 10 Oct 2023 08:24:28 GMT - Mon, 08 Jan 2024 08:24:27 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.532201478136.js?key=0a1f35073c594f712b44ac459670782f&kw=%5B%22macalester%22%2C%22spring%22%2C%222024%22%2C%22schedule%22%2C%22-%22%2C%22byu%22%2C%22football%22%2C%22schedule%22%2C%222024%22%5D&refer=https%3A%2F%2Fjuanitazrora.pages.dev%2Fjpuav-macalester-spring-2024-schedule-wicng%2F&tz=0&dev=e&res=14.2079&uuid=3894483c-7212-4528-aec4-28a04d820195%3A2%3A1 HTTP/1.1
Host: reliablemiraculouscaleb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
Origin: https://juanitazrora.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Fri, 13 Oct 2023 11:34:37 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent
Custom-Referer: https://juanitazrora.pages.dev
Access-Control-Allow-Origin: https://juanitazrora.pages.dev
Access-Control-Allow-Credentials: true
Location: https://reliablemiraculouscaleb.com/watch.532201478136.js?key=0a1f35073c594f712b44ac459670782f&kw=%5B%22macalester%22%2C%22spring%22%2C%222024%22%2C%22schedule%22%2C%22-%22%2C%22byu%22%2C%22football%22%2C%22schedule%22%2C%222024%22%5D&refer=https%3A%2F%2Fjuanitazrora.pages.dev%2Fjpuav-macalester-spring-2024-schedule-wicng%2F&tz=0&dev=e&res=14.2079&uuid=3894483c-7212-4528-aec4-28a04d820195%3A2%3A1&shu=91a0c81194e22fee7d18255a3030f530af18bb7c2defacf22a05861e007f04d84a0b31fc603ff7c69ad95a17f85e6fb2c091061c862e2afccce2d5708dc2fe2093f75e796d74861a60aa3a35183974f93bbc2137219d8db2bb3bb18a2fb351&pst=1697196937&rmtc=t
Set-Cookie: u_pl=16806972; expires=Sat, 14 Oct 2023 11:34:37 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjgwNjk3MiwiayI6IjBhMWYzNTA3M2M1OTRmNzEyYjQ0YWM0NTk2NzA3ODJmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzI3MTYzLCJwaWQiOjMzMDQxOCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6InFidW40cWF4NiIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoxNzkwODg5NDgsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTI0Mzg2LCJibiI6IkZpcmVmb3giLCJidiI6IjExMS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vanVhbml0YXpyb3JhLnBhZ2VzLmRldi9qcHVhdi1tYWNhbGVzdGVyLXNwcmluZy0yMDI0LXNjaGVkdWxlLXdpY25nLyJ9fQ.P5clt2NRPwU1kCE77KwvZ0wfeyqridOZQ06WRuQb8mc; expires=Fri, 13 Oct 2023 11:35:37 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: af5c8f1c25cdd8abff6a3418b9eebac1
Strict-Transport-Security: max-age=0; includeSubdomains

cdn.creative-bars1.com/sb/notifications/vpn/default/us/yan-center/white-icon/1/img/update-icon.png

172.64.102.10

200 OK

35 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/notifications/vpn/default/us/yan-center/white-icon/1/img/update-icon.png
IP
172.64.102.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint48:B7:50:3B:95:5B:52:CB:74:D5:D6:39:E2:DD:12:9D:05:51:D6:87
ValidityWed, 23 Aug 2023 16:10:20 GMT - Tue, 21 Nov 2023 16:10:19 GMT

File type
PNG image data, 250 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size
35 kB (34598 bytes)
Hash
b9c521672928c7785b30728c7d52a37f
cc61c72fd799b55d2a253d8f68f8b1c7eeb6b5cc
1937ab36e5de81103171a30582d0d2174c5fccaed5a0f831ae7ceb07833ab8b0

HTTP Headers

GET /sb/notifications/vpn/default/us/yan-center/white-icon/1/img/update-icon.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 13 Oct 2023 11:34:37 GMT
content-type: image/png
content-length: 34598
last-modified: Fri, 11 Jun 2021 13:55:06 GMT
etag: "60c36b3a-8726"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1459396
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2Bo87Qj2Cn1BqPJkcWprhagMaVGQC0Ytwo6dR%2FYKWHfe7ii2BnTzOzvSvC7OiTFtqDHGBry17bL%2BFVhpRzbgGD6OQoHjL7VkyntvTPHBPJa4zF9NSRuWJ9Q0WfaMiuYrRTUcKR1GVNuG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 815746470bd106cd-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

banquetunarmedgrater.com/advertisers.js

172.67.196.166

200 OK

0 B

URL GET HTTP/2
banquetunarmedgrater.com/advertisers.js
IP
172.67.196.166:443
ASN
#13335 CLOUDFLARENET

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerGoogle Trust Services LLC
Subjectbanquetunarmedgrater.com
Fingerprint77:2B:76:51:D0:51:70:02:2E:BF:B7:9B:02:8B:5A:A4:91:FA:0B:9E
ValidityMon, 11 Sep 2023 08:34:11 GMT - Sun, 10 Dec 2023 08:34:10 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 13 Oct 2023 11:34:38 GMT
content-type: application/javascript
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=172800
x-request-id: 719d9657887d80dd4d96cb8142e3fd98
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 13 Oct 2023 11:34:37 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U0EBvR6WVMl5j4v9yWzUC6Cw9z%2FavY%2F%2BcyI%2BEPjDbywYUDNDrmYw7DAqembMgd8nIA8qNxzmGyV2hf9wAcyY1IwsCQ2JiXOaP68WMg52oMHxGnfleyPK8JK%2FrgsUMdGaj0ZPHVFNL06heoM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 815746461953569c-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

reliablemiraculouscaleb.com/watch.532201478136.js?key=0a1f35073c594f712b44ac459670782f&kw=%5B%22macalester%22%2C%22spring%22%2C%222024%22%2C%22schedule%22%2C%22-%22%2C%22byu%22%2C%22football%22%2C%22schedule%22%2C%222024%22%5D&refer=https%3A%2F%2Fjuanitazrora.pages.dev%2Fjpuav-macalester-spring-2024-schedule-wicng%2F&tz=0&dev=e&res=14.2079&uuid=3894483c-7212-4528-aec4-28a04d820195%3A2%3A1&shu=91a0c81194e22fee7d18255a3030f530af18bb7c2defacf22a05861e007f04d84a0b31fc603ff7c69ad95a17f85e6fb2c091061c862e2afccce2d5708dc2fe2093f75e796d74861a60aa3a35183974f93bbc2137219d8db2bb3bb18a2fb351&pst=1697196937&rmtc=t

192.243.59.20

200 OK

2.0 kB

URL GET HTTP/1.1
reliablemiraculouscaleb.com/watch.532201478136.js?key=0a1f35073c594f712b44ac459670782f&kw=%5B%22macalester%22%2C%22spring%22%2C%222024%22%2C%22schedule%22%2C%22-%22%2C%22byu%22%2C%22football%22%2C%22schedule%22%2C%222024%22%5D&refer=https%3A%2F%2Fjuanitazrora.pages.dev%2Fjpuav-macalester-spring-2024-schedule-wicng%2F&tz=0&dev=e&res=14.2079&uuid=3894483c-7212-4528-aec4-28a04d820195%3A2%3A1&shu=91a0c81194e22fee7d18255a3030f530af18bb7c2defacf22a05861e007f04d84a0b31fc603ff7c69ad95a17f85e6fb2c091061c862e2afccce2d5708dc2fe2093f75e796d74861a60aa3a35183974f93bbc2137219d8db2bb3bb18a2fb351&pst=1697196937&rmtc=t
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerLet's Encrypt
Subjectreliablemiraculouscaleb.com
FingerprintB0:CB:B2:A8:72:53:1B:CF:E0:77:F1:45:F2:12:5A:26:1F:A2:04:41
ValidityTue, 10 Oct 2023 08:24:28 GMT - Mon, 08 Jan 2024 08:24:27 GMT

File type
HTML document, ASCII text, with very long lines (2455)
Size
2.0 kB (1997 bytes)
Hash
0d1052eaa01e85a27fe540b257fc9d1e
b612df9a52d96275202be7a0da79566d86aa5647
8e69a5d519ab9c586033c02627093af71054d577b80d5d7e2f16d77a61415280

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.532201478136.js?key=0a1f35073c594f712b44ac459670782f&kw=%5B%22macalester%22%2C%22spring%22%2C%222024%22%2C%22schedule%22%2C%22-%22%2C%22byu%22%2C%22football%22%2C%22schedule%22%2C%222024%22%5D&refer=https%3A%2F%2Fjuanitazrora.pages.dev%2Fjpuav-macalester-spring-2024-schedule-wicng%2F&tz=0&dev=e&res=14.2079&uuid=3894483c-7212-4528-aec4-28a04d820195%3A2%3A1&shu=91a0c81194e22fee7d18255a3030f530af18bb7c2defacf22a05861e007f04d84a0b31fc603ff7c69ad95a17f85e6fb2c091061c862e2afccce2d5708dc2fe2093f75e796d74861a60aa3a35183974f93bbc2137219d8db2bb3bb18a2fb351&pst=1697196937&rmtc=t HTTP/1.1
Host: reliablemiraculouscaleb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://juanitazrora.pages.dev
Referer: https://juanitazrora.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: u_pl=16806972; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjgwNjk3MiwiayI6IjBhMWYzNTA3M2M1OTRmNzEyYjQ0YWM0NTk2NzA3ODJmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzI3MTYzLCJwaWQiOjMzMDQxOCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6InFidW40cWF4NiIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoxNzkwODg5NDgsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTI0Mzg2LCJibiI6IkZpcmVmb3giLCJidiI6IjExMS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vanVhbml0YXpyb3JhLnBhZ2VzLmRldi9qcHVhdi1tYWNhbGVzdGVyLXNwcmluZy0yMDI0LXNjaGVkdWxlLXdpY25nLyJ9fQ.P5clt2NRPwU1kCE77KwvZ0wfeyqridOZQ06WRuQb8mc
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 13 Oct 2023 11:34:37 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent
Custom-Referer: https://juanitazrora.pages.dev
Access-Control-Allow-Origin: https://juanitazrora.pages.dev
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=3894483c-7212-4528-aec4-28a04d820195:2:1; expires=Fri, 20 Oct 2023 11:34:37 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 14 Oct 2023 11:34:37 GMT; secure; SameSite=None
uncs=1; expires=Sat, 14 Oct 2023 11:34:37 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sat, 14 Oct 2023 11:34:37 GMT; secure; SameSite=None
uncs5=1; expires=Sat, 14 Oct 2023 11:34:37 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: da434088f906064db05a7fdd9f420920
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

