Overview

URLglennmarkdizon.com/
IP 198.187.29.109 (United States)
ASN#22612 NAMECHEAP-NET
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-24 19:59:15 UTC
StatusLoading report..
IDS alerts0
Blocklist alert184
urlquery alerts No alerts detected
Tags None

Domain Summary (34)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
geolocation.onetrust.com (1) 802 2018-09-01 13:33:45 UTC 2022-11-24 08:15:03 UTC 104.18.27.85
ocsp.sca1b.amazontrust.com (2) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.165
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-24 05:30:55 UTC 34.117.237.239
fonts.gstatic.com (8) 0 2014-09-09 00:40:21 UTC 2022-11-24 11:09:52 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
www.gstatic.com (1) 0 2016-07-26 09:37:06 UTC 2022-11-24 11:10:32 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
cdn.pendo.io (1) 1165 2018-03-28 15:48:58 UTC 2020-04-25 03:47:27 UTC 54.230.111.15
assets.calendly.com (4) 15697 2018-10-07 04:01:58 UTC 2022-11-24 07:56:07 UTC 172.66.43.26
c.clarity.ms (1) 803 No data No data 20.234.93.27
ocsp.sectigo.com (1) 487 2019-11-29 11:50:24 UTC 2021-09-17 20:05:40 UTC 172.64.155.188
cdn.segment.io (10) 18102 2014-05-08 15:44:06 UTC 2020-05-07 06:50:40 UTC 54.230.111.79
www.recaptcha.net (1) 2060 2017-06-22 10:23:09 UTC 2022-11-24 07:50:01 UTC 142.250.74.131
cdn.heapanalytics.com (1) 3660 2015-08-10 23:50:56 UTC 2020-04-21 07:27:23 UTC 54.230.111.52
glennmarkdizon.com (2) 0 2013-12-21 09:40:36 UTC 2022-11-19 19:37:54 UTC 198.187.29.109 Unknown ranking
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 54.148.213.75
cdn.cookielaw.org (5) 502 2014-05-20 23:23:17 UTC 2022-11-24 06:27:00 UTC 104.16.148.64
d3v0px0pttie1i.cloudfront.net (2) 0 2021-10-10 19:34:29 UTC 2022-11-24 09:05:18 UTC 143.204.42.220 Unknown ranking
b.clarity.ms (2) 3462 No data No data 20.75.32.255
r3.o.lencr.org (6) 344 No data No data 23.36.76.226
js.stripe.com (3) 1149 2012-09-30 12:39:23 UTC 2020-04-23 12:33:58 UTC 143.204.55.68
www.clarity.ms (2) 1404 2018-08-22 07:41:57 UTC 2020-02-17 10:26:03 UTC 13.107.227.53
m.stripe.network (2) 1204 2018-06-23 22:39:58 UTC 2020-05-01 22:54:09 UTC 151.101.84.176
c.bing.com (1) 247 2012-05-22 10:26:32 UTC 2020-05-07 03:37:17 UTC 13.107.21.200
img-getpocket.cdn.mozilla.net (7) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
calendly.com (2) 6123 2018-01-28 14:45:19 UTC 2022-11-24 06:14:25 UTC 172.66.43.26
data.pendo.io (3) 1459 2022-07-07 19:43:46 UTC 2022-11-24 06:39:23 UTC 34.107.204.85
heapanalytics.com (1) 27367 2021-06-28 05:44:44 UTC 2022-11-24 06:54:50 UTC 54.159.51.104
m.stripe.com (1) 1092 2021-05-31 00:00:44 UTC 2022-11-24 06:20:50 UTC 52.39.215.30
js.appboycdn.com (1) 5270 2015-07-21 21:45:03 UTC 2022-11-24 06:33:57 UTC 104.17.218.31
ocsp.digicert.com (8) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-24 05:36:55 UTC 34.102.187.140
www.glennmarkdizon.com (74) 0 No data No data 198.187.29.109 Unknown ranking
ocsp.pki.goog (13) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.3
fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-11-24 11:11:51 UTC 142.250.74.10

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-24 2 glennmarkdizon.com/ Malware
2022-11-24 2 glennmarkdizon.com/ Malware
2022-11-24 2 www.glennmarkdizon.com/ Malware
2022-11-24 2 www.glennmarkdizon.com/wp-content/uploads/elementor/css/post-11.css?ver=166 (...) Malware
2022-11-24 2 www.glennmarkdizon.com/wp-content/uploads/elementor/css/post-31.css?ver=166 (...) Malware
2022-11-24 2 www.glennmarkdizon.com/wp-content/uploads/elementor/css/post-2.css?ver=1668 (...) Malware
2022-11-24 2 www.glennmarkdizon.com/wp-content/themes/hello-theme-child-master/style.css (...) Malware
2022-11-24 2 www.glennmarkdizon.com/wp-content/uploads/elementor/css/post-19.css?ver=166 (...) Malware
2022-11-24 2 www.glennmarkdizon.com/wp-content/cache/wpfc-minified/86mths0t/41kvu.js Malware
2022-11-24 2 www.glennmarkdizon.com/wp-content/themes/hello-elementor/assets/js/hello-fr (...) Malware
2022-11-24 2 www.glennmarkdizon.com/wp-content/plugins/essential-addons-for-elementor-li (...) Malware
2022-11-24 2 www.glennmarkdizon.com/wp-content/uploads/essential-addons-elementor/eael-2 (...) Malware
2022-11-24 2 www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/lib/smartmen (...) Malware
2022-11-24 2 www.glennmarkdizon.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4 Malware
2022-11-24 2 www.glennmarkdizon.com/wp-content/plugins/elementor/assets/js/webpack.runti (...) Malware
2022-11-24 2 www.glennmarkdizon.com/wp-content/plugins/elementor/assets/js/frontend-modu (...) Malware
2022-11-24 2 www.glennmarkdizon.com/wp-includes/js/dist/vendor/regenerator-runtime.min.j (...) Malware
2022-11-24 2 www.glennmarkdizon.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5 Malware
2022-11-24 2 www.glennmarkdizon.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae Malware
2022-11-24 2 www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/js/frontend. (...) Malware
2022-11-24 2 www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/js/elements- (...) Malware
2022-11-24 2 www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/lib/sticky/j (...) Malware
2022-11-24 2 www.glennmarkdizon.com/wp-content/uploads/2022/08/bg.webp Malware
2022-11-24 2 www.glennmarkdizon.com/wp-content/uploads/2022/08/Industry-Bold.woff Malware
2022-11-24 2 www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/js/nav-menu. (...) Malware
2022-11-24 2 www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/js/animated- (...) Malware
2022-11-24 2 www.glennmarkdizon.com/wp-content/plugins/elementor/assets/js/text-editor.2 (...) Malware
2022-11-24 2 www.glennmarkdizon.com/wp-content/plugins/elementor/assets/js/image-carouse (...) Malware
2022-11-24 2 www.glennmarkdizon.com/wp-content/plugins/elementor/assets/lib/font-awesome (...) Malware
2022-11-24 2 www.glennmarkdizon.com/wp-content/plugins/elementor/assets/lib/eicons/fonts (...) Malware
2022-11-24 2 www.glennmarkdizon.com/wp-content/plugins/elementor/assets/lib/font-awesome (...) Malware
2022-11-24 2 www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/js/carousel. (...) Malware

mnemonic secure dns
Scan Date Severity Indicator Comment
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed

Quad9 DNS
Scan Date Severity Indicator Comment
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed
2022-11-24 2 glennmarkdizon.com Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 4 reports on IP: 198.187.29.109
Date UQ / IDS / BL URL IP
2022-11-24 19:59:15 +0000 0 - 0 - 184 glennmarkdizon.com/ 198.187.29.109
2022-11-19 19:37:52 +0000 0 - 0 - 5 glennmarkdizon.com/olup/index.php?e=qbot.zip 198.187.29.109
2022-11-16 21:51:24 +0000 0 - 0 - 8 glennmarkdizon.com/olup/index.php?qbot.zip 198.187.29.109
2022-11-06 19:08:20 +0000 0 - 0 - 5 glennmarkdizon.com/olup/index.php?e=qbot.zip 198.187.29.109


Last 5 reports on ASN: NAMECHEAP-NET
Date UQ / IDS / BL URL IP
2023-02-07 09:23:36 +0000 0 - 0 - 1 segzrecords.com/wp-content/plugins/press/azie (...) 66.29.141.227
2023-02-07 09:23:34 +0000 0 - 0 - 1 segzrecords.com/wp-content/plugins/press/azie (...) 66.29.141.227
2023-02-07 09:23:31 +0000 0 - 0 - 1 segzrecords.com/wp-content/plugins/press/azie (...) 66.29.141.227
2023-02-07 09:23:26 +0000 0 - 0 - 1 segzrecords.com/wp-content/plugins/press/azie (...) 66.29.141.227
2023-02-07 09:23:23 +0000 0 - 0 - 1 segzrecords.com/wp-content/plugins/press/azie (...) 66.29.141.227


Last 4 reports on domain: glennmarkdizon.com
Date UQ / IDS / BL URL IP
2022-11-24 19:59:15 +0000 0 - 0 - 184 glennmarkdizon.com/ 198.187.29.109
2022-11-19 19:37:52 +0000 0 - 0 - 5 glennmarkdizon.com/olup/index.php?e=qbot.zip 198.187.29.109
2022-11-16 21:51:24 +0000 0 - 0 - 8 glennmarkdizon.com/olup/index.php?qbot.zip 198.187.29.109
2022-11-06 19:08:20 +0000 0 - 0 - 5 glennmarkdizon.com/olup/index.php?e=qbot.zip 198.187.29.109


No other reports with similar screenshot

JavaScript

Executed Scripts (56)