hissedassessmentmistake.com/watch.283763370792.js?key=0a1f35073c594f712b44ac459670782f&kw=%5B%22macalester%22%2C%22spring%22%2C%222024%22%2C%22schedule%22%2C%22-%22%2C%22byu%22%2C%22football%22%2C%22schedule%22%2C%222024%22%5D&refer=https%3A%2F%2Fjuanitazrora.pages.dev%2Fjpuav-macalester-spring-2024-schedule-wicng%2F&tz=0&dev=e&res=14.2079&uuid=3894483c-7212-4528-aec4-28a04d820195%3A2%3A1&shu=f50eba9a012a8d40dd25bbabb44ea6603e3baaa1d93bf09645258b4f05c0b46c057fdba55e01a32a31320ad3db71155e31116ec536471049803f3371e1a4ed5df38f9f15a911b29b6202b124cbc373352532e6ff992c8f6c7c0cc19cacfd94&pst=1697196937&rmtc=t

192.243.59.20

200 OK

2.1 kB

URL GET HTTP/1.1
hissedassessmentmistake.com/watch.283763370792.js?key=0a1f35073c594f712b44ac459670782f&kw=%5B%22macalester%22%2C%22spring%22%2C%222024%22%2C%22schedule%22%2C%22-%22%2C%22byu%22%2C%22football%22%2C%22schedule%22%2C%222024%22%5D&refer=https%3A%2F%2Fjuanitazrora.pages.dev%2Fjpuav-macalester-spring-2024-schedule-wicng%2F&tz=0&dev=e&res=14.2079&uuid=3894483c-7212-4528-aec4-28a04d820195%3A2%3A1&shu=f50eba9a012a8d40dd25bbabb44ea6603e3baaa1d93bf09645258b4f05c0b46c057fdba55e01a32a31320ad3db71155e31116ec536471049803f3371e1a4ed5df38f9f15a911b29b6202b124cbc373352532e6ff992c8f6c7c0cc19cacfd94&pst=1697196937&rmtc=t
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerLet's Encrypt
Subjecthissedassessmentmistake.com
Fingerprint3B:6D:08:D3:C3:01:89:76:E6:89:1D:DE:35:9D:BE:89:C6:C0:96:2F
ValidityWed, 27 Sep 2023 00:38:38 GMT - Tue, 26 Dec 2023 00:38:37 GMT

File type
HTML document text\012- HTML document, ASCII text, with very long lines (2640)
Size
2.1 kB (2105 bytes)
Hash
71c6f78cd3891d7c5a3e6d61ee20b645
12770fc70237f630e882cbbc649d4b7d91d68d86
865c8841c8c2a02ff3bc4d7868795efd089f0b4c59471e8090bc026ab1e1b9dd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.283763370792.js?key=0a1f35073c594f712b44ac459670782f&kw=%5B%22macalester%22%2C%22spring%22%2C%222024%22%2C%22schedule%22%2C%22-%22%2C%22byu%22%2C%22football%22%2C%22schedule%22%2C%222024%22%5D&refer=https%3A%2F%2Fjuanitazrora.pages.dev%2Fjpuav-macalester-spring-2024-schedule-wicng%2F&tz=0&dev=e&res=14.2079&uuid=3894483c-7212-4528-aec4-28a04d820195%3A2%3A1&shu=f50eba9a012a8d40dd25bbabb44ea6603e3baaa1d93bf09645258b4f05c0b46c057fdba55e01a32a31320ad3db71155e31116ec536471049803f3371e1a4ed5df38f9f15a911b29b6202b124cbc373352532e6ff992c8f6c7c0cc19cacfd94&pst=1697196937&rmtc=t HTTP/1.1
Host: hissedassessmentmistake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://juanitazrora.pages.dev
Referer: https://juanitazrora.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: u_pl=16806972; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjgwNjk3MiwiayI6IjBhMWYzNTA3M2M1OTRmNzEyYjQ0YWM0NTk2NzA3ODJmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzI3MTYzLCJwaWQiOjMzMDQxOCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6InFidW40cWF4NiIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoxNzkwODg5NDgsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTI0Mzg2LCJibiI6IkZpcmVmb3giLCJidiI6IjExMS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vanVhbml0YXpyb3JhLnBhZ2VzLmRldi9qcHVhdi1tYWNhbGVzdGVyLXNwcmluZy0yMDI0LXNjaGVkdWxlLXdpY25nLyJ9fQ.P5clt2NRPwU1kCE77KwvZ0wfeyqridOZQ06WRuQb8mc
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 13 Oct 2023 11:34:38 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent
Custom-Referer: https://juanitazrora.pages.dev
Access-Control-Allow-Origin: https://juanitazrora.pages.dev
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=3894483c-7212-4528-aec4-28a04d820195:2:1; expires=Fri, 20 Oct 2023 11:34:37 GMT; secure; SameSite=None
iprc5d3f5cf780dcf519fba10b4f5153dbaf=3569806; expires=Fri, 13 Oct 2023 15:34:38 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 14 Oct 2023 11:34:38 GMT; secure; SameSite=None
uncs=1; expires=Sat, 14 Oct 2023 11:34:38 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sat, 14 Oct 2023 11:34:38 GMT; secure; SameSite=None
uncs5=1; expires=Sat, 14 Oct 2023 11:34:38 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2c8092517f4e261afb28b39ba9e8589a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQh_l3eQ5xwiPy07kGEXjmjgmBKBRB7H2mRxCGhv1tFWg5c_mWT

142.250.74.78

200 OK

2.3 kB

URL GET HTTP/2
encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQh_l3eQ5xwiPy07kGEXjmjgmBKBRB7H2mRxCGhv1tFWg5c_mWT
IP
142.250.74.78:443
ASN
#15169 GOOGLE

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint24:E0:20:DC:DE:E3:A8:D9:A8:17:BA:26:F5:41:32:19:98:D0:30:F3
ValidityMon, 18 Sep 2023 08:25:05 GMT - Mon, 11 Dec 2023 08:25:04 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 276x183, components 3\012- data
Size
2.3 kB (2347 bytes)
Hash
9bef96c7479adb40f793c7b0f4f2c33d
aff2b02e9af3e14faa9d22677eda1e2e6bd481cc
fcf9fdd5ab81da78cbca3ca589d8ff4c608a00f3d90665f2dc1aa8b9636998d9

HTTP Headers

GET /images?q=tbn:ANd9GcQh_l3eQ5xwiPy07kGEXjmjgmBKBRB7H2mRxCGhv1tFWg5c_mWT HTTP/1.1
Host: encrypted-tbn0.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-length: 2347
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Oct 2023 12:08:41 GMT
expires: Fri, 11 Oct 2024 12:08:41 GMT
cache-control: public, max-age=31536000
age: 84357
last-modified: Tue, 22 Dec 2015 19:19:47 GMT
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png

45.133.44.10

200 OK

144 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png
IP
45.133.44.10:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint62:DE:BA:BA:30:E9:EE:15:E9:24:B9:C5:BF:E1:7E:39:8B:20:E5:42
ValiditySun, 24 Sep 2023 23:04:02 GMT - Sat, 23 Dec 2023 23:04:01 GMT

File type
PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size
144 kB (144379 bytes)
Hash
33c304429dc1a4408a96e6a74ffa2feb
c45fa8e65528d1bb2b46bf8a28af9eeaa1903d04
dbed482e5948ead5587d30a22306a5b611305f704de940bd22c76daf90e0a314

HTTP Headers

GET /cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 13 Oct 2023 11:34:38 GMT
content-type: image/png
content-length: 144379
server: nginx/1.21.6
last-modified: Wed, 27 Jul 2022 11:07:21 GMT
etag: "62e11c69-233fb"
expires: Sun, 15 Oct 2023 11:34:38 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/cti/c9/11/c0/c911c0a120ad25a0b0f51d2b42804521/1627915999.png

45.133.44.10

200 OK

96 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/c9/11/c0/c911c0a120ad25a0b0f51d2b42804521/1627915999.png
IP
45.133.44.10:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint62:DE:BA:BA:30:E9:EE:15:E9:24:B9:C5:BF:E1:7E:39:8B:20:E5:42
ValiditySun, 24 Sep 2023 23:04:02 GMT - Sat, 23 Dec 2023 23:04:01 GMT

File type
PNG image data, 300 x 250, 8-bit/color RGB, non-interlaced\012- data
Size
96 kB (96103 bytes)
Hash
0ba904126a4592e4866c657f761ddc25
6b40223686b8ce5bf58ec0375a09de7c0c3bec7a
f0e24a117d128140b403f57dc94cf263cf5e6ed39c757f7e0f39988cb32bc00b

HTTP Headers

GET /cti/c9/11/c0/c911c0a120ad25a0b0f51d2b42804521/1627915999.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 13 Oct 2023 11:34:38 GMT
content-type: image/png
content-length: 96103
server: nginx/1.21.6
last-modified: Mon, 02 Aug 2021 14:53:29 GMT
etag: "610806e9-17767"
expires: Sun, 15 Oct 2023 11:34:38 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png

45.133.44.10

200 OK

144 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png
IP
45.133.44.10:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint62:DE:BA:BA:30:E9:EE:15:E9:24:B9:C5:BF:E1:7E:39:8B:20:E5:42
ValiditySun, 24 Sep 2023 23:04:02 GMT - Sat, 23 Dec 2023 23:04:01 GMT

File type
PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size
144 kB (144379 bytes)
Hash
33c304429dc1a4408a96e6a74ffa2feb
c45fa8e65528d1bb2b46bf8a28af9eeaa1903d04
dbed482e5948ead5587d30a22306a5b611305f704de940bd22c76daf90e0a314

HTTP Headers

GET /cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 13 Oct 2023 11:34:38 GMT
content-type: image/png
content-length: 144379
server: nginx/1.21.6
last-modified: Wed, 27 Jul 2022 11:07:21 GMT
etag: "62e11c69-233fb"
expires: Sun, 15 Oct 2023 11:34:38 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

gentlynudegranny.com/pixel/sbls?bv=23.39.7917&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fvpn%2Fdefault%2Fus%2Fyan-center%2Fwhite-icon%2F1%2Fcss%2Fstyle.css&l=3029&fd=377

173.233.137.52

200 OK

0 B

URL GET HTTP/1.1
gentlynudegranny.com/pixel/sbls?bv=23.39.7917&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fvpn%2Fdefault%2Fus%2Fyan-center%2Fwhite-icon%2F1%2Fcss%2Fstyle.css&l=3029&fd=377
IP
173.233.137.52:443
ASN
#7979 SERVERS-COM

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerLet's Encrypt
Subjectgentlynudegranny.com
Fingerprint43:68:15:F3:32:79:D8:09:45:48:6E:C3:D5:AE:D9:75:DB:DD:C0:0A
ValidityWed, 27 Sep 2023 00:33:49 GMT - Tue, 26 Dec 2023 00:33:48 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=23.39.7917&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fvpn%2Fdefault%2Fus%2Fyan-center%2Fwhite-icon%2F1%2Fcss%2Fstyle.css&l=3029&fd=377 HTTP/1.1
Host: gentlynudegranny.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: u_pl=17500620; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 13 Oct 2023 11:34:38 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.163

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint24:E0:20:DC:DE:E3:A8:D9:A8:17:BA:26:F5:41:32:19:98:D0:30:F3
ValidityMon, 18 Sep 2023 08:25:05 GMT - Mon, 11 Dec 2023 08:25:04 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://juanitazrora.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 07 Oct 2023 16:00:01 GMT
expires: Sun, 06 Oct 2024 16:00:01 GMT
cache-control: public, max-age=31536000
age: 502477
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.163

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint24:E0:20:DC:DE:E3:A8:D9:A8:17:BA:26:F5:41:32:19:98:D0:30:F3
ValidityMon, 18 Sep 2023 08:25:05 GMT - Mon, 11 Dec 2023 08:25:04 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://juanitazrora.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 07 Oct 2023 15:57:46 GMT
expires: Sun, 06 Oct 2024 15:57:46 GMT
cache-control: public, max-age=31536000
age: 502612
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

gentlynudegranny.com/pixel/sbls?bv=23.39.7917&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fvpn%2Fdefault%2Fus%2Fyan-center%2Fwhite-icon%2F1%2Fcss%2Fanimate.css&l=79245&fd=384

173.233.137.52

200 OK

0 B

URL GET HTTP/1.1
gentlynudegranny.com/pixel/sbls?bv=23.39.7917&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fvpn%2Fdefault%2Fus%2Fyan-center%2Fwhite-icon%2F1%2Fcss%2Fanimate.css&l=79245&fd=384
IP
173.233.137.52:443
ASN
#7979 SERVERS-COM

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerLet's Encrypt
Subjectgentlynudegranny.com
Fingerprint43:68:15:F3:32:79:D8:09:45:48:6E:C3:D5:AE:D9:75:DB:DD:C0:0A
ValidityWed, 27 Sep 2023 00:33:49 GMT - Tue, 26 Dec 2023 00:33:48 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=23.39.7917&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fvpn%2Fdefault%2Fus%2Fyan-center%2Fwhite-icon%2F1%2Fcss%2Fanimate.css&l=79245&fd=384 HTTP/1.1
Host: gentlynudegranny.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: u_pl=17500620; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 13 Oct 2023 11:34:38 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

i2.wp.com/www.iahsaa.org/wp-content/uploads/2023/04/UNI-Dome-Wide-4.13.23.jpg

192.0.77.2

403 Forbidden

65 B

URL GET HTTP/2
i2.wp.com/www.iahsaa.org/wp-content/uploads/2023/04/UNI-Dome-Wide-4.13.23.jpg
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
65 B (65 bytes)
Hash
e7e8c3a0c8af5f8ff44eb089eb34a8c1
c17601bef241c041e3ec3ee6bca08f769713d03c
3a90c56bbc2ea3fae7e089cc529bc02869c5035ee31c3111d829b9ae974cf42d

HTTP Headers

GET /www.iahsaa.org/wp-content/uploads/2023/04/UNI-Dome-Wide-4.13.23.jpg HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 403 Forbidden
server: nginx
date: Fri, 13 Oct 2023 11:34:35 GMT
content-type: text/html; charset=utf-8
x-nc: MISS arn 1
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/notifications/vpn/default/us/yan-center/white-icon/1/js/script.js

172.64.102.10

200 OK

230 B

URL GET HTTP/2
cdn.creative-bars1.com/sb/notifications/vpn/default/us/yan-center/white-icon/1/js/script.js
IP
172.64.102.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint48:B7:50:3B:95:5B:52:CB:74:D5:D6:39:E2:DD:12:9D:05:51:D6:87
ValidityWed, 23 Aug 2023 16:10:20 GMT - Tue, 21 Nov 2023 16:10:19 GMT

File type
ASCII text
Size
230 B (230 bytes)
Hash
2e3e41be2a52ccafdf2b21d516e16123
0f54443a9d3b6dc5448c5a5ed8cfa0923bb0d8a2
4dd8f6f813457308f2d290b63a8f577b6cfae3db7e1290ecf4a6b628feb1d905

HTTP Headers

GET /sb/notifications/vpn/default/us/yan-center/white-icon/1/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
Origin: https://juanitazrora.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 13 Oct 2023 11:34:38 GMT
content-type: application/javascript
last-modified: Tue, 08 Jun 2021 09:00:47 GMT
etag: W/"60bf31bf-1cf"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SK%2Bd9371VyyzIuOYwdtUhBYiKU2%2FKpUsjybh22m4uvLo1JDJ7yax1M3AXGDv2dfVeCXpUNfqzt%2FYqpl2KTA8Gh%2BeR8Oan9skbPaavIrpUccaBBgjpWvN0Vrsyz3Rw1xmDFnY62mMvTql"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81574646dba806cd-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

juanitazrora.pages.dev/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

188.114.96.1

200 OK

5.1 kB

URL GET HTTP/3
juanitazrora.pages.dev/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerGoogle Trust Services LLC
Subjectjuanitazrora.pages.dev
Fingerprint4E:52:46:D2:D0:B1:50:BC:4C:7F:8B:AD:14:8B:67:9E:7F:71:9F:D1
ValidityThu, 28 Sep 2023 03:21:22 GMT - Wed, 27 Dec 2023 03:21:21 GMT

File type
ASCII text, with very long lines (13479)
Size
5.1 kB (5056 bytes)
Hash
9ffeb32e2d9efbf8f70caabded242267
3ad0c10e501ac2a9bfa18f9cd7e700219b378738
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
Host: juanitazrora.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 13 Oct 2023 11:34:34 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"ff416357a541c2641e2808b797569af3"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2BljRDzSQIoNCRA3l784B7S28B%2FAJgWEzb%2BGGHSQ8%2BxnpcS4LHJy5jGeT%2Fx7837J4X920EVrFN1V0e%2FyHQwMPT2nhlJzX3UG3rjf4PpSurPmGlL1haBc1d7uNi5%2B4tvgyB3P60HeKJYg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 815746341bdd56ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

unseenreport.com/pxf.gif?uuid=3894483c-7212-4528-aec4-28a04d820195&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=0&pk=70fcc49edd080ac52f417ceb88fa752a&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=11

192.243.59.13

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=3894483c-7212-4528-aec4-28a04d820195&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=0&pk=70fcc49edd080ac52f417ceb88fa752a&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=11
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
FingerprintBE:8C:78:D1:BA:58:B8:88:10:09:32:1D:31:7A:D9:4A:09:BF:6C:7A
ValiditySat, 23 Sep 2023 07:33:12 GMT - Fri, 22 Dec 2023 07:33:11 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=3894483c-7212-4528-aec4-28a04d820195&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=0&pk=70fcc49edd080ac52f417ceb88fa752a&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=11 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 13 Oct 2023 11:34:39 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0e00441fc335d11c542cb9d87331e997
Strict-Transport-Security: max-age=0; includeSubdomains

unseenreport.com/pxf.gif?uuid=3894483c-7212-4528-aec4-28a04d820195&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=0&pk=c830e61dc7b13dddffbcf2286546b8d3&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=11

192.243.59.13

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=3894483c-7212-4528-aec4-28a04d820195&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=0&pk=c830e61dc7b13dddffbcf2286546b8d3&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=11
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
FingerprintBE:8C:78:D1:BA:58:B8:88:10:09:32:1D:31:7A:D9:4A:09:BF:6C:7A
ValiditySat, 23 Sep 2023 07:33:12 GMT - Fri, 22 Dec 2023 07:33:11 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=3894483c-7212-4528-aec4-28a04d820195&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=0&pk=c830e61dc7b13dddffbcf2286546b8d3&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=11 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 13 Oct 2023 11:34:39 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7b0ff8f5cc16c61d5c6947c9d4dabb10
Strict-Transport-Security: max-age=0; includeSubdomains

i2.wp.com/www.macalester.edu/news/wp-content/uploads/sites/5/2020/05/20200304_mac_952.jpg

192.0.77.2

400 Bad Request

0 B

URL GET HTTP/2
i2.wp.com/www.macalester.edu/news/wp-content/uploads/sites/5/2020/05/20200304_mac_952.jpg
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /www.macalester.edu/news/wp-content/uploads/sites/5/2020/05/20200304_mac_952.jpg HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 400 Bad Request
server: nginx
date: Fri, 13 Oct 2023 11:34:35 GMT
content-type: text/html; charset=utf-8
x-nc: MISS arn 2
X-Firefox-Spdy: h2

i2.wp.com/lookaside.fbsbx.com/lookaside/crawler/media/?media_id=10159331945170828