Executed Evals (5)
#1 JavaScript::Eval (size: 22) - SHA256: c4e7ca158015332be1df536c970a209b44cb4744fae720ed1caaefdc87f37f93
0,
function(R) {
    HW(R, 1)
}
#2 JavaScript::Eval (size: 22) - SHA256: d8fc182869d21957579c2a09eae263e41ab53e4c30c4ffa96d93584a64eb6f77
0,
function(R) {
    HW(R, 2)
}
#3 JavaScript::Eval (size: 15568) - SHA256: ac67106da7775f013b7cb9730c8cde5cfa186d74c2bff74fe27579bb046366be
/* Anti-spam. Want to say hello? Contact (base64) Ym90Z3VhcmQtY29udGFjdEBnb29nbGUuY29t */
(function() {
    var q = function(b, R) {
            if ((R = (b = K.trustedTypes, null), !b) || !b.createPolicy) return R;
            try {
                R = b.createPolicy("bg", {
                    createHTML: O,
                    createScript: O,
                    createScriptURL: O
                })
            } catch (I) {
                K.console && K.console.error(I.message)
            }
            return R
        },
        K = this || self,
        O = function(b) {
            return b
        };
    (0, eval)(function(b, R) {
        return (R = q()) && 1 === b.eval(R.createScript("1")) ? function(I) {
            return R.createScript(I)
        } : function(I) {
            return "" + I
        }
    }(K)(Array(7824 * Math.random() | 0).join("\n") + '(function(){var z=this||self,bo=function(b,I,K,O){(K=P((O=P(b),b)),x)(K,b,v(I,Z(O,b)))},R8=function(b,I,K){if("object"==(I=typeof b,I))if(b){if(b instanceof Array)return"array";if(b instanceof Object)return I;if("[object Window]"==(K=Object.prototype.toString.call(b),K))return"object";if("[object Array]"==K||"number"==typeof b.length&&"undefined"!=typeof b.splice&&"undefined"!=typeof b.propertyIsEnumerable&&!b.propertyIsEnumerable("splice"))return"array";if("[object Function]"==K||"undefined"!=typeof b.call&&"undefined"!=typeof b.propertyIsEnumerable&&!b.propertyIsEnumerable("call"))return"function"}else return"null";else if("function"==I&&"undefined"==typeof b.call)return"object";return I},Z=function(b,I){if(void 0===(I=I.K[b],I))throw[D,30,b];if(I.value)return I.create();return I.create(1*b*b+-48*b+-64),I.prototype},f=function(b,I){I.s=((I.s?I.s+"~":"E:")+b.message+":"+b.stack).slice(0,2048)},I8=function(b,I){(I.push(b[0]<<24|b[1]<<16|b[2]<<8|b[3]),I.push(b[4]<<24|b[5]<<16|b[6]<<8|b[7]),I).push(b[8]<<24|b[9]<<16|b[10]<<8|b[11])},O1=function(b,I,K,O){function y(){}return{invoke:(O=K2(b,(K=void 0,function(R){y&&(I&&J(I),K=R,y(),y=void 0)}),!!I)[0],function(R,w,q,N){function u(){K(function(M){J(function(){R(M)})},q)}if(!w)return w=O(q),R&&R(w),w;K?u():(N=y,y=function(){(N(),J)(u)})})}},yj=function(b,I,K,O){return Z(356,(k(319,(wl(b,(O=Z(319,b),b.H&&O<b.j?(k(319,b,b.j),qO(b,K)):k(319,b,K),I)),b),O),b))},A=function(b,I,K,O,y,R,w,q,N){if(O.L+=((w=(y=(N=(R=(q=(K||O.i++,0<O.P&&O.I)&&O.KI&&1>=O.v&&!O.C&&!O.g&&(!K||1<O.Z-b)&&0==document.hidden,4==O.i))||q?O.D():O.F,N-O.F),y>>14),O.V)&&(O.V^=w*(y<<2)),O.A=w||O.A,w),R||q)O.F=N,O.i=0;if(!q||N-O.X<O.P-(I?255:K?5:2))return false;return(k((I=Z((O.Z=b,K?351:319),O),319),O,O.j),O.R).push([zJ,I,K?b+1:b]),O.g=J,true},io=function(b,I){return I[b]<<24|I[(b|0)+1]<<16|I[(b|0)+2]<<8|I[(b|0)+3]},qO=function(b,I){k(319,((b.rt.push(b.K.slice()),b).K[319]=void 0,b),I)},V=function(b,I,K){I[k(K,b,I),uo]=2796},JW=function(b,I,K,O,y){for((b.pI=MO(b.h,((b.kG=(b.fI=b[E],o8),b).Q2=PW,{get:function(){return this.concat()}})),b).ju=p[b.h](b.pI,{value:{value:{}}}),y=[],O=0;128>O;O++)y[O]=String.fromCharCode(O);C(true,true,(l(((l([(V(b,(V(b,function(R,w){(w=Z(P(R),R),qO)(R.A,w)},(V(b,function(R,w,q,N){k((w=g((N=P(R),R)),q=P(R),q),R,Z(N,R)>>>w)},(k(97,(V((V(b,(k(230,b,(V(b,(b.uf=(k((k(162,b,(V(b,function(R,w,q,N){(N=Z((w=(q=(w=P(R),N=P(R),P(R)),Z)(w,R),N),R),k)(q,R,+(w==N))},(V(b,(V((V(b,(V(b,(V(b,(V(b,function(R){bo(R,1)},(k(17,((V(b,(b.HZ=(V(b,function(R,w){R=(w=P(R),Z(w,R.A)),R[0].removeEventListener(R[1],R[2],c)},(k(507,b,(V(b,function(R,w,q,N,u,M,H){for(u=(q=Z(92,(w=(H=mj((N=P(R),R)),""),R)),q.length),M=0;H--;)M=((M|0)+(mj(R)|0))%u,w+=y[q[M]];k(N,R,w)},((V(b,((V((k((k(366,(k(356,b,(V(b,(V(b,(V(b,(V((k(182,(k(305,(k((b.Su=(V(b,(V(b,function(R,w,q){A(w,false,true,R)||(w=P(R),q=P(R),k(q,R,function(N){return eval(N)}(xP(Z(w,R.A)))))},(V(b,function(R){HW(R,4)},(k((b.s=(b.DP=(b.L=1,b.G=void 0,b.rt=[],b.KI=false,(b.W=void 0,b.Y=0,b.X=(b.o=(b.A=b,[]),b.l=(b.v=0,O=(b.g=null,b.j=0,(b.S=(b.N=false,void 0),b.wt=0,window).performance)||{},(b.P=0,b).I=!(b.Z=8001,1),b.H=[],[]),(b.i=void 0,b.U=25,b.C=void 0,b.R=[],(b.V=void 0,b).RQ=function(R){this.A=R},b).K=[],0),(b.F=0,O).timeOrigin||(O.timing||{}).navigationStart)||0),void 0),319),b,0),k(351,b,0),475)),168)),function(R,w,q){0!=(q=Z((w=P(R),q=P(R),q),R),Z(w,R))&&k(319,R,q)}),342),0),253),b,[]),b),b),b),0),b),function(R){bo(R,4)},267),function(R,w,q,N,u){(q=(u=Z((w=Z((u=P((q=(N=(w=P(R),P)(R),P)(R),R)),w),R.A),u),R),N=Z(N,R),Z)(q,R),0)!==w&&(q=vW(1,R,u,q,w,N),w.addEventListener(N,q,c),k(182,R,[w,N,q]))}),261),function(R,w,q,N,u){(w=(q=P((N=(u=P(R),P)(R),R)),P(R)),q=Z(q,R),w=Z(w,R),N=Z(N,R),k)(u,R,vW(w,R,q,N))}),222),function(R,w,q,N){(w=P((N=(q=P(R),P)(R),R)),k)(w,R,Z(q,R)||Z(N,R))}),381),{})),b),0),270),b,z),b),function(R){Zb(R,3)},395),V)(b,function(R,w,q){k((q=Z((w=P((q=P(R),R)),q),R),q=R8(q),w),R,q)},405),function(R,w,q,N){!A(w,false,true,R)&&(w=rl(R),q=w.J,N=w.AN,R.A==R||q==R.RQ&&N==R)&&(k(w.aQ,R,q.apply(N,w.O)),R.F=R.D())}),234),V)(b,function(R){Zb(R,4)},203),335)),[160,0,0])),206)),0),function(){}),503),V)(b,function(R,w,q,N,u,M,H,r,m,L,X,G){function Q(n,h){for(;q<n;)G|=g(R)<<q,q+=8;return h=G&(1<<n)-1,q-=n,G>>=n,h}for(X=(L=(q=G=(M=P(R),0),(Q(3)|0)+1),u=Q(5),N=0),m=[];N<u;N++)H=Q(1),m.push(H),X+=H?0:1;for(X=(w=(N=((X|0)-1).toString(2).length,[]),0);X<u;X++)m[X]||(w[X]=Q(N));for(N=0;N<u;N++)m[N]&&(w[N]=P(R));for(r=[];L--;)r.push(Z(P(R),R));V(R,function(n,h,Y,NO,t){for(h=(NO=[],0),Y=[];h<u;h++){if(t=w[h],!m[h]){for(;t>=Y.length;)Y.push(P(n));t=Y[t]}NO.push(t)}n.S=Db(n,(n.C=Db(n,r.slice()),NO))},M)},94),b),[]),367)),function(R,w,q,N){(N=Z((q=Z((w=(q=P(R),P)(R),q),R),w),R),k)(w,R,N+q)}),58),function(R,w,q,N,u,M){if(!A(w,true,true,R)){if("object"==R8((R=Z((M=(w=(M=(q=(w=(N=P(R),P)(R),P(R)),P(R)),Z)(w,R),Z)(M,R),q=Z(q,R),N),R),R))){for(u in N=[],R)N.push(u);R=N}for(N=(u=(q=0<q?q:1,0),R).length;u<N;u+=q)w(R.slice(u,(u|0)+(q|0)),M)}}),341),function(R,w,q,N){if(w=R.rt.pop()){for(q=g(R);0<q;q--)N=P(R),w[N]=R.K[N];R.K=(w[253]=R.K[253],w[97]=R.K[97],w)}else k(319,R,R.j)}),327),b),function(R,w,q){w=P(R),q=P(R),k(q,R,""+Z(w,R))},455),function(R,w,q,N,u){for(q=(u=P(R),w=mj(R),N=[],0);q<w;q++)N.push(g(R));k(u,R,N)}),34),117)),T)(4)),205),b,524),0),function(R,w,q,N){N=(w=P((q=(N=P(R),P(R)),R)),Z(N,R)),q=Z(q,R),k(w,R,N in q|0)}),79),[0,0,0])),function(R,w,q,N,u){(q=(u=(N=P(R),P(R)),P)(R),R).A==R&&(q=Z(q,R),w=Z(N,R),u=Z(u,R),w[u]=q,377==N&&(R.G=void 0,2==u&&(R.V=B(32,R,false),R.G=void 0)))}),474),b),function(R,w,q,N,u,M){A(w,false,true,R)||(N=rl(R.A),w=N.AN,M=N.O,q=N.J,u=M.length,N=N.aQ,w=0==u?new w[q]:1==u?new w[q](M[0]):2==u?new w[q](M[0],M[1]):3==u?new w[q](M[0],M[1],M[2]):4==u?new w[q](M[0],M[1],M[2],M[3]):2(),k(N,R,w))},317),b),2048),89)),473)),function(R,w,q,N){k((N=(q=Z((w=P((N=(q=P(R),P(R)),R)),q),R),Z(N,R)),w),R,q[N])}),380),uo)],b),l)([S,I],b),[f2,K]),b),b))},l=function(b,I){I.R.splice(0,0,b)},XO=function(b,I,K,O){try{O=b[((I|0)+2)%3],b[I]=(b[I]|0)-(b[((I|0)+1)%3]|0)-(O|0)^(1==I?O<<K:O>>>K)}catch(y){throw y;}},n2=function(b,I,K){if(3==b.length){for(K=0;3>K;K++)I[K]+=b[K];for(b=[13,8,13,12,16,5,3,10,15],K=0;9>K;K++)I[3](I,K%3,b[K])}},GJ=function(b,I,K,O,y){for(y=(K=K[3]|(O=K[2]|0,0),0);14>y;y++)I=I>>>8|I<<24,I+=b|0,K=K>>>8|K<<24,b=b<<3|b>>>29,I^=O+2298,K+=O|0,K^=y+2298,b^=I,O=O<<3|O>>>29,O^=K;return[b>>>24&255,b>>>16&255,b>>>8&255,b>>>0&255,I>>>24&255,I>>>16&255,I>>>8&255,I>>>0&255]},v=function(b,I,K,O){for(K=(b|0)-1,O=[];0<=K;K--)O[(b|0)-1-(K|0)]=I>>8*K&255;return O},wl=function(b,I,K,O,y,R){if(!b.s){b.v++;try{for(R=(y=(K=b.j,void 0),0);--I;)try{if((O=void 0,b).C)y=hW(b,b.C);else{if(R=Z(319,b),R>=K)break;O=P((k(351,b,R),b)),y=Z(O,b)}A((y&&y[$P]&2048?y(b,I):e([D,21,O],b,0),I),false,false,b)}catch(w){Z(205,b)?e(w,b,22):k(205,b,w)}if(!I){if(b.CI){b.v--,wl(b,216630971487);return}e([D,33],b,0)}}catch(w){try{e(w,b,22)}catch(q){f(q,b)}}b.v--}},rl=function(b,I,K,O,y,R){for(R=(K=((O=(I=b[kP]||{},P(b)),I.aQ=P(b),I).O=[],b.A==b?(g(b)|0)-1:1),P(b)),y=0;y<K;y++)I.O.push(P(b));for(;K--;)I.O[K]=Z(I.O[K],b);return(I.J=Z(O,b),I).AN=Z(R,b),I},vW=function(b,I,K,O,y,R){function w(){if(I.A==I){if(I.K){var q=[F,O,K,void 0,y,R,arguments];if(2==b)var N=C(false,false,(l(q,I),I));else if(1==b){var u=!I.R.length;(l(q,I),u)&&C(false,false,I)}else N=AW(I,q);return N}y&&R&&y.removeEventListener(R,w,c)}}return w},E1=function(b,I,K,O,y,R,w,q){return O=[-9,-48,48,29,-71,-79,O,-95,27,81],R=Vj,q=b&7,y=p[K.h](K.pI),y[K.h]=function(N){q+=(w=N,6+7*b),q&=7},y.concat=function(N){return(w=(N=(N=-46*I*I*w- -2208*I*w+(N=I%16+1,1*I*I*N)+q+46*w*w+O[q+27&7]*I*N- -2944*w+(R()|0)*N-N*w,O)[N],void 0),O[(q+21&7)+(b&2)]=N,O)[q+(b&2)]=-48,N},y},C=function(b,I,K,O,y,R){if(K.R.length){K.I=(K.KI=(K.I&&0(),b),true);try{y=K.D(),K.F=y,K.X=y,K.i=0,O=p2(b,K),R=K.D()-K.X,K.Y+=R,R<(I?0:10)||0>=K.U--||(R=Math.floor(R),K.o.push(254>=R?R:254))}finally{K.I=false}return O}},J=z.requestIdleCallback?function(b){requestIdleCallback(function(){b()},{timeout:4})}:z.setImmediate?function(b){setImmediate(b)}:function(b){setTimeout(b,0)},e=function(b,I,K,O,y,R){if(!I.N){if((b=(K=(0==(R=Z(253,((O=void 0,b)&&b[0]===D&&(O=b[2],K=b[1],b=void 0),I)),R).length&&(y=Z(351,I)>>3,R.push(K,y>>8&255,y&255),void 0!=O&&R.push(O&255)),""),b&&(b.message&&(K+=b.message),b.stack&&(K+=":"+b.stack)),Z)(97,I),3)<b){I.A=(K=(b-=(K=K.slice(0,(b|0)-3),(K.length|0)+3),Qj)(K),O=I.A,I);try{x(162,I,v(2,K.length).concat(K),9)}finally{I.A=O}}k(97,I,b)}},HW=function(b,I,K,O){for(K=(O=P(b),0);0<I;I--)K=K<<8|g(b);k(O,b,K)},FO=function(b,I){return I(function(K){K(b)}),[function(){return b}]},cW=function(b,I,K){return I.B(function(O){K=O},false,b),K},x=function(b,I,K,O,y,R){if(I.A==I)for(R=Z(b,I),162==b?(b=function(w,q,N,u){if((u=(q=R.length,(q|0)-4>>3),R.hN)!=u){u=(u<<(N=[0,0,y[R.hN=u,1],y[2]],3))-4;try{R.bf=GJ(io(u,R),io((u|0)+4,R),N)}catch(M){throw M;}}R.push(R.bf[q&7]^w)},y=Z(230,I)):b=function(w){R.push(w)},O&&b(O&255),I=K.length,O=0;O<I;O++)b(K[O])},TJ=function(b,I){if((I=(b=null,z).trustedTypes,!I)||!I.createPolicy)return b;try{b=I.createPolicy("bg",{createHTML:gl,createScript:gl,createScriptURL:gl})}catch(K){z.console&&z.console.error(K.message)}return b},p2=function(b,I,K,O){for(;I.R.length;){K=(I.g=null,I).R.pop();try{O=AW(I,K)}catch(y){f(y,I)}if(b&&I.g){b=I.g,b(function(){C(true,true,I)});break}}return O},AW=function(b,I,K,O,y){if(O=I[0],O==W)b.U=25,b.u(I);else if(O==E){K=I[1];try{y=b.s||b.u(I)}catch(R){f(R,b),y=b.s}K(y)}else if(O==zJ)b.u(I);else if(O==S)b.u(I);else if(O==f2){try{for(y=0;y<b.l.length;y++)try{K=b.l[y],K[0][K[1]](K[2])}catch(R){}}catch(R){}(0,I[b.l=[],1])(function(R,w){b.B(R,true,w)},function(R){l([$P],(R=!b.R.length,b)),R&&C(true,false,b)})}else{if(O==F)return y=I[2],k(332,b,I[6]),k(356,b,y),b.u(I);O==$P?