192.0.77.2

404 Not Found

0 B

URL GET HTTP/2
i2.wp.com/lookaside.fbsbx.com/lookaside/crawler/media/?media_id=10159331945170828
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /lookaside.fbsbx.com/lookaside/crawler/media/?media_id=10159331945170828 HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: nginx
date: Fri, 13 Oct 2023 11:34:37 GMT
content-type: text/html; charset=utf-8
x-nc: HIT arn 7
X-Firefox-Spdy: h2

judicialfizzysoftball.com/watch.223956145144.js?key=0a1f35073c594f712b44ac459670782f&kw=%5B%22macalester%22%2C%22spring%22%2C%222024%22%2C%22schedule%22%2C%22-%22%2C%22byu%22%2C%22football%22%2C%22schedule%22%2C%222024%22%5D&refer=https%3A%2F%2Fjuanitazrora.pages.dev%2Fjpuav-macalester-spring-2024-schedule-wicng%2F&tz=0&dev=e&res=14.2079&uuid=3894483c-7212-4528-aec4-28a04d820195%3A2%3A1&shu=d60baa7265a0c3d1735a044768f0aaf27b4e754a8bbd90829cc0f99b64bd7914389919374bc403c0959558f87a38f6c98122c493dfd867c055a9f6792615680437253fd50084d25d008f23a1d7aa2dd8324d3171711434ab810c98bd3139&pst=1697196937&rmtc=t

192.243.61.227

200 OK

3.5 kB

URL GET HTTP/1.1
judicialfizzysoftball.com/watch.223956145144.js?key=0a1f35073c594f712b44ac459670782f&kw=%5B%22macalester%22%2C%22spring%22%2C%222024%22%2C%22schedule%22%2C%22-%22%2C%22byu%22%2C%22football%22%2C%22schedule%22%2C%222024%22%5D&refer=https%3A%2F%2Fjuanitazrora.pages.dev%2Fjpuav-macalester-spring-2024-schedule-wicng%2F&tz=0&dev=e&res=14.2079&uuid=3894483c-7212-4528-aec4-28a04d820195%3A2%3A1&shu=d60baa7265a0c3d1735a044768f0aaf27b4e754a8bbd90829cc0f99b64bd7914389919374bc403c0959558f87a38f6c98122c493dfd867c055a9f6792615680437253fd50084d25d008f23a1d7aa2dd8324d3171711434ab810c98bd3139&pst=1697196937&rmtc=t
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerLet's Encrypt
Subjectjudicialfizzysoftball.com
FingerprintD8:F0:4C:41:5E:B8:53:DD:A9:DB:D0:B2:04:96:96:5B:BC:91:D2:91
ValidityWed, 27 Sep 2023 00:34:23 GMT - Tue, 26 Dec 2023 00:34:22 GMT

File type
HTML document text\012- HTML document, ASCII text, with very long lines (3518), with no line terminators
Size
3.5 kB (3490 bytes)
Hash
1f7b6e043ff04e65080b36d8c92a3a4e
f17d7967171c66941fd3cfef44783ed5ae3295f0
7c7f931d025e8b6134b21cf313a19378771663d1af3e13cc16bee1a9de65079c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.223956145144.js?key=0a1f35073c594f712b44ac459670782f&kw=%5B%22macalester%22%2C%22spring%22%2C%222024%22%2C%22schedule%22%2C%22-%22%2C%22byu%22%2C%22football%22%2C%22schedule%22%2C%222024%22%5D&refer=https%3A%2F%2Fjuanitazrora.pages.dev%2Fjpuav-macalester-spring-2024-schedule-wicng%2F&tz=0&dev=e&res=14.2079&uuid=3894483c-7212-4528-aec4-28a04d820195%3A2%3A1&shu=d60baa7265a0c3d1735a044768f0aaf27b4e754a8bbd90829cc0f99b64bd7914389919374bc403c0959558f87a38f6c98122c493dfd867c055a9f6792615680437253fd50084d25d008f23a1d7aa2dd8324d3171711434ab810c98bd3139&pst=1697196937&rmtc=t HTTP/1.1
Host: judicialfizzysoftball.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://juanitazrora.pages.dev
Referer: https://juanitazrora.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: u_pl=16806972; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjgwNjk3MiwiayI6IjBhMWYzNTA3M2M1OTRmNzEyYjQ0YWM0NTk2NzA3ODJmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzI3MTYzLCJwaWQiOjMzMDQxOCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6InFidW40cWF4NiIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoxNzkwODg5NDgsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTI0Mzg2LCJibiI6IkZpcmVmb3giLCJidiI6IjExMS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vanVhbml0YXpyb3JhLnBhZ2VzLmRldi9qcHVhdi1tYWNhbGVzdGVyLXNwcmluZy0yMDI0LXNjaGVkdWxlLXdpY25nLyJ9fQ.P5clt2NRPwU1kCE77KwvZ0wfeyqridOZQ06WRuQb8mc
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 13 Oct 2023 11:34:37 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent
Custom-Referer: https://juanitazrora.pages.dev
Access-Control-Allow-Origin: https://juanitazrora.pages.dev
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=3894483c-7212-4528-aec4-28a04d820195:2:1; expires=Fri, 20 Oct 2023 11:34:37 GMT; secure; SameSite=None
iprce7c80d1107a4793985a6573dae8c659f=3569806; expires=Fri, 13 Oct 2023 15:34:37 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 14 Oct 2023 11:34:37 GMT; secure; SameSite=None
uncs=1; expires=Sat, 14 Oct 2023 11:34:37 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sat, 14 Oct 2023 11:34:37 GMT; secure; SameSite=None
uncs5=1; expires=Sat, 14 Oct 2023 11:34:37 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 09e57a9f089935faaedc39b68a9d12e2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

friendshipmale.com/sfp.js

104.21.234.32

200 OK

86 kB

URL GET HTTP/2
friendshipmale.com/sfp.js
IP
104.21.234.32:443
ASN
#13335 CLOUDFLARENET

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37
ValiditySat, 18 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT

File type

Size
86 kB (85471 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 13 Oct 2023 11:34:36 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: f6294c6ff72674c2aedf0fd14fbfd07e
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 13 Oct 2023 11:34:36 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xrmY6LGIyyFqX0YSEUNobQSeZnBrSwAbSLqrFxl9ILecXlqcLZ7x42Uv7IW2L%2F%2FXcfrolwiyJ5wltXn4DkREjaVeL55usHH2knNHRZlS80DXYNU3%2FtCRhYZAgveoFsPF1LWLKng%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8157463e88d224db-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

i2.wp.com/www.macalester.edu/isp/wp-content/uploads/sites/95/2018/08/2018-PO4IS-Schedule-Two.jpg

192.0.77.2

404 Not Found

0 B

URL GET HTTP/2
i2.wp.com/www.macalester.edu/isp/wp-content/uploads/sites/95/2018/08/2018-PO4IS-Schedule-Two.jpg
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /www.macalester.edu/isp/wp-content/uploads/sites/95/2018/08/2018-PO4IS-Schedule-Two.jpg HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: nginx
date: Fri, 13 Oct 2023 11:34:37 GMT
content-type: text/html; charset=utf-8
x-nc: HIT arn 2
X-Firefox-Spdy: h2

rabblespidersrenaissance.com/pixel/purst?dl=0&th=0&sc=0&rs=2111&rd=2111&fd=1586&bv=23.10.v.1&tmpl=70

173.233.137.44

200 OK

0 B

URL GET HTTP/1.1
rabblespidersrenaissance.com/pixel/purst?dl=0&th=0&sc=0&rs=2111&rd=2111&fd=1586&bv=23.10.v.1&tmpl=70
IP
173.233.137.44:443
ASN
#7979 SERVERS-COM

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerLet's Encrypt
Subjectrabblespidersrenaissance.com
Fingerprint73:4E:26:17:C1:CF:AC:01:11:05:12:E6:14:6C:C3:91:DE:DB:06:DE
ValidityWed, 27 Sep 2023 00:59:44 GMT - Tue, 26 Dec 2023 00:59:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=2111&rd=2111&fd=1586&bv=23.10.v.1&tmpl=70 HTTP/1.1
Host: rabblespidersrenaissance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 13 Oct 2023 11:34:36 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

juanitazrora.pages.dev/favicon.ico

188.114.96.1

200 OK

66 kB

URL GET HTTP/3
juanitazrora.pages.dev/favicon.ico
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerGoogle Trust Services LLC
Subjectjuanitazrora.pages.dev
Fingerprint4E:52:46:D2:D0:B1:50:BC:4C:7F:8B:AD:14:8B:67:9E:7F:71:9F:D1
ValidityThu, 28 Sep 2023 03:21:22 GMT - Wed, 27 Dec 2023 03:21:21 GMT

File type

Size
66 kB (65802 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: juanitazrora.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
DNT: 1
Connection: keep-alive
Cookie: ppu_main_70fcc49edd080ac52f417ceb88fa752a=1; sb_main_c830e61dc7b13dddffbcf2286546b8d3=1; sb_count_c830e61dc7b13dddffbcf2286546b8d3=1; dom3ic8zudi28v8lr6fgphwffqoz0j6c=3894483c-7212-4528-aec4-28a04d820195%3A2%3A1; pbpr0tpuw4isk85t8yg3jb2lj5vqf=gentlynudegranny.com
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 13 Oct 2023 11:34:38 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"ad3fd5de89b43e35ffa3cef44e798b82"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FBp9AzFwrLdJtTibyeAoKX%2BiVqYoNBPOkwFvJwrCSHBvmsI8PYkgB5bk7V0KBWgwU%2BlxoMRFdBJ5DXA0LbVSNMJDt8qcokhgMJmwifrwnTRHrSeb0hRtsK9p18QdgW96Mvp2z9Y8RjqE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81574648895756ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/

188.114.96.1

200 OK

81 kB

URL User Request GET HTTP/2
juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectjuanitazrora.pages.dev
Fingerprint4E:52:46:D2:D0:B1:50:BC:4C:7F:8B:AD:14:8B:67:9E:7F:71:9F:D1
ValidityThu, 28 Sep 2023 03:21:22 GMT - Wed, 27 Dec 2023 03:21:21 GMT

File type

Size
81 kB (81045 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /jpuav-macalester-spring-2024-schedule-wicng/ HTTP/1.1
Host: juanitazrora.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 13 Oct 2023 11:34:34 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"e7915b6e390c61cc3d66435e894bcd48"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P7PPmc8QdP01OoLpjYTzgNr5N%2FfqpsKoA3sf5hJjvZdHxWMr4%2Frj28WFV5lH4HbSNaY8WXQfZlLf7LDNMtN2OQMkfG0Xs78jm4xet7fuJBu0kMU%2Fu9FWAzoZoZou43mkCcYUKX3OyaC0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8157462fbaaab4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

i2.wp.com/www.macalester.edu/about/wp-content/uploads/sites/191/2020/02/visit-macalester-spring-hero-1920x0-c-default.jpg

192.0.77.2

403 Forbidden

0 B

URL GET HTTP/2
i2.wp.com/www.macalester.edu/about/wp-content/uploads/sites/191/2020/02/visit-macalester-spring-hero-1920x0-c-default.jpg
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /www.macalester.edu/about/wp-content/uploads/sites/191/2020/02/visit-macalester-spring-hero-1920x0-c-default.jpg HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 403 Forbidden
server: nginx
date: Fri, 13 Oct 2023 11:34:37 GMT
content-type: text/html; charset=utf-8
x-nc: MISS arn 2
X-Firefox-Spdy: h2

juanitazrora.pages.dev/wp-content/themes/blossom-chic/js/custom.js?ver=1.1.1

188.114.96.1

200 OK

1.0 kB

URL GET HTTP/3
juanitazrora.pages.dev/wp-content/themes/blossom-chic/js/custom.js?ver=1.1.1
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerGoogle Trust Services LLC
Subjectjuanitazrora.pages.dev
Fingerprint4E:52:46:D2:D0:B1:50:BC:4C:7F:8B:AD:14:8B:67:9E:7F:71:9F:D1
ValidityThu, 28 Sep 2023 03:21:22 GMT - Wed, 27 Dec 2023 03:21:21 GMT

File type
ASCII text, with very long lines (1094), with no line terminators
Size
1.0 kB (1048 bytes)
Hash
ae24081b06bbbd82ea9e8cffacf5317f
c3fbed97039886d6ca68401082b6f94790118e95
31b4733468b4505f378e113c8396af9cf49c0146bfcc3b8124592fdce5a41fdb

HTTP Headers

GET /wp-content/themes/blossom-chic/js/custom.js?ver=1.1.1 HTTP/1.1
Host: juanitazrora.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 13 Oct 2023 11:34:35 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"bec3f5b3a76bdc705f52ec59c0155a03"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sC9oMb84Bjcp0Whgv2KREKEeUmD23ZS5RVBuc3rafh3eDHgE5q5Xd8T%2F%2FpMjT5S2fcSPB1JB8Ba9hE9gJvn0kWUOCy8feTqYCTei8NsJ%2F74lyvYQQMnNUyiThC3C2u13u6TsDhnT%2Frxm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81574634bcba56ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cdn.creative-bars1.com/sb/notifications/vpn/default/us/yan-center/white-icon/1/css/style.css

172.64.102.10

200 OK

3.0 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/notifications/vpn/default/us/yan-center/white-icon/1/css/style.css
IP
172.64.102.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint48:B7:50:3B:95:5B:52:CB:74:D5:D6:39:E2:DD:12:9D:05:51:D6:87
ValidityWed, 23 Aug 2023 16:10:20 GMT - Tue, 21 Nov 2023 16:10:19 GMT

File type
ASCII text, with very long lines (3217), with no line terminators
Size
3.0 kB (3029 bytes)
Hash
e721f13c34a28c935d15cb86025ab6a1
ebe63c8c18da2ada707dccd3a9d1e27582750e32
fd8ac12fcadfc0da8c4659cf5bf9c383ab3dd362817486ee42068399740f524e

HTTP Headers

GET /sb/notifications/vpn/default/us/yan-center/white-icon/1/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
Origin: https://juanitazrora.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 13 Oct 2023 11:34:38 GMT
content-type: text/css
last-modified: Fri, 11 Jun 2021 13:55:06 GMT
etag: W/"60c36b3a-bd5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QCD35bm8HzDrY1CqlwRUi%2FgbVHYOTazdJ6ufpiAHzgMA6XeSmda0%2FA6M7%2B8H7U0O3OvfF5bq0%2Bb%2B361GavrfLYn%2FzcN9Q1pAxsP1qrguZQT1iIfKb215jk%2BhvALaMiiTsg7aPKAn6Zmd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81574646dbb206cd-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

juanitazrora.pages.dev/wp-includes/css/dist/block-library/style.min.css?ver=6.3.1

188.114.96.1

200 OK

104 kB

URL GET HTTP/3
juanitazrora.pages.dev/wp-includes/css/dist/block-library/style.min.css?ver=6.3.1
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerGoogle Trust Services LLC
Subjectjuanitazrora.pages.dev
Fingerprint4E:52:46:D2:D0:B1:50:BC:4C:7F:8B:AD:14:8B:67:9E:7F:71:9F:D1
ValidityThu, 28 Sep 2023 03:21:22 GMT - Wed, 27 Dec 2023 03:21:21 GMT

File type

Size
104 kB (104484 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.3.1 HTTP/1.1
Host: juanitazrora.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 13 Oct 2023 11:34:35 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"5dca238fed54e896000b2a0195fc50de"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2CgDdjRJO%2F9l%2F6fJ6vnv9wLNSAi2jPjZZh3qOXrXyRAr259QFpTQktrqD2ZQJppCa8pUqsMF4%2BaSG7R%2FP16jGMeE5%2BJeHOYLN0hmeQHdXJkAhBLcxE%2B%2BQ0sdFeHK0DEzcrzVRXblVanb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 815746340bbb56ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

i2.wp.com/lookaside.fbsbx.com/lookaside/crawler/media/?media_id=10159331945170828

192.0.77.2

404 Not Found

0 B

URL GET HTTP/2
i2.wp.com/lookaside.fbsbx.com/lookaside/crawler/media/?media_id=10159331945170828
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /lookaside.fbsbx.com/lookaside/crawler/media/?media_id=10159331945170828 HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: nginx
date: Fri, 13 Oct 2023 11:34:35 GMT
content-type: text/html; charset=utf-8
x-nc: EXPIRED arn 7
X-Firefox-Spdy: h2

i2.wp.com/www.macalester.edu/about/wp-content/uploads/sites/191/2020/02/visit-macalester-spring-hero-1920x0-c-default.jpg

192.0.77.2

403 Forbidden

0 B

URL GET HTTP/2
i2.wp.com/www.macalester.edu/about/wp-content/uploads/sites/191/2020/02/visit-macalester-spring-hero-1920x0-c-default.jpg
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /www.macalester.edu/about/wp-content/uploads/sites/191/2020/02/visit-macalester-spring-hero-1920x0-c-default.jpg HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 403 Forbidden
server: nginx
date: Fri, 13 Oct 2023 11:34:35 GMT
content-type: text/html; charset=utf-8
x-nc: MISS arn 2
X-Firefox-Spdy: h2

juanitazrora.pages.dev/wp-content/themes/blossom-feminine/js/wow.min.js?ver=1.1.3

188.114.96.1

200 OK

8.4 kB

URL GET HTTP/3
juanitazrora.pages.dev/wp-content/themes/blossom-feminine/js/wow.min.js?ver=1.1.3
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerGoogle Trust Services LLC
Subjectjuanitazrora.pages.dev
Fingerprint4E:52:46:D2:D0:B1:50:BC:4C:7F:8B:AD:14:8B:67:9E:7F:71:9F:D1
ValidityThu, 28 Sep 2023 03:21:22 GMT - Wed, 27 Dec 2023 03:21:21 GMT

File type
ASCII text, with very long lines (8515), with no line terminators
Size
8.4 kB (8415 bytes)
Hash
da4ec6a3e988677b1eff06cb90e95927
4083d1ec23a24f9f0eeb025501b9806b567249aa
85a9285b248eb56c2268288cfcea3ea7806c912ebb82d256fcd7c4e5b7e9c740

HTTP Headers

GET /wp-content/themes/blossom-feminine/js/wow.min.js?ver=1.1.3 HTTP/1.1
Host: juanitazrora.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 13 Oct 2023 11:34:35 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"80eea1e735ae27d60626198e6bea599f"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ULuSvLKt37xvYX%2BK%2BRysBZ9Byn5QX5FYPDBBlZoQxZQX9n4XrxGgcsOCEP0%2FyDGnfdwMzONIFC3kVmPSyIfb0LDP04qKYykJcepX4EMj6RmqaYTozssyJv5OZRx33qBvAuXHjSQDJbCg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81574634dcdc56ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

i2.wp.com/www.macalester.edu/isp/wp-content/uploads/sites/95/2018/08/2018-PO4IS-Schedule-Two.jpg

192.0.77.2

404 Not Found

0 B

URL GET HTTP/2
i2.wp.com/www.macalester.edu/isp/wp-content/uploads/sites/95/2018/08/2018-PO4IS-Schedule-Two.jpg
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /www.macalester.edu/isp/wp-content/uploads/sites/95/2018/08/2018-PO4IS-Schedule-Two.jpg HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: nginx
date: Fri, 13 Oct 2023 11:34:35 GMT
content-type: text/html; charset=utf-8
x-nc: MISS arn 2
X-Firefox-Spdy: h2

gentlynudegranny.com/pixel/sbs?c=1

173.233.137.52

200 OK

0 B

URL GET HTTP/1.1
gentlynudegranny.com/pixel/sbs?c=1
IP
173.233.137.52:443
ASN
#7979 SERVERS-COM