(b.H=[],b.K=null,b.o=[]):O==uo&&"loading"===z.document.readyState&&(b.g=function(R,w){function q(){w||(w=true,R())}z.document.addEventListener("DOMContentLoaded",q,(w=false,c)),z.addEventListener("load",q,c)})}},MO=function(b,I){return p[b](p.prototype,{pop:I,call:I,splice:I,document:I,replace:I,prototype:I,length:I,propertyIsEnumerable:I,floor:I,console:I,parent:I,stack:I})},Db=function(b,I,K){return K=p[b.h](b.ju),K[b.h]=function(){return I},K.concat=function(O){I=O},K},a,Zb=function(b,I,K,O,y){(((y=(K=P((I&=(O=I&3,4),y=P(b),b)),Z)(y,b),I)&&(y=Qj(""+y)),O)&&x(K,b,v(2,y.length)),x)(K,b,y)},B=function(b,I,K,O,y,R,w,q,N,u,M,H,r,m){if((r=Z(319,I),r)>=I.j)throw[D,31];for(w=r,u=(H=I.fI.length,b),q=0;0<u;)M=w%8,R=8-(M|0),N=w>>3,R=R<u?R:u,O=I.H[N],K&&(y=I,y.G!=w>>6&&(y.G=w>>6,m=Z(377,y),y.W=GJ(y.V,y.G,[0,0,m[1],m[2]])),O^=I.W[N&H]),q|=(O>>8-(M|0)-(R|0)&(1<<R)-1)<<(u|0)-(R|0),w+=R,u-=R;return k(319,I,(K=q,(r|0)+(b|0))),K},P=function(b,I){if(b.C)return hW(b,b.S);return(I=B(8,b,true),I)&128&&(I^=128,b=B(2,b,true),I=(I<<2)+(b|0)),I},d,k=function(b,I,K){if(319==b||351==b)I.K[b]?I.K[b].concat(K):I.K[b]=Db(I,K);else{if(I.N&&377!=b)return;507==b||162==b||17==b||253==b||230==b?I.K[b]||(I.K[b]=E1(54,b,I,K)):I.K[b]=E1(137,b,I,K)}377==b&&(I.V=B(32,I,false),I.G=void 0)},Qj=function(b,I,K,O,y){for(y=(I=K=(b=b.replace(/\\r\\n/g,"\\n"),0),[]);I<b.length;I++)O=b.charCodeAt(I),128>O?y[K++]=O:(2048>O?y[K++]=O>>6|192:(55296==(O&64512)&&I+1<b.length&&56320==(b.charCodeAt(I+1)&64512)?(O=65536+((O&1023)<<10)+(b.charCodeAt(++I)&1023),y[K++]=O>>18|240,y[K++]=O>>12&63|128):y[K++]=O>>12|224,y[K++]=O>>6&63|128),y[K++]=O&63|128);return y},g=function(b){return b.C?hW(b,b.S):B(8,b,true)},T=function(b,I){for(I=[];b--;)I.push(255*Math.random()|0);return I},mj=function(b,I){return(I=g(b),I)&128&&(I=I&127|g(b)<<7),I},K2=function(b,I,K,O){return(O=d[b.substring(0,3)+"_"])?O(b.substring(3),I,K):FO(b,I)},c={passive:true,capture:true},gl=function(b){return b},U=function(b,I,K){K=this;try{JW(this,b,I)}catch(O){f(O,this),I(function(y){y(K.s)})}},hW=function(b,I){return(I=I.create().shift(),b.C.create().length||b.S.create().length)||(b.C=void 0,b.S=void 0),I},kP=String.fromCharCode(105,110,116,101,103,67,104,101,99,107,66,121,112,97,115,115),zJ=[],f2=[],$P=((U.prototype.FY=void 0,U).prototype.T="toString",U.prototype.CI=false,[]),W=(U.prototype.eu=void 0,[]),E=[],S=[],uo=[],D={},F=[],p=(((I8,T,XO,function(){})(n2),U.prototype).h="create",D.constructor),Vj=((a=U.prototype,a.nI=function(b,I,K,O,y,R){for(R=[],K=O=0;K<b.length;K++)for(O+=I,y=y<<I|b[K];7<O;)O-=8,R.push(y>>O&255);return R},a).GP=function(b,I,K){return b^((I=(I^=I<<13,I^=I>>17,(I^I<<5)&K))||(I=1),I)},void 0),PW=(((a.D=(a.B=(a.Mm=function(){return Math.floor(this.Y+(this.D()-this.X))},a.dt=function(){return Math.floor(this.D())},a.Oj=function(b,I,K,O,y){for(y=O=0;y<b.length;y++)O+=b.charCodeAt(y),O+=O<<10,O^=O>>6;return O=(b=(O+=O<<3,O^=O>>11,O)+(O<<15)>>>0,new Number(b&(1<<I)-1)),O[0]=(b>>>I)%K,O},function(b,I,K,O,y){if(K="array"===R8(K)?K:[K],this.s)b(this.s);else try{y=[],O=!this.R.length,l([W,y,K],this),l([E,b,y],this),I&&!O||C(I,true,this)}catch(R){f(R,this),b(this.s)}}),(window.performance||{}).now?function(){return this.DP+window.performance.now()}:function(){return+new Date}),U.prototype.u=function(b,I){return Vj=(I=(b={},{}),function(){return I==b?-64:-17}),function(K,O,y,R,w,q,N,u,M,H,r,m,L,X,G){I=(u=I,b);try{if(y=K[0],y==S){L=K[1];try{for(M=H=(R=(q=atob(L),[]),0);H<q.length;H++)O=q.charCodeAt(H),255<O&&(R[M++]=O&255,O>>=8),R[M++]=O;this.H=R,this.j=this.H.length<<3,k(377,this,[0,0,0])}catch(Q){e(Q,this,17);return}wl(this,8001)}else if(y==W)K[1].push(Z(97,this),Z(162,this).length,Z(17,this).length,Z(507,this).length),k(356,this,K[2]),this.K[376]&&yj(this,8001,Z(376,this));else{if(y==E){(X=(G=v(2,((H=K[2],Z(507,this)).length|0)+2),this).A,this).A=this;try{w=Z(253,this),0<w.length&&x(507,this,v(2,w.length).concat(w),10),x(507,this,v(1,this.L),109),x(507,this,v(1,this[E].length)),q=0,N=Z(162,this),q+=Z(366,this)&2047,q-=(Z(507,this).length|0)+5,4<N.length&&(q-=(N.length|0)+3),0<q&&x(507,this,v(2,q).concat(T(q)),15),4<N.length&&x(507,this,v(2,N.length).concat(N),156)}finally{this.A=X}if(r=((M=T(2).concat(Z(507,this)),M)[1]=M[0]^6,M[3]=M[1]^G[0],M[4]=M[1]^G[1],this).sj(M))r="!"+r;else for(q=0,r="";q<M.length;q++)m=M[q][this.T](16),1==m.length&&(m="0"+m),r+=m;return Z(507,(Z(((k(97,(R=r,this),H.shift()),Z)(162,this).length=H.shift(),17),this).length=H.shift(),this)).length=H.shift(),R}if(y==zJ)yj(this,K[2],K[1]);else if(y==F)return yj(this,8001,K[1])}}finally{I=u}}}(),U.prototype).V2=0,U.prototype).sj=function(b,I,K,O){if(I=window.btoa){for(O=(K=0,"");K<b.length;K+=8192)O+=String.fromCharCode.apply(null,b.slice(K,K+8192));b=I(O).replace(/\\+/g,"-").replace(/\\//g,"_").replace(/=/g,"")}else b=void 0;return b},U.prototype.XY=0,/./),o8,BW=S.pop.bind((U.prototype[f2]=[0,0,1,1,0,1,1],U.prototype[W])),xP=(o8=MO(U.prototype.h,(PW[U.prototype.T]=BW,{get:BW})),U.prototype.gt=void 0,function(b,I){return(I=TJ())&&1===b.eval(I.createScript("1"))?function(K){return I.createScript(K)}:function(K){return""+K}}(z));(40<(d=z.botguard||(z.botguard={}),d.m)||(d.m=41,d.bg=O1,d.a=K2),d).LDL_=function(b,I,K){return[(K=new U(b,I),function(O){return cW(O,K)})]};}).call(this);'));
}).call(this);
#4 JavaScript::Eval (size: 21237) - SHA256: fa3ca93da3b5ef56bed8e3ac8f3273a58d3b1120bd267406f72b826788dc63db
(function() {
    var z = this || self,
        bo = function(b, I, K, O) {
            (K = P((O = P(b), b)), x)(K, b, v(I, Z(O, b)))
        },
        R8 = function(b, I, K) {
            if ("object" == (I = typeof b, I))
                if (b) {
                    if (b instanceof Array) return "array";
                    if (b instanceof Object) return I;
                    if ("[object Window]" == (K = Object.prototype.toString.call(b), K)) return "object";
                    if ("[object Array]" == K || "number" == typeof b.length && "undefined" != typeof b.splice && "undefined" != typeof b.propertyIsEnumerable && !b.propertyIsEnumerable("splice")) return "array";
                    if ("[object Function]" == K || "undefined" != typeof b.call && "undefined" != typeof b.propertyIsEnumerable && !b.propertyIsEnumerable("call")) return "function"
                } else return "null";
            else if ("function" == I && "undefined" == typeof b.call) return "object";
            return I
        },
        Z = function(b, I) {
            if (void 0 === (I = I.K[b], I)) throw [D, 30, b];
            if (I.value) return I.create();
            return I.create(1 * b * b + -48 * b + -64), I.prototype
        },
        f = function(b, I) {
            I.s = ((I.s ? I.s + "~" : "E:") + b.message + ":" + b.stack).slice(0, 2048)
        },
        I8 = function(b, I) {
            (I.push(b[0] << 24 | b[1] << 16 | b[2] << 8 | b[3]), I.push(b[4] << 24 | b[5] << 16 | b[6] << 8 | b[7]), I).push(b[8] << 24 | b[9] << 16 | b[10] << 8 | b[11])
        },
        O1 = function(b, I, K, O) {
            function y() {}
            return {
                invoke: (O = K2(b, (K = void 0, function(R) {
                    y && (I && J(I), K = R, y(), y = void 0)
                }), !!I)[0], function(R, w, q, N) {
                    function u() {
                        K(function(M) {
                            J(function() {
                                R(M)
                            })
                        }, q)
                    }
                    if (!w) return w = O(q), R && R(w), w;
                    K ? u() : (N = y, y = function() {
                        (N(), J)(u)
                    })
                })
            }
        },
        yj = function(b, I, K, O) {
            return Z(356, (k(319, (wl(b, (O = Z(319, b), b.H && O < b.j ? (k(319, b, b.j), qO(b, K)) : k(319, b, K), I)), b), O), b))
        },
        A = function(b, I, K, O, y, R, w, q, N) {
            if (O.L += ((w = (y = (N = (R = (q = (K || O.i++, 0 < O.P && O.I) && O.KI && 1 >= O.v && !O.C && !O.g && (!K || 1 < O.Z - b) && 0 == document.hidden, 4 == O.i)) || q ? O.D() : O.F, N - O.F), y >> 14), O.V) && (O.V ^= w * (y << 2)), O.A = w || O.A, w), R || q) O.F = N, O.i = 0;
            if (!q || N - O.X < O.P - (I ? 255 : K ? 5 : 2)) return false;
            return (k((I = Z((O.Z = b, K ? 351 : 319), O), 319), O, O.j), O.R).push([zJ, I, K ? b + 1 : b]), O.g = J, true
        },
        io = function(b, I) {
            return I[b] << 24 | I[(b | 0) + 1] << 16 | I[(b | 0) + 2] << 8 | I[(b | 0) + 3]
        },
        qO = function(b, I) {
            k(319, ((b.rt.push(b.K.slice()), b).K[319] = void 0, b), I)
        },
        V = function(b, I, K) {
            I[k(K, b, I), uo] = 2796
        },
        JW = function(b, I, K, O, y) {
            for ((b.pI = MO(b.h, ((b.kG = (b.fI = b[E], o8), b).Q2 = PW, {get: function() {
                        return this.concat()
                    }
                })), b).ju = p[b.h](b.pI, {
                    value: {
                        value: {}
                    }
                }), y = [], O = 0; 128 > O; O++) y[O] = String.fromCharCode(O);
            C(true, true, (l(((l([(V(b, (V(b, function(R, w) {
                (w = Z(P(R), R), qO)(R.A, w)
            }, (V(b, function(R, w, q, N) {
                k((w = g((N = P(R), R)), q = P(R), q), R, Z(N, R) >>> w)
            }, (k(97, (V((V(b, (k(230, b, (V(b, (b.uf = (k((k(162, b, (V(b, function(R, w, q, N) {
                (N = Z((w = (q = (w = P(R), N = P(R), P(R)), Z)(w, R), N), R), k)(q, R, +(w == N))
            }, (V(b, (V((V(b, (V(b, (V(b, (V(b, function(R) {
                bo(R, 1)
            }, (k(17, ((V(b, (b.HZ = (V(b, function(R, w) {
                R = (w = P(R), Z(w, R.A)), R[0].removeEventListener(R[1], R[2], c)
            }, (k(507, b, (V(b, function(R, w, q, N, u, M, H) {
                for (u = (q = Z(92, (w = (H = mj((N = P(R), R)), ""), R)), q.length), M = 0; H--;) M = ((M | 0) + (mj(R) | 0)) % u, w += y[q[M]];
                k(N, R, w)
            }, ((V(b, ((V((k((k(366, (k(356, b, (V(b, (V(b, (V(b, (V((k(182, (k(305, (k((b.Su = (V(b, (V(b, function(R, w, q) {
                A(w, false, true, R) || (w = P(R), q = P(R), k(q, R, function(N) {
                    return eval(N)
                }(xP(Z(w, R.A)))))
            }, (V(b, function(R) {
                HW(R, 4)
            }, (k((b.s = (b.DP = (b.L = 1, b.G = void 0, b.rt = [], b.KI = false, (b.W = void 0, b.Y = 0, b.X = (b.o = (b.A = b, []), b.l = (b.v = 0, O = (b.g = null, b.j = 0, (b.S = (b.N = false, void 0), b.wt = 0, window).performance) || {}, (b.P = 0, b).I = !(b.Z = 8001, 1), b.H = [], []), (b.i = void 0, b.U = 25, b.C = void 0, b.R = [], (b.V = void 0, b).RQ = function(R) {
                this.A = R
            }, b).K = [], 0), (b.F = 0, O).timeOrigin || (O.timing || {}).navigationStart) || 0), void 0), 319), b, 0), k(351, b, 0), 475)), 168)), function(R, w, q) {
                0 != (q = Z((w = P(R), q = P(R), q), R), Z(w, R)) && k(319, R, q)
            }), 342), 0), 253), b, []), b), b), b), 0), b), function(R) {
                bo(R, 4)
            }, 267), function(R, w, q, N, u) {