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerLet's Encrypt
Subjectgentlynudegranny.com
Fingerprint43:68:15:F3:32:79:D8:09:45:48:6E:C3:D5:AE:D9:75:DB:DD:C0:0A
ValidityWed, 27 Sep 2023 00:33:49 GMT - Tue, 26 Dec 2023 00:33:48 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: gentlynudegranny.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: u_pl=17500620; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 13 Oct 2023 11:34:38 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

gentlynudegranny.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2tcVRS%2Br60F25WiCwVhlpbK5L35lRe7kNYaCaZNbRXFjdxfb3LNfe8%2B7n133iS6CBaky%2FE%2FePkmaVBDUbdikRd3FSHjKgsjCP4FQtcyk%2BDogcv5vvOdxXfOuV%2Fs%2BBMSwtPj5VtmS2lNF7rNsPHqh1F0rbGqMj9sDOPex73OtYYdvB6FS83wSuNtyTfMQiuMwjAKo8aysjIxw4UoipohVH6wFDWXwman1Yy6HQzt%2F7nzARwNIAYn5HkoMbl08KgDxWtk6bc3pdsoTP7aW6nXtDAWA7H%2FfraRmTJDOoeJDZBk%2B2fdMO5o%2BTFMtjczDDP4t5GpCQn%2B%2BhMs2z9zCTbYOzXKNGQGJi6jHNSQuoaiNbi5DyWOCMAFbq8hSx%2FeNrakm6cqnaoTcuHp31DlhFz4%2FQVk6aMbWg0b94z2hTKZwzCpoIY1VL9G7g9RbJ2DKg%2FBi8%2BhxK9k4ekqsnR3zWkDJarZ8ErVUEkNLUegLoCfPhXAJwF8HiAVx41F3oljEXcFlZy3WBLFSSfpLFEeJjxsL7Xg%2BdTeCEU%2BAtcjcLuN3G5jQ41g%2FU9w6xWcCOCKCQne3cZAVCglQekISkpQKoKyICgH1Z7QruWqh0I7z6Kz3DrL7Wpsiv4O3TNFX2ZkJz8hz033Elx%2B9hdsyOMGj9uh7EWCL7KoLYRIEsaTVivudTs9Fos2nKqg3LnZqFtqQl7%2B6AfkakKeufQ9GD2E04fg6jyofwW0HC%2B2QtD1cScOsZU9dnxdCq%2BlS4wpGNW6ybTpu9wUTW5SCFMhLy6g2Ax29Al5aXaxq5%2BuQ%2FIn5CzAbYXcVvhE%2FUzQ1w%2FGd01Jdu%2Ba0pHv1vJCpWqLTq95r6CFvPj1O3KzNFas3HSjr67zqTCFB%2B9JV6zSTKis78g3N5QQ0i4byyX5ccV9INkd79ZveJv5fPXOm8sraW6lc8pkNag6%2BqwHribk4vW92T998Q8GZWtYXyH1c6fK1OD5Nlw%2BrzlDYPWcszxA6auxbbF5USsCLeecsgruP5zN8Y57gL4NQIv7yNIKA1thoCtQPYLz58dFbp%2B88Vt7FmA6GDNtg12mrf7ydLVOHTc4DyWN2GIkpZDdNuedHo9ZL2l3FmXcFV0UbiKvXL31DwAAAP%2F%2FAQAA%2F%2F%2Bewlm4dAQAAA%3D%3D

192.243.59.12

200 OK

0 B

URL GET HTTP/1.1
gentlynudegranny.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2tcVRS%2Br60F25WiCwVhlpbK5L35lRe7kNYaCaZNbRXFjdxfb3LNfe8%2B7n133iS6CBaky%2FE%2FePkmaVBDUbdikRd3FSHjKgsjCP4FQtcyk%2BDogcv5vvOdxXfOuV%2Fs%2BBMSwtPj5VtmS2lNF7rNsPHqh1F0rbGqMj9sDOPex73OtYYdvB6FS83wSuNtyTfMQiuMwjAKo8aysjIxw4UoipohVH6wFDWXwman1Yy6HQzt%2F7nzARwNIAYn5HkoMbl08KgDxWtk6bc3pdsoTP7aW6nXtDAWA7H%2FfraRmTJDOoeJDZBk%2B2fdMO5o%2BTFMtjczDDP4t5GpCQn%2B%2BhMs2z9zCTbYOzXKNGQGJi6jHNSQuoaiNbi5DyWOCMAFbq8hSx%2FeNrakm6cqnaoTcuHp31DlhFz4%2FQVk6aMbWg0b94z2hTKZwzCpoIY1VL9G7g9RbJ2DKg%2FBi8%2BhxK9k4ekqsnR3zWkDJarZ8ErVUEkNLUegLoCfPhXAJwF8HiAVx41F3oljEXcFlZy3WBLFSSfpLFEeJjxsL7Xg%2BdTeCEU%2BAtcjcLuN3G5jQ41g%2FU9w6xWcCOCKCQne3cZAVCglQekISkpQKoKyICgH1Z7QruWqh0I7z6Kz3DrL7Wpsiv4O3TNFX2ZkJz8hz033Elx%2B9hdsyOMGj9uh7EWCL7KoLYRIEsaTVivudTs9Fos2nKqg3LnZqFtqQl7%2B6AfkakKeufQ9GD2E04fg6jyofwW0HC%2B2QtD1cScOsZU9dnxdCq%2BlS4wpGNW6ybTpu9wUTW5SCFMhLy6g2Ax29Al5aXaxq5%2BuQ%2FIn5CzAbYXcVvhE%2FUzQ1w%2FGd01Jdu%2Ba0pHv1vJCpWqLTq95r6CFvPj1O3KzNFas3HSjr67zqTCFB%2B9JV6zSTKis78g3N5QQ0i4byyX5ccV9INkd79ZveJv5fPXOm8sraW6lc8pkNag6%2BqwHribk4vW92T998Q8GZWtYXyH1c6fK1OD5Nlw%2BrzlDYPWcszxA6auxbbF5USsCLeecsgruP5zN8Y57gL4NQIv7yNIKA1thoCtQPYLz58dFbp%2B88Vt7FmA6GDNtg12mrf7ydLVOHTc4DyWN2GIkpZDdNuedHo9ZL2l3FmXcFV0UbiKvXL31DwAAAP%2F%2FAQAA%2F%2F%2Bewlm4dAQAAA%3D%3D
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerLet's Encrypt
Subjectgentlynudegranny.com
Fingerprint43:68:15:F3:32:79:D8:09:45:48:6E:C3:D5:AE:D9:75:DB:DD:C0:0A
ValidityWed, 27 Sep 2023 00:33:49 GMT - Tue, 26 Dec 2023 00:33:48 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz2tcVRS%2Br60F25WiCwVhlpbK5L35lRe7kNYaCaZNbRXFjdxfb3LNfe8%2B7n133iS6CBaky%2FE%2FePkmaVBDUbdikRd3FSHjKgsjCP4FQtcyk%2BDogcv5vvOdxXfOuV%2Fs%2BBMSwtPj5VtmS2lNF7rNsPHqh1F0rbGqMj9sDOPex73OtYYdvB6FS83wSuNtyTfMQiuMwjAKo8aysjIxw4UoipohVH6wFDWXwman1Yy6HQzt%2F7nzARwNIAYn5HkoMbl08KgDxWtk6bc3pdsoTP7aW6nXtDAWA7H%2FfraRmTJDOoeJDZBk%2B2fdMO5o%2BTFMtjczDDP4t5GpCQn%2B%2BhMs2z9zCTbYOzXKNGQGJi6jHNSQuoaiNbi5DyWOCMAFbq8hSx%2FeNrakm6cqnaoTcuHp31DlhFz4%2FQVk6aMbWg0b94z2hTKZwzCpoIY1VL9G7g9RbJ2DKg%2FBi8%2BhxK9k4ekqsnR3zWkDJarZ8ErVUEkNLUegLoCfPhXAJwF8HiAVx41F3oljEXcFlZy3WBLFSSfpLFEeJjxsL7Xg%2BdTeCEU%2BAtcjcLuN3G5jQ41g%2FU9w6xWcCOCKCQne3cZAVCglQekISkpQKoKyICgH1Z7QruWqh0I7z6Kz3DrL7Wpsiv4O3TNFX2ZkJz8hz033Elx%2B9hdsyOMGj9uh7EWCL7KoLYRIEsaTVivudTs9Fos2nKqg3LnZqFtqQl7%2B6AfkakKeufQ9GD2E04fg6jyofwW0HC%2B2QtD1cScOsZU9dnxdCq%2BlS4wpGNW6ybTpu9wUTW5SCFMhLy6g2Ax29Al5aXaxq5%2BuQ%2FIn5CzAbYXcVvhE%2FUzQ1w%2FGd01Jdu%2Ba0pHv1vJCpWqLTq95r6CFvPj1O3KzNFas3HSjr67zqTCFB%2B9JV6zSTKis78g3N5QQ0i4byyX5ccV9INkd79ZveJv5fPXOm8sraW6lc8pkNag6%2BqwHribk4vW92T998Q8GZWtYXyH1c6fK1OD5Nlw%2BrzlDYPWcszxA6auxbbF5USsCLeecsgruP5zN8Y57gL4NQIv7yNIKA1thoCtQPYLz58dFbp%2B88Vt7FmA6GDNtg12mrf7ydLVOHTc4DyWN2GIkpZDdNuedHo9ZL2l3FmXcFV0UbiKvXL31DwAAAP%2F%2FAQAA%2F%2F%2Bewlm4dAQAAA%3D%3D HTTP/1.1
Host: gentlynudegranny.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: u_pl=17500620; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 13 Oct 2023 11:34:38 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a4b7a2b4246e0c73457b2b2a41ba714b
Strict-Transport-Security: max-age=0; includeSubdomains

fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap

142.250.74.106

200 OK

6.8 kB

URL GET HTTP/3
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint73:C0:B4:AB:41:0A:6A:68:D4:AE:EE:E2:11:A4:38:23:EF:D2:86:B7
ValidityMon, 18 Sep 2023 08:25:07 GMT - Mon, 11 Dec 2023 08:25:06 GMT

File type
ASCII text, with very long lines (7013), with no line terminators
Size
6.8 kB (6824 bytes)
Hash
49475c425d6c00477bb339179326c49b
bd97deeb753f44f43a21feafa92d98239fa511bd
598841a98ad357d2896d2f093ea3e4e1d44e24b3351268ffd45e61ff8c1d0e09

HTTP Headers

GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 13 Oct 2023 11:34:37 GMT
date: Fri, 13 Oct 2023 11:34:37 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

gentlynudegranny.com/pixel/sbls?bv=23.39.7917&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fvpn%2Fdefault%2Fus%2Fyan-center%2Fwhite-icon%2F1%2Fjs%2Fscript.js&l=463&fd=377

192.243.59.12

200 OK

0 B

URL GET HTTP/1.1
gentlynudegranny.com/pixel/sbls?bv=23.39.7917&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fvpn%2Fdefault%2Fus%2Fyan-center%2Fwhite-icon%2F1%2Fjs%2Fscript.js&l=463&fd=377
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerLet's Encrypt
Subjectgentlynudegranny.com
Fingerprint43:68:15:F3:32:79:D8:09:45:48:6E:C3:D5:AE:D9:75:DB:DD:C0:0A
ValidityWed, 27 Sep 2023 00:33:49 GMT - Tue, 26 Dec 2023 00:33:48 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=23.39.7917&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fvpn%2Fdefault%2Fus%2Fyan-center%2Fwhite-icon%2F1%2Fjs%2Fscript.js&l=463&fd=377 HTTP/1.1
Host: gentlynudegranny.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: u_pl=17500620; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 13 Oct 2023 11:34:38 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

juanitazrora.pages.dev/wp-content/plugins/yet-another-related-posts-plugin/style/styles_thumbnails.css?ver=5.30.6

188.114.96.1

200 OK

515 B

URL GET HTTP/3
juanitazrora.pages.dev/wp-content/plugins/yet-another-related-posts-plugin/style/styles_thumbnails.css?ver=5.30.6
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerGoogle Trust Services LLC
Subjectjuanitazrora.pages.dev
Fingerprint4E:52:46:D2:D0:B1:50:BC:4C:7F:8B:AD:14:8B:67:9E:7F:71:9F:D1
ValidityThu, 28 Sep 2023 03:21:22 GMT - Wed, 27 Dec 2023 03:21:21 GMT

File type
ASCII text, with very long lines (515), with no line terminators
Size
515 B (515 bytes)
Hash
94143f6469e0e4c4f63cd8ba4153f935
e816353d739166018f8043786e0a695b3da881c1
2a961da4c33a1489e786bc080d8181278cd8711262e2203bf386e7c57728b33f

HTTP Headers

GET /wp-content/plugins/yet-another-related-posts-plugin/style/styles_thumbnails.css?ver=5.30.6 HTTP/1.1
Host: juanitazrora.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 13 Oct 2023 11:34:35 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"9f7e92f5d7086682428323431a135ee4"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yuPQYo3us2xdgdfslyvod6rbBU5gck5iEOvUGNqhr%2BPFO%2FOSLW2l2q3lZZiEDOH%2FFAfTNjOODxKFOyRnwCv3BdqaQP9cUt3F1fS13xrDPCvZbe1EznUrztKOOM8OStyiBLKHrnTan4ql"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 815746341bd756ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

juanitazrora.pages.dev/wp-content/themes/blossom-feminine/js/v4-shims.min.js?ver=6.1.1

188.114.96.1

200 OK

26 kB

URL GET HTTP/3
juanitazrora.pages.dev/wp-content/themes/blossom-feminine/js/v4-shims.min.js?ver=6.1.1
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerGoogle Trust Services LLC
Subjectjuanitazrora.pages.dev
Fingerprint4E:52:46:D2:D0:B1:50:BC:4C:7F:8B:AD:14:8B:67:9E:7F:71:9F:D1
ValidityThu, 28 Sep 2023 03:21:22 GMT - Wed, 27 Dec 2023 03:21:21 GMT

File type
ASCII text, with very long lines (25929)
Size
26 kB (26148 bytes)
Hash
f57fd9be4df163ac76e8fcaf50e4e218
f75a7099889b5261571f12ca4ca430835033aed0
ff8651f861b64aee1b3cb44a2cc7ebed9acbeb924d6e3019938ef2af7c7a15a2

HTTP Headers

GET /wp-content/themes/blossom-feminine/js/v4-shims.min.js?ver=6.1.1 HTTP/1.1
Host: juanitazrora.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 13 Oct 2023 11:34:35 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"fdfd60c8f073943224fd6ffe07da74ff"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ptdj86ehTJOuZsMTO4RIBgC%2BmlQukqjBwkM3wAbl%2FDNjk5LtvAYZXJZqTLJl268Ib4XFMmQpT%2BqgM0mM%2F4FJKPj9QjYU%2BNjTBN4pLYpEGZbZsVYDq8MLbAibFMTyk61cm0bBmsVj%2F86W"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81574634dcd556ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

friendshipmale.com/sfp.js

104.21.234.32

200 OK

86 kB

URL GET HTTP/2
friendshipmale.com/sfp.js
IP
104.21.234.32:443
ASN
#13335 CLOUDFLARENET

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37
ValiditySat, 18 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT

File type

Size
86 kB (85471 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 13 Oct 2023 11:34:36 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: ed8f50416a3b16679b6520abda8f600a
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 13 Oct 2023 11:34:36 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gSREaY%2FJyoz%2Bm5tCk4Be0WX69PiolRLWoFk01C%2FRJ7XHE4zm%2BRRdUSlWftafOG4V0aak3RNhcMtgaBDDCqOwOQ%2FPODEL3R%2BmRbWNlDCS%2FdYbNKeFkeTb9Wq0MLL6Dyl7MwG8tDg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8157463e88ce24db-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.barscreative1.com/sb/notifications/vpn/default/us/yan-center/white-icon/1/index.html

45.133.44.3

200 OK

1.8 kB

URL GET HTTP/2
cdn.barscreative1.com/sb/notifications/vpn/default/us/yan-center/white-icon/1/index.html
IP
45.133.44.3:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerLet's Encrypt
Subjectcdn.barscreative1.com
FingerprintCB:0F:87:85:B0:83:8B:5C:86:E5:81:91:9D:F5:ED:C4:A2:B6:B1:BE
ValidityTue, 12 Sep 2023 01:01:21 GMT - Mon, 11 Dec 2023 01:01:20 GMT

File type
HTML document text\012- HTML document, ASCII text, with very long lines (1865), with no line terminators
Size
1.8 kB (1766 bytes)
Hash
1697c66ab9ec7eeb1f85076f18aad67d
77bc672ae060dea6e7c5afb8dab6db26d47f7bb5
0df11f25b8c90555e918b307b4201c1a26744ec59a8385daa0e2c8a45377178f

HTTP Headers

GET /sb/notifications/vpn/default/us/yan-center/white-icon/1/index.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
Origin: https://juanitazrora.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 13 Oct 2023 11:34:37 GMT
content-type: text/html; charset=utf-8
server: nginx/1.21.6
last-modified: Fri, 11 Jun 2021 13:55:05 GMT
etag: W/"60c36b39-6e6"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Fri, 13 Oct 2023 12:34:37 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2

juanitazrora.pages.dev/wp-content/themes/blossom-chic/style.css?ver=1.1.1

188.114.96.1

200 OK

28 kB

URL GET HTTP/3
juanitazrora.pages.dev/wp-content/themes/blossom-chic/style.css?ver=1.1.1
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerGoogle Trust Services LLC
Subjectjuanitazrora.pages.dev
Fingerprint4E:52:46:D2:D0:B1:50:BC:4C:7F:8B:AD:14:8B:67:9E:7F:71:9F:D1
ValidityThu, 28 Sep 2023 03:21:22 GMT - Wed, 27 Dec 2023 03:21:21 GMT

File type
ASCII text, with very long lines (1424)
Size
28 kB (27811 bytes)
Hash
ff5d2b7be5f735a0618b1e9f01d5b95e
63d58323c0c874e50c411b07f7a074a17142d39c
4bd1b738394e19f7cd204429bade789a1b0d3b9ae7c48a6cfd191d25226153a1

HTTP Headers

GET /wp-content/themes/blossom-chic/style.css?ver=1.1.1 HTTP/1.1
Host: juanitazrora.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 13 Oct 2023 11:34:34 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"3529d7efda6a586c405d0dc5c1433967"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CnTLrmZJM0se0pmgGfEoATh3SLfVRrr%2BR%2FAglfvDVKzIHzs9Il9PvbLcS3kiWRy0IqqmuA9u50C3FHgImyaNFhu1htRErJKVISFZZ2zETrTPjQPn5DmYmj7Xe%2Bn25XpztjPniaPjLuTj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 815746341bce56ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

juanitazrora.pages.dev/wp-content/themes/blossom-feminine/js/owl.carousel.min.js?ver=2.2.1

188.114.96.1

200 OK

43 kB

URL GET HTTP/3
juanitazrora.pages.dev/wp-content/themes/blossom-feminine/js/owl.carousel.min.js?ver=2.2.1
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerGoogle Trust Services LLC
Subjectjuanitazrora.pages.dev
Fingerprint4E:52:46:D2:D0:B1:50:BC:4C:7F:8B:AD:14:8B:67:9E:7F:71:9F:D1
ValidityThu, 28 Sep 2023 03:21:22 GMT - Wed, 27 Dec 2023 03:21:21 GMT

File type
ASCII text, with very long lines (32000)
Size
43 kB (42766 bytes)
Hash
b7b9c97cd68ec336d01a79d5be48c58d
1a99890b57c9859a622337ed0b2f989d6e30cc0e
b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43

HTTP Headers

GET /wp-content/themes/blossom-feminine/js/owl.carousel.min.js?ver=2.2.1 HTTP/1.1
Host: juanitazrora.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 13 Oct 2023 11:34:35 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"9f5d8f3e787685ffd7d06f04087152f7"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2FYYuz8YIHm6a5fAdk8UlvjldR6a1NHfRfzv0bVKt%2Bdp9b%2BkSXg%2BpJA%2FlWnXUUXKStxYolH%2Fs7rIhqv0f%2FOOFFTcHcPbBG2pl8dJV15AiOIOydhPnJrAjTq%2FBbP%2BVwCs59S59XFJW8DD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81574634dcd756ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cdn.creative-bars1.com/sb/notifications/vpn/default/us/yan-center/white-icon/1/img/close.svg