                (q = (u = Z((w = Z((u = P((q = (N = (w = P(R), P)(R), P)(R), R)), w), R.A), u), R), N = Z(N, R), Z)(q, R), 0) !== w && (q = vW(1, R, u, q, w, N), w.addEventListener(N, q, c), k(182, R, [w, N, q]))
            }), 261), function(R, w, q, N, u) {
                (w = (q = P((N = (u = P(R), P)(R), R)), P(R)), q = Z(q, R), w = Z(w, R), N = Z(N, R), k)(u, R, vW(w, R, q, N))
            }), 222), function(R, w, q, N) {
                (w = P((N = (q = P(R), P)(R), R)), k)(w, R, Z(q, R) || Z(N, R))
            }), 381), {})), b), 0), 270), b, z), b), function(R) {
                Zb(R, 3)
            }, 395), V)(b, function(R, w, q) {
                k((q = Z((w = P((q = P(R), R)), q), R), q = R8(q), w), R, q)
            }, 405), function(R, w, q, N) {
                !A(w, false, true, R) && (w = rl(R), q = w.J, N = w.AN, R.A == R || q == R.RQ && N == R) && (k(w.aQ, R, q.apply(N, w.O)), R.F = R.D())
            }), 234), V)(b, function(R) {
                Zb(R, 4)
            }, 203), 335)), [160, 0, 0])), 206)), 0), function() {}), 503), V)(b, function(R, w, q, N, u, M, H, r, m, L, X, G) {
                function Q(n, h) {
                    for (; q < n;) G |= g(R) << q, q += 8;
                    return h = G & (1 << n) - 1, q -= n, G >>= n, h
                }
                for (X = (L = (q = G = (M = P(R), 0), (Q(3) | 0) + 1), u = Q(5), N = 0), m = []; N < u; N++) H = Q(1), m.push(H), X += H ? 0 : 1;
                for (X = (w = (N = ((X | 0) - 1).toString(2).length, []), 0); X < u; X++) m[X] || (w[X] = Q(N));
                for (N = 0; N < u; N++) m[N] && (w[N] = P(R));
                for (r = []; L--;) r.push(Z(P(R), R));
                V(R, function(n, h, Y, NO, t) {
                    for (h = (NO = [], 0), Y = []; h < u; h++) {
                        if (t = w[h], !m[h]) {
                            for (; t >= Y.length;) Y.push(P(n));
                            t = Y[t]
                        }
                        NO.push(t)
                    }
                    n.S = Db(n, (n.C = Db(n, r.slice()), NO))
                }, M)
            }, 94), b), []), 367)), function(R, w, q, N) {
                (N = Z((q = Z((w = (q = P(R), P)(R), q), R), w), R), k)(w, R, N + q)
            }), 58), function(R, w, q, N, u, M) {
                if (!A(w, true, true, R)) {
                    if ("object" == R8((R = Z((M = (w = (M = (q = (w = (N = P(R), P)(R), P(R)), P(R)), Z)(w, R), Z)(M, R), q = Z(q, R), N), R), R))) {
                        for (u in N = [], R) N.push(u);
                        R = N
                    }
                    for (N = (u = (q = 0 < q ? q : 1, 0), R).length; u < N; u += q) w(R.slice(u, (u | 0) + (q | 0)), M)
                }
            }), 341), function(R, w, q, N) {
                if (w = R.rt.pop()) {
                    for (q = g(R); 0 < q; q--) N = P(R), w[N] = R.K[N];
                    R.K = (w[253] = R.K[253], w[97] = R.K[97], w)
                } else k(319, R, R.j)
            }), 327), b), function(R, w, q) {
                w = P(R), q = P(R), k(q, R, "" + Z(w, R))
            }, 455), function(R, w, q, N, u) {
                for (q = (u = P(R), w = mj(R), N = [], 0); q < w; q++) N.push(g(R));
                k(u, R, N)
            }), 34), 117)), T)(4)), 205), b, 524), 0), function(R, w, q, N) {
                N = (w = P((q = (N = P(R), P(R)), R)), Z(N, R)), q = Z(q, R), k(w, R, N in q | 0)
            }), 79), [0, 0, 0])), function(R, w, q, N, u) {
                (q = (u = (N = P(R), P(R)), P)(R), R).A == R && (q = Z(q, R), w = Z(N, R), u = Z(u, R), w[u] = q, 377 == N && (R.G = void 0, 2 == u && (R.V = B(32, R, false), R.G = void 0)))
            }), 474), b), function(R, w, q, N, u, M) {
                A(w, false, true, R) || (N = rl(R.A), w = N.AN, M = N.O, q = N.J, u = M.length, N = N.aQ, w = 0 == u ? new w[q] : 1 == u ? new w[q](M[0]) : 2 == u ? new w[q](M[0], M[1]) : 3 == u ? new w[q](M[0], M[1], M[2]) : 4 == u ? new w[q](M[0], M[1], M[2], M[3]) : 2(), k(N, R, w))
            }, 317), b), 2048), 89)), 473)), function(R, w, q, N) {
                k((N = (q = Z((w = P((N = (q = P(R), P(R)), R)), q), R), Z(N, R)), w), R, q[N])
            }), 380), uo)], b), l)([S, I], b), [f2, K]), b), b))
        },
        l = function(b, I) {
            I.R.splice(0, 0, b)
        },
        XO = function(b, I, K, O) {
            try {
                O = b[((I | 0) + 2) % 3], b[I] = (b[I] | 0) - (b[((I | 0) + 1) % 3] | 0) - (O | 0) ^ (1 == I ? O << K : O >>> K)
            } catch (y) {
                throw y;
            }
        },
        n2 = function(b, I, K) {
            if (3 == b.length) {
                for (K = 0; 3 > K; K++) I[K] += b[K];
                for (b = [13, 8, 13, 12, 16, 5, 3, 10, 15], K = 0; 9 > K; K++) I[3](I, K % 3, b[K])
            }
        },
        GJ = function(b, I, K, O, y) {
            for (y = (K = K[3] | (O = K[2] | 0, 0), 0); 14 > y; y++) I = I >>> 8 | I << 24, I += b | 0, K = K >>> 8 | K << 24, b = b << 3 | b >>> 29, I ^= O + 2298, K += O | 0, K ^= y + 2298, b ^= I, O = O << 3 | O >>> 29, O ^= K;
            return [b >>> 24 & 255, b >>> 16 & 255, b >>> 8 & 255, b >>> 0 & 255, I >>> 24 & 255, I >>> 16 & 255, I >>> 8 & 255, I >>> 0 & 255]
        },
        v = function(b, I, K, O) {
            for (K = (b | 0) - 1, O = []; 0 <= K; K--) O[(b | 0) - 1 - (K | 0)] = I >> 8 * K & 255;
            return O
        },
        wl = function(b, I, K, O, y, R) {
            if (!b.s) {
                b.v++;
                try {
                    for (R = (y = (K = b.j, void 0), 0); --I;) try {
                        if ((O = void 0, b).C) y = hW(b, b.C);
                        else {
                            if (R = Z(319, b), R >= K) break;
                            O = P((k(351, b, R), b)), y = Z(O, b)
                        }
                        A((y && y[$P] & 2048 ? y(b, I) : e([D, 21, O], b, 0), I), false, false, b)
                    } catch (w) {
                        Z(205, b) ? e(w, b, 22) : k(205, b, w)
                    }
                    if (!I) {
                        if (b.CI) {
                            b.v--, wl(b, 216630971487);
                            return
                        }
                        e([D, 33], b, 0)
                    }
                } catch (w) {
                    try {
                        e(w, b, 22)
                    } catch (q) {
                        f(q, b)
                    }
                }
                b.v--
            }
        },
        rl = function(b, I, K, O, y, R) {
            for (R = (K = ((O = (I = b[kP] || {}, P(b)), I.aQ = P(b), I).O = [], b.A == b ? (g(b) | 0) - 1 : 1), P(b)), y = 0; y < K; y++) I.O.push(P(b));
            for (; K--;) I.O[K] = Z(I.O[K], b);
            return (I.J = Z(O, b), I).AN = Z(R, b), I
        },
        vW = function(b, I, K, O, y, R) {
            function w() {
                if (I.A == I) {
                    if (I.K) {
                        var q = [F, O, K, void 0, y, R, arguments];
                        if (2 == b) var N = C(false, false, (l(q, I), I));
                        else if (1 == b) {
                            var u = !I.R.length;
                            (l(q, I), u) && C(false, false, I)
                        } else N = AW(I, q);
                        return N
                    }
                    y && R && y.removeEventListener(R, w, c)
                }
            }
            return w
        },
        E1 = function(b, I, K, O, y, R, w, q) {
            return O = [-9, -48, 48, 29, -71, -79, O, -95, 27, 81], R = Vj, q = b & 7, y = p[K.h](K.pI), y[K.h] = function(N) {
                q += (w = N, 6 + 7 * b), q &= 7
            }, y.concat = function(N) {
                return (w = (N = (N = -46 * I * I * w - -2208 * I * w + (N = I % 16 + 1, 1 * I * I * N) + q + 46 * w * w + O[q + 27 & 7] * I * N - -2944 * w + (R() | 0) * N - N * w, O)[N], void 0), O[(q + 21 & 7) + (b & 2)] = N, O)[q + (b & 2)] = -48, N
            }, y
        },
        C = function(b, I, K, O, y, R) {
            if (K.R.length) {
                K.I = (K.KI = (K.I && 0(), b), true);
                try {
                    y = K.D(), K.F = y, K.X = y, K.i = 0, O = p2(b, K), R = K.D() - K.X, K.Y += R, R < (I ? 0 : 10) || 0 >= K.U-- || (R = Math.floor(R), K.o.push(254 >= R ? R : 254))
                } finally {
                    K.I = false
                }
                return O
            }
        },
        J = z.requestIdleCallback ? function(b) {
            requestIdleCallback(function() {
                b()
            }, {
                timeout: 4
            })
        } : z.setImmediate ? function(b) {
            setImmediate(b)
        } : function(b) {
            setTimeout(b, 0)
        },
        e = function(b, I, K, O, y, R) {
            if (!I.N) {
                if ((b = (K = (0 == (R = Z(253, ((O = void 0, b) && b[0] === D && (O = b[2], K = b[1], b = void 0), I)), R).length && (y = Z(351, I) >> 3, R.push(K, y >> 8 & 255, y & 255), void 0 != O && R.push(O & 255)), ""), b && (b.message && (K += b.message), b.stack && (K += ":" + b.stack)), Z)(97, I), 3) < b) {
                    I.A = (K = (b -= (K = K.slice(0, (b | 0) - 3), (K.length | 0) + 3), Qj)(K), O = I.A, I);
                    try {
                        x(162, I, v(2, K.length).concat(K), 9)
                    } finally {
                        I.A = O
                    }
                }
                k(97, I, b)
            }
        },
        HW = function(b, I, K, O) {
            for (K = (O = P(b), 0); 0 < I; I--) K = K << 8 | g(b);
            k(O, b, K)
        },
        FO = function(b, I) {
            return I(function(K) {
                K(b)
            }), [function() {
                return b
            }]
        },
        cW = function(b, I, K) {
            return I.B(function(O) {
                K = O
            }, false, b), K
        },
        x = function(b, I, K, O, y, R) {
            if (I.A == I)
                for (R = Z(b, I), 162 == b ? (b = function(w, q, N, u) {
                        if ((u = (q = R.length, (q | 0) - 4 >> 3), R.hN) != u) {
                            u = (u << (N = [0, 0, y[R.hN = u, 1], y[2]], 3)) - 4;
                            try {
                                R.bf = GJ(io(u, R), io((u | 0) + 4, R), N)
                            } catch (M) {
                                throw M;
                            }
                        }
                        R.push(R.bf[q & 7] ^ w)
                    }, y = Z(230, I)) : b = function(w) {
                        R.push(w)
                    }, O && b(O & 255), I = K.length, O = 0; O < I; O++) b(K[O])
        },
        TJ = function(b, I) {
            if ((I = (b = null, z).trustedTypes, !I) || !I.createPolicy) return b;
            try {
                b = I.createPolicy("bg", {
                    createHTML: gl,
                    createScript: gl,
                    createScriptURL: gl
                })
            } catch (K) {
                z.console && z.console.error(K.message)
            }
            return b
        },
        p2 = function(b, I, K, O) {
            for (; I.R.length;) {
                K = (I.g = null, I).R.pop();
                try {
                    O = AW(I, K)
                } catch (y) {
                    f(y, I)
                }
                if (b && I.g) {
                    b = I.g, b(function() {
                        C(true, true, I)
                    });
                    break
                }
            }
            return O
        },
        AW = function(b, I, K, O, y) {
            if (O = I[0], O == W) b.U = 25, b.u(I);
            else if (O == E) {
                K = I[1];
                try {
                    y = b.s || b.u(I)
                } catch (R) {
                    f(R, b), y = b.s
                }
                K(y)
            } else if (O == zJ) b.u(I);
            else if (O == S) b.u(I);
            else if (O == f2) {
                try {
                    for (y = 0; y < b.l.length; y++) try {
                        K = b.l[y], K[0][K[1]](K[2])
                    } catch (R) {}
                } catch (R) {}(0, I[b.l = [], 1])(function(R, w) {
                    b.B(R, true, w)
                }, function(R) {
                    l([$P], (R = !b.R.length, b)), R && C(true, false, b)
                })
            } else {
                if (O == F) return y = I[2], k(332, b, I[6]), k(356, b, y), b.u(I);
                O == $P ? (b.H = [], b.K = null, b.o = []) : O == uo && "loading" === z.document.readyState && (b.g = function(R, w) {
                    function q() {
                        w || (w = true, R())
                    }
                    z.document.addEventListener("DOMContentLoaded", q, (w = false, c)), z.addEventListener("load", q, c)
                })
            }
        },
        MO = function(b, I) {
            return p[b](p.prototype, {
                pop: I,
                call: I,
                splice: I,
                document: I,
                replace: I,
                prototype: I,
                length: I,
                propertyIsEnumerable: I,
                floor: I,
                console: I,
                parent: I,
                stack: I
            })
        },
        Db = function(b, I, K) {
            return K = p[b.h](b.ju), K[b.h] = function() {
                return I
            }, K.concat = function(O) {
                I = O
            }, K
        },
        a, Zb = function(b, I, K, O, y) {
            (((y = (K = P((I &= (O = I & 3, 4), y = P(b), b)), Z)(y, b), I) && (y = Qj("" + y)), O) && x(K, b, v(2, y.length)), x)(K, b, y)
        },
        B = function(b, I, K, O, y, R, w, q, N, u, M, H, r, m) {
            if ((r = Z(319, I), r) >= I.j) throw [D, 31];
            for (w = r, u = (H = I.fI.length, b), q = 0; 0 < u;) M = w % 8, R = 8 - (M | 0), N = w >> 3, R = R < u ? R : u, O = I.H[N], K && (y = I, y.G != w >> 6 && (y.G = w >> 6, m = Z(377, y), y.W = GJ(y.V, y.G, [0, 0, m[1], m[2]])), O ^= I.W[N & H]), q |= (O >> 8 - (M | 0) - (R | 0) & (1 << R) - 1) << (u | 0) - (R | 0), w += R, u -= R;
            return k(319, I, (K = q, (r | 0) + (b | 0))), K
        },
        P = function(b, I) {
            if (b.C) return hW(b, b.S);
            return (I = B(8, b, true), I) & 128 && (I ^= 128, b = B(2, b, true), I = (I << 2) + (b | 0)), I
        },
        d, k = function(b, I, K) {
            if (319 == b || 351 == b) I.K[b] ? I.K[b].concat(K) : I.K[b] = Db(I, K);
            else {
                if (I.N && 377 != b) return;
                507 == b || 162 == b || 17 == b || 253 == b || 230 == b ? I.K[b] || (I.K[b] = E1(54, b, I, K)) : I.K[b] = E1(137, b, I, K)
            }
            377 == b && (I.V = B(32, I, false), I.G = void 0)
        },
        Qj = function(b, I, K, O, y) {
            for (y = (I = K = (b = b.replace(/\r\n/g, "\n"), 0), []); I < b.length; I++) O = b.charCodeAt(I), 128 > O ? y[K++] = O : (2048 > O ? y[K++] = O >> 6 | 192 : (55296 == (O & 64512) && I + 1 < b.length && 56320 == (b.charCodeAt(I + 1) & 64512) ? (O = 65536 + ((O & 1023) << 10) + (b.charCodeAt(++I) & 1023), y[K++] = O >> 18 | 240, y[K++] = O >> 12 & 63 | 128) : y[K++] = O >> 12 | 224, y[K++] = O >> 6 & 63 | 128), y[K++] = O & 63 | 128);
            return y
        },
        g = function(b) {
            return b.C ? hW(b, b.S) : B(8, b, true)
        },
        T = function(b, I) {
            for (I = []; b--;) I.push(255 * Math.random() | 0);
            return I
        },
        mj = function(b, I) {
            return (I = g(b), I) & 128 && (I = I & 127 | g(b) << 7), I
        },
        K2 = function(b, I, K, O) {
            return (O = d[b.substring(0, 3) + "_"]) ? O(b.substring(3), I, K) : FO(b, I)
        },
        c = {
            passive: true,
            capture: true
        },
        gl = function(b) {
            return b
        },
        U = function(b, I, K) {
            K = this;
            try {
                JW(this, b, I)
            } catch (O) {
                f(O, this), I(function(y) {
                    y(K.s)
                })
            }
        },
        hW = function(b, I) {
            return (I = I.create().shift(), b.C.create().length || b.S.create().length) || (b.C = void 0, b.S = void 0), I
        },
        kP = String.fromCharCode(105, 110, 116, 101, 103, 67, 104, 101, 99, 107, 66, 121, 112, 97, 115, 115),
        zJ = [],
        f2 = [],
        $P = ((U.prototype.FY = void 0, U).prototype.T = "toString", U.prototype.CI = false, []),
        W = (U.prototype.eu = void 0, []),
        E = [],
        S = [],
        uo = [],
        D = {},
        F = [],
        p = (((I8, T, XO, function() {})(n2), U.prototype).h = "create", D.constructor),
        Vj = ((a = U.prototype, a.nI = function(b, I, K, O, y, R) {
            for (R = [], K = O = 0; K < b.length; K++)
                for (O += I, y = y << I | b[K]; 7 < O;) O -= 8, R.push(y >> O & 255);
            return R
        }, a).GP = function(b, I, K) {
            return b ^ ((I = (I ^= I << 13, I ^= I >> 17, (I ^ I << 5) & K)) || (I = 1), I)
        }, void 0),
        PW = (((a.D = (a.B = (a.Mm = function() {
            return Math.floor(this.Y + (this.D() - this.X))
        }, a.dt = function() {
            return Math.floor(this.D())
        }, a.Oj = function(b, I, K, O, y) {
            for (y = O = 0; y < b.length; y++) O += b.charCodeAt(y), O += O << 10, O ^= O >> 6;
            return O = (b = (O += O << 3, O ^= O >> 11, O) + (O << 15) >>> 0, new Number(b & (1 << I) - 1)), O[0] = (b >>> I) % K, O
        }, function(b, I, K, O, y) {
            if (K = "array" === R8(K) ? K : [K], this.s) b(this.s);
            else try {
                y = [], O = !this.R.length, l([W, y, K], this), l([E, b, y], this), I && !O || C(I, true, this)
            } catch (R) {
                f(R, this), b(this.s)
            }
        }), (window.performance || {}).now ? function() {
            return this.DP + window.performance.now()
        } : function() {
            return +new Date
        }), U.prototype.u = function(b, I) {
            return Vj = (I = (b = {}, {}), function() {
                    return I == b ? -64 : -17
                }),
                function(K, O, y, R, w, q, N, u, M, H, r, m, L, X, G) {
                    I = (u = I, b);
                    try {
                        if (y = K[0], y == S) {
                            L = K[1];
                            try {
                                for (M = H = (R = (q = atob(L), []), 0); H < q.length; H++) O = q.charCodeAt(H), 255 < O && (R[M++] = O & 255, O >>= 8), R[M++] = O;
                                this.H = R, this.j = this.H.length << 3, k(377, this, [0, 0, 0])
                            } catch (Q) {
                                e(Q, this, 17);
                                return
                            }
                            wl(this, 8001)
                        } else if (y == W) K[1].push(Z(97, this), Z(162, this).length, Z(17, this).length, Z(507, this).length), k(356, this, K[2]), this.K[376] && yj(this, 8001, Z(376, this));
                        else {
                            if (y == E) {
                                (X = (G = v(2, ((H = K[2], Z(507, this)).length | 0) + 2), this).A, this).A = this;
                                try {
                                    w = Z(253, this), 0 < w.length && x(507, this, v(2, w.length).concat(w), 10), x(507, this, v(1, this.L), 109), x(507, this, v(1, this[E].length)), q = 0, N = Z(162, this), q += Z(366, this) & 2047, q -= (Z(507, this).length | 0) + 5, 4 < N.length && (q -= (N.length | 0) + 3), 0 < q && x(507, this, v(2, q).concat(T(q)), 15), 4 < N.length && x(507, this, v(2, N.length).concat(N), 156)
                                } finally {
                                    this.A = X
                                }
                                if (r = ((M = T(2).concat(Z(507, this)), M)[1] = M[0] ^ 6, M[3] = M[1] ^ G[0], M[4] = M[1] ^ G[1], this).sj(M)) r = "!" + r;
                                else
                                    for (q = 0, r = ""; q < M.length; q++) m = M[q][this.T](16), 1 == m.length && (m = "0" + m), r += m;
                                return Z(507, (Z(((k(97, (R = r, this), H.shift()), Z)(162, this).length = H.shift(), 17), this).length = H.shift(), this)).length = H.shift(), R
                            }
                            if (y == zJ) yj(this, K[2], K[1]);
                            else if (y == F) return yj(this, 8001, K[1])
                        }
                    } finally {
                        I = u
                    }
                }
        }(), U.prototype).V2 = 0, U.prototype).sj = function(b, I, K, O) {
            if (I = window.btoa) {
                for (O = (K = 0, ""); K < b.length; K += 8192) O += String.fromCharCode.apply(null, b.slice(K, K + 8192));
                b = I(O).replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "")
            } else b = void 0;
            return b
        }, U.prototype.XY = 0, /./),
        o8, BW = S.pop.bind((U.prototype[f2] = [0, 0, 1, 1, 0, 1, 1], U.prototype[W])),
        xP = (o8 = MO(U.prototype.h, (PW[U.prototype.T] = BW, {get: BW
        })), U.prototype.gt = void 0, function(b, I) {
            return (I = TJ()) && 1 === b.eval(I.createScript("1")) ? function(K) {
                return I.createScript(K)
            } : function(K) {
                return "" + K
            }
        }(z));
    (40 < (d = z.botguard || (z.botguard = {}), d.m) || (d.m = 41, d.bg = O1, d.a = K2), d).LDL_ = function(b, I, K) {
        return [(K = new U(b, I), function(O) {
            return cW(O, K)
        })]
    };
}).call(this);
#5 JavaScript::Eval (size: 64) - SHA256: 14ed98b8b82987bce49c9e6a0f9b620434ec92ad83e9815037257823fe34071e
0,
function(R, w, q) {
    k((q = (w = (q = P(R), P(R)), R).K[q] && Z(q, R), w), R, q)
}

Executed Writes (0)


HTTP Transactions (172)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3846
Expires: Thu, 24 Nov 2022 21:03:09 GMT
Date: Thu, 24 Nov 2022 19:59:03 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5860
Cache-Control: max-age=144588
Date: Thu, 24 Nov 2022 19:59:03 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 12:08:51 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5813
Expires: Thu, 24 Nov 2022 21:35:56 GMT
Date: Thu, 24 Nov 2022 19:59:03 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 24 Nov 2022 19:18:59 GMT
cache-control: public,max-age=3600
age: 2404
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    4d7e4eed097b9c4e5d509419f1cfc85a
Sha1:   290bb3d428a7c6330e2e3d73a952b16f820896c8
Sha256: 0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: N1zfAkIMDQ6AN0prB9uJvtkO2J3gsyQmgwsEC1V6HeGRSl2xVK3j8Kvsmkqjgh/X9TfM6ktQsn4=
x-amz-request-id: 9FMGQP5R1SDCSMS0
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 24 Nov 2022 19:40:31 GMT
age: 1112
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET / HTTP/1.1 
Host: glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         198.187.29.109
HTTP/1.1 301 Moved Permanently
content-type: text/html
                                        
keep-alive: timeout=5, max=100
content-length: 707
date: Thu, 24 Nov 2022 19:59:03 GMT
server: LiteSpeed
location: https://glennmarkdizon.com/
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size:   707
Md5:    1304294c0823ca486542ba408ed761e3
Sha1:   b2a70fb2d810ca13985882e6981f33998823e83e
Sha256: 3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 24 Nov 2022 19:59:03 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 24 Nov 2022 19:08:53 GMT
cache-control: public,max-age=3600
age: 3010
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5257
Cache-Control: 'max-age=158059'
Date: Thu, 24 Nov 2022 19:59:03 GMT
Last-Modified: Thu, 24 Nov 2022 18:31:26 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 19:59:03 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 21 Nov 2022 18:49:10 GMT
Expires: Mon, 28 Nov 2022 18:49:09 GMT
Etag: "ea5e2514c52e148ded3b5eceecbf04643e8ad14c"
Cache-Control: max-age=340805,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f4b90f7acdb4ff-OSL

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 15ruoCu8cPwmAnLgvh53AA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         54.148.213.75
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 74TwQBWGCPOFj8dtmDWbhubA7ug=

                                        
                                            GET / HTTP/1.1 
Host: glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         198.187.29.109
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
x-pingback: https://www.glennmarkdizon.com/xmlrpc.php
x-redirect-by: WordPress
location: https://www.glennmarkdizon.com/
content-length: 0
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET / HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: text/html
                                        
last-modified: Wed, 16 Nov 2022 07:40:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 23300
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
expires: Mon, 29 Oct 1923 20:30:00 GMT
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (9381)
Size:   23300
Md5:    f5ea130c187c885b87f09d13b6afa9c2
Sha1:   58ac225ebda0f0f7b5e1f2c57a14b8f5c0e19a7c
Sha256: b68502649329703c615cad6731faa350cd52f785081710d87a82f6488a2bf64e

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 19:59:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4003
Cache-Control: max-age=170054
Date: Thu, 24 Nov 2022 19:59:04 GMT
Etag: "637fb2ab-117"
Expires: Sat, 26 Nov 2022 19:13:18 GMT
Last-Modified: Thu, 24 Nov 2022 18:06:35 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /wp-content/cache/wpfc-minified/79tjo3f4/ab39e.css HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Wed, 16 Nov 2022 07:40:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10957
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65517)
Size:   10957
Md5:    5b3b0083c3dfe8d164683c33929dda7b
Sha1:   dbab68ae166e3f8769066b6cad03ce72d98d11c8
Sha256: 2985202349399d40c5bd4fc32f52cdb82775c176224b08b2384f5ba7e7c8b455

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 19:59:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/cache/wpfc-minified/qtjdgbki/fr1mn.css HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Thu, 18 Aug 2022 21:10:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 16418
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   16418
Md5:    604b4b0177e09915b54398381cd1ff79
Sha1:   d72ff5c1624b996bf25c7d8514555784a6eb2552
Sha256: 440d5002a7e4c5add5df83138421acbe29c0e2859258ca8981e712c6ec4db0b4

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/elementor/css/post-11.css?ver=1668580950 HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Wed, 16 Nov 2022 06:42:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 364
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1244), with no line terminators
Size:   364
Md5:    92033d2ab63fcea3f4a50b7ffc8bb6a9
Sha1:   7b5246a7af243f5ddf8e943f35ca465ec1e448f4
Sha256: 4188b340d2337c4732ef47464e6018e79e941750b4683dea85a235c448e8dba7

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/cache/wpfc-minified/2qbsyya5/ab39e.css HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Wed, 16 Nov 2022 07:40:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4536
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (20596)
Size:   4536
Md5:    558f42780be85751a7b77e207c7f2b03
Sha1:   071a66e0279541ce7d3777a55643c34e122ea06c
Sha256: c540828c392a38be24d1d28a202ff4e9a478b45549948d8418d0e81bd20f15d7

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/cache/wpfc-minified/f12l1vzu/41kvu.css HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Thu, 11 Aug 2022 14:44:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7216
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (39280)
Size:   7216
Md5:    69c00878d510b6035128d975734014fc
Sha1:   46e69cd6683e4901c97a48d39f2c4c4ece0628ac
Sha256: 3231297f5675fd1f3454182331e0d24a9fbc1781daab7c6ca9bc765830f08e75

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/cache/wpfc-minified/ehs6yavo/41kvu.css HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Thu, 11 Aug 2022 14:44:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12280
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (59598), with no line terminators
Size:   12280
Md5:    b268ed80c5f11ea6bf7987ab6b99eaa9
Sha1:   15add3ec9d5336462b9522a7584c66f58180ba28
Sha256: 96e7c84e13979da6573098cc76072f20884cacb1ce2e2786d8163104397dedf4

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/elementor/css/post-31.css?ver=1668580952 HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Wed, 16 Nov 2022 06:42:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1714
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5828)
Size:   1714
Md5:    41c0c7cff12d3f3f2ce44213a25594b0
Sha1:   3517ebb78f0309e1258ef42f7a5f50815df2b072
Sha256: b1ef76b17de9df92043e1a7ec71155c2e0b65faf2c66f648621ea53f115d5127

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/elementor/css/post-2.css?ver=1668582133 HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Wed, 16 Nov 2022 07:02:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5499
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (44672)
Size:   5499
Md5:    8f04bad0f4c8e873351f42d1eff427cf
Sha1:   615033e0e6dfb6ece597a039074774978df636bf
Sha256: e454e4922b625dc23068b90efcf57160108a5eae9935991df95a221984ea2f40

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/hello-theme-child-master/style.css?ver=1.0.0 HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Mon, 08 Aug 2022 14:03:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 287
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   287
Md5:    9cfc60525bfc5d073088e68254b87b1a
Sha1:   1d85ee6b11cf58bf9a822e1faf03b2dba630ad12
Sha256: de286cadb2def7a628c401906d9abfa5669015f51de399cbd5bc3a7867862145

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/elementor/css/post-19.css?ver=1668580952 HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Wed, 16 Nov 2022 06:42:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1080
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2398), with CRLF, LF line terminators
Size:   1080
Md5:    c58a66ea1e0369666a12ccd49563e730
Sha1:   2bc6f3bb11d5645c6b58be8baae2e93ffcd6de6e
Sha256: 5900e442cb7163937c11c33d541bf37db64b45855c6f1193888a96a7e2c5c127

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14534
Expires: Fri, 25 Nov 2022 00:01:19 GMT
Date: Thu, 24 Nov 2022 19:59:05 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14534
Expires: Fri, 25 Nov 2022 00:01:19 GMT
Date: Thu, 24 Nov 2022 19:59:05 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14534
Expires: Fri, 25 Nov 2022 00:01:19 GMT
Date: Thu, 24 Nov 2022 19:59:05 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14534
Expires: Fri, 25 Nov 2022 00:01:19 GMT
Date: Thu, 24 Nov 2022 19:59:05 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5070
x-amzn-requestid: d86d95ad-9b78-4047-82e7-04e83a97e330
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwViF1GIAMF_PQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9423-10809ba1634776171cf79cb8;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:44:03 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8rbsN9OVJmneT9ov-Q7V4RB8DP5UWhhn-7cnukHiBpl06zmMM0zJTg==
via: 1.1 0dc4feb22bb4657ce2bb95fd05ec7122.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:57:20 GMT
age: 79305
etag: "89accd230fba95fe0049678070817b36ead015fa"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5070
Md5:    0856fdb55f19f03a1bec38b3d6e0ac77
Sha1:   89accd230fba95fe0049678070817b36ead015fa
Sha256: 17c6e6f9bb8f4261fff2dc2a43ed994986418761624b8afead768e89927594f2
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7YSXUV-LZpsI7vciFhuqt1EVr6YRkhxcOgMg8z8bxLcOE01_baf6Gg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:47:06 GMT
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
age: 79919
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7993
Md5:    92c78302bcce1568eb6a5563100b932c
Sha1:   43d1dec7fc06879988c9c3cadd800cc8145df988
Sha256: 0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4309
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE0hGNioAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:14:07 GMT
age: 45898
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4309
Md5:    841a4b110022a99ddea6f7bf66df0fa1
Sha1:   126771b86638108050cf57c0d12faa27f80f0edb
Sha256: 240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6789
x-amzn-requestid: 4d94ce1b-d18f-43b8-bb4d-e7093f9bea42
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvd2G9UIAMFrEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5f2-64a570135be59b83031811da;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:04:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JygkDI7XSvlgurUTot874ZAXlOIqnv4cntMQ55IvHVqw93JBcksZjQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:15:22 GMT
age: 45823
etag: "303c571b13b05fcf27ee1159d8fdf6369aaef0a2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6789
Md5:    d9d93b2a6875d446c3467eb49767eef5
Sha1:   303c571b13b05fcf27ee1159d8fdf6369aaef0a2
Sha256: 2a2345a925e0187979930a7f2de8548957ad9f2baae77364dcb157286e2b3fcf
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 13882
x-amzn-requestid: 9022b0b3-31d5-4149-a969-02514f11b95a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvzNHjMoAMFWMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9347-0e8354a02bef623644714e31;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ve4q5FDkwMGhPK6ZVVVCZtoBTaGaz43r_PwINzwS5Nx5tcZeQkVIfw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:49:47 GMT
age: 79758
etag: "1102dbdcbcabf5c25d17840f8f00d5b55b9b8f0a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13882
Md5:    64d79191f005c9876b952c5f948aa0f7
Sha1:   1102dbdcbcabf5c25d17840f8f00d5b55b9b8f0a
Sha256: 00fb36c3d322e8302c5ce202d6d4119d637510cd6f3b63e1347781ec3bb9d7fc
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7462
x-amzn-requestid: 1f6fb14d-83e0-43d3-9dab-5bc83af1a7c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwV3HV9oAMFs9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9425-634d43db6308e0be596aa5a0;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:44:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GW5UTfY7-TwPWTno9z1e21a2cA9fmU7GfHFYWdL-zQvMLxeq-S9Trg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 22:03:54 GMT
age: 78911
etag: "a7d9135f9d01ba13c3cdaf8b038c70212f159297"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7462
Md5:    b4157f2c5c3c77ce699324ecb08f47c7
Sha1:   a7d9135f9d01ba13c3cdaf8b038c70212f159297
Sha256: 2305f7afee95bb34d9e8dbff571c6b146ba7b694be96e9e925c32d1f41785916
                                        
                                            GET /wp-content/cache/wpfc-minified/86mths0t/41kvu.js HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Thu, 11 Aug 2022 14:44:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 33590
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65355)
Size:   33590
Md5:    9cce7f9a0b0947d811ae7881e41df566
Sha1:   d1384a96d6373b2cc907dad1ee5a996cbb46f53f
Sha256: a8f1b4d1e14d4d828e50a38cf685372e51622a196eb5be37c47a2dac4ffead90

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/cache/wpfc-minified/130m63we/41kvu.css HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Thu, 11 Aug 2022 14:44:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5073
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (48579)
Size:   5073
Md5:    1455a28a05089d9a6751985dd94c2cfb
Sha1:   0437523688a53c0ada2da4c16bde6137794afaf1
Sha256: a4df5226ecb5a2f19182bd787a2c534c00599f0bf691ac1950c9aa5d1b034ea1

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/elementor/thumbs/logo-Shopify-pt2y1lg4yw6bpqq6vplb81dg49gf9ohpjilch8bofc.png HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Fri, 12 Aug 2022 09:53:19 GMT
accept-ranges: bytes
content-length: 4282
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 140 x 36, 8-bit/color RGBA, non-interlaced\012- data
Size:   4282
Md5:    bb0d0772bad9b88c081ba7fca06fb12d
Sha1:   1b7acc88cfd137af21fcb0ff9abbfb768703105c
Sha256: 2b30b52b80fc37cf53eb939f18dcd399b8103c4b20e6166965dc94860201a4b0

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/elementor/thumbs/logo-Wordpress-pt2y1nbtck8wcyngkqekd0wdb175p2p67rwbfs8w2w.png HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Fri, 12 Aug 2022 09:53:19 GMT
accept-ranges: bytes
content-length: 3901
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 140 x 36, 8-bit/color RGBA, non-interlaced\012- data
Size:   3901
Md5:    062bb3f100224787c8cac10a5d2c6be9
Sha1:   c3a5853928262f97cccd1b2fb26b4dc2ec186671
Sha256: bfcb4f63fd7bc27818b902f77c88b46927df345b4eabda9917d2726e8dcbe517

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/elementor/thumbs/elementor-pt2y17ck4dn0vlao61hwomxj7hdx27xqhkt2a2wl0o.png HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Fri, 12 Aug 2022 09:53:19 GMT
accept-ranges: bytes
content-length: 3986