172.64.102.10

200 OK

1.3 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/notifications/vpn/default/us/yan-center/white-icon/1/img/close.svg
IP
172.64.102.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint48:B7:50:3B:95:5B:52:CB:74:D5:D6:39:E2:DD:12:9D:05:51:D6:87
ValidityWed, 23 Aug 2023 16:10:20 GMT - Tue, 21 Nov 2023 16:10:19 GMT

File type
SVG Scalable Vector Graphics image\012- XML document text\012- exported SGML document, ASCII text, with very long lines (1374), with no line terminators
Size
1.3 kB (1279 bytes)
Hash
5ff33e884803785a8002a2aa5fa03b0e
a04406f2592e23e648bee499477f823da0c48362
6ba65121162b5b03e75501501ddaa928f73be8d1fe81c032a4879561de63ff58

HTTP Headers

GET /sb/notifications/vpn/default/us/yan-center/white-icon/1/img/close.svg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 13 Oct 2023 11:34:37 GMT
content-type: image/svg+xml
last-modified: Fri, 11 Jun 2021 13:55:06 GMT
etag: W/"60c36b3a-4ff"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 19690289
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JcljAUCi4nhjvhhdvDtysxE9%2FqcSDYJMQ2zc8NJV11N7pqrnDs9JdEnxgbmJDBTMUbx4eyH5x9GXJD0uVB4SM8WjgQqo8Z%2FS9K%2BPJmyI8vXxhg%2FMDo%2B688Of6YgP%2FDVsZ6AdDrMVj2X0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81574646ebbe06cd-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

juanitazrora.pages.dev/wp-content/themes/blossom-feminine/js/all.min.js?ver=6.1.1

188.114.96.1

200 OK

1.7 MB

URL GET HTTP/3
juanitazrora.pages.dev/wp-content/themes/blossom-feminine/js/all.min.js?ver=6.1.1
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerGoogle Trust Services LLC
Subjectjuanitazrora.pages.dev
Fingerprint4E:52:46:D2:D0:B1:50:BC:4C:7F:8B:AD:14:8B:67:9E:7F:71:9F:D1
ValidityThu, 28 Sep 2023 03:21:22 GMT - Wed, 27 Dec 2023 03:21:21 GMT

File type

Size
1.7 MB (1726692 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-content/themes/blossom-feminine/js/all.min.js?ver=6.1.1 HTTP/1.1
Host: juanitazrora.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 13 Oct 2023 11:34:35 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"a385537f30a5ebca0b103b78c822a258"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=03QqSUan%2BOU34X%2BUAFC3m4PIU%2B2dMSp1GqaRNv6D9LxMiNS2w%2B5SI8pGGp9NxvPwclDSi0WfxEM07MHQVANgAVxeD9wU3HWVMKKZu55XCUKRncYqM8d1xmqKbYsRyNk8o4R%2F%2Bq44TVkB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81574634dcd356ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

juanitazrora.pages.dev/wp-content/themes/blossom-feminine/css/animate.min.css?ver=3.5.2

188.114.96.1

200 OK

17 kB

URL GET HTTP/3
juanitazrora.pages.dev/wp-content/themes/blossom-feminine/css/animate.min.css?ver=3.5.2
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerGoogle Trust Services LLC
Subjectjuanitazrora.pages.dev
Fingerprint4E:52:46:D2:D0:B1:50:BC:4C:7F:8B:AD:14:8B:67:9E:7F:71:9F:D1
ValidityThu, 28 Sep 2023 03:21:22 GMT - Wed, 27 Dec 2023 03:21:21 GMT

File type
ASCII text, with very long lines (16755)
Size
17 kB (16952 bytes)
Hash
7da1b41592f039eecd65d604482c10e1
e966ec2885d74306b80253ef057ea77546b2c149
0add8fcb5a583b1c16238fbe9d0de17c6272726b42be17fdcd9b4686ef5287d1

HTTP Headers

GET /wp-content/themes/blossom-feminine/css/animate.min.css?ver=3.5.2 HTTP/1.1
Host: juanitazrora.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 13 Oct 2023 11:34:34 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"5db15e9a367cd0b8f31257d769b80ce6"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QGuf6txWYBOC%2BYPQnnoSO%2B1q65%2BLC3TzvndQANGje2zgFPjmoULz6HgyAjm4ihhNSknC1JAGUu6A8imdNaSJ5kR8RUuzyt1WBsQTGw0cJbbAY%2BJd2GCRQa09v%2FkOvkzKD98mCoK0rCc4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 815746341bc956ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

i2.wp.com/www.macalester.edu/news/wp-content/uploads/sites/5/2020/05/20200304_mac_952.jpg

192.0.77.2

400 Bad Request

0 B

URL GET HTTP/2
i2.wp.com/www.macalester.edu/news/wp-content/uploads/sites/5/2020/05/20200304_mac_952.jpg
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /www.macalester.edu/news/wp-content/uploads/sites/5/2020/05/20200304_mac_952.jpg HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 400 Bad Request
server: nginx
date: Fri, 13 Oct 2023 11:34:37 GMT
content-type: text/html; charset=utf-8
x-nc: HIT arn 2
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/notifications/vpn/default/us/yan-center/white-icon/1/css/animate.css

172.64.102.10

200 OK

79 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/notifications/vpn/default/us/yan-center/white-icon/1/css/animate.css
IP
172.64.102.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint48:B7:50:3B:95:5B:52:CB:74:D5:D6:39:E2:DD:12:9D:05:51:D6:87
ValidityWed, 23 Aug 2023 16:10:20 GMT - Tue, 21 Nov 2023 16:10:19 GMT

File type
ASCII text
Size
79 kB (79245 bytes)
Hash
80047eaa13ebd50c50e8a9753621e430
9c503e07d130572a0eaf51f7c02cbd4cf6213fe3
3f831a59615f8d5d40b4340b2836f91438c876f8dbce75f78e38360d6fe0f429

HTTP Headers

GET /sb/notifications/vpn/default/us/yan-center/white-icon/1/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/
Origin: https://juanitazrora.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 13 Oct 2023 11:34:38 GMT
content-type: text/css
last-modified: Fri, 11 Jun 2021 13:55:05 GMT
etag: W/"60c36b39-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8aKFZmrp1LtfY%2FSpbao6rR5CYp4SDE54vkEFzd2zvU9LD91gWiK1QkAIdwK643va51yqB891ydrAWwef8S2cs1ZCxxdgs30OQUUKeYHXY%2B8XEH1ctJS3%2B%2Bchcga3ztmM%2FcDrkr5BAokE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81574646dbad06cd-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

juanitazrora.pages.dev/wp-content/plugins/yet-another-related-posts-plugin/style/related.css?ver=5.30.6

188.114.96.1

200 OK

307 B

URL GET HTTP/3
juanitazrora.pages.dev/wp-content/plugins/yet-another-related-posts-plugin/style/related.css?ver=5.30.6
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerGoogle Trust Services LLC
Subjectjuanitazrora.pages.dev
Fingerprint4E:52:46:D2:D0:B1:50:BC:4C:7F:8B:AD:14:8B:67:9E:7F:71:9F:D1
ValidityThu, 28 Sep 2023 03:21:22 GMT - Wed, 27 Dec 2023 03:21:21 GMT

File type
ASCII text, with very long lines (307), with no line terminators
Size
307 B (307 bytes)
Hash
825acc65c7a3728f76a5b39cdc177e6f
b6b834d63a274dd4aa1c21fa9afe815a3087b190
2efe0d8072659b087901323e1fdb18a0f57e6011cb9cb7edff6e1723fc2e8d70

HTTP Headers

GET /wp-content/plugins/yet-another-related-posts-plugin/style/related.css?ver=5.30.6 HTTP/1.1
Host: juanitazrora.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 13 Oct 2023 11:34:35 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"84593fa749868ee44311f8c00ec32a56"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gFswoHUzklDp4TEIKWk2lj2%2FgnSwuRg40lbqgC%2Fza1Wyzh2edACPs8qSKJ%2BFRVk%2Fc1iD6CDpfxN%2FQO%2By1N6gZmJKzeubibpHfQmNEtmcyUeh3ewIWNkXWNeyV2vzZA82o8ZHHMus66BE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81574634bcb856ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

juanitazrora.pages.dev/wp-content/themes/blossom-feminine/js/custom.min.js?ver=1.1.1

188.114.96.1

200 OK

2.9 kB

URL GET HTTP/3
juanitazrora.pages.dev/wp-content/themes/blossom-feminine/js/custom.min.js?ver=1.1.1
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
Certificate
IssuerGoogle Trust Services LLC
Subjectjuanitazrora.pages.dev
Fingerprint4E:52:46:D2:D0:B1:50:BC:4C:7F:8B:AD:14:8B:67:9E:7F:71:9F:D1
ValidityThu, 28 Sep 2023 03:21:22 GMT - Wed, 27 Dec 2023 03:21:21 GMT

File type
ASCII text, with very long lines (3030), with no line terminators
Size
2.9 kB (2889 bytes)
Hash
5a63bca61d3ad6a9d2564e10072a4eb4
d81fcadf5e7df524923c3733e43c1650c4972506
7b7a84881fb65ca9f64a8187b3f016f338ecef8003be1432e6c7eeadaa77015b

HTTP Headers

GET /wp-content/themes/blossom-feminine/js/custom.min.js?ver=1.1.1 HTTP/1.1
Host: juanitazrora.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juanitazrora.pages.dev/jpuav-macalester-spring-2024-schedule-wicng/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 13 Oct 2023 11:34:35 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"c3b444c36910cc578c0e9da36058cf1d"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lxhCQQTbpSfMZsA8xHXueJymfYTvUU4uX6B02j6lDb6aWB%2FdSLBFm3dvFO984yhWuRUk9WJLIacEomaWsTw2wXg4Mn6Imp%2F8ZgBmPLRoBBzURaxUGN%2FMDyAb2f8vVDvesKl%2FXR6miPxp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81574634ecdf56ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (36)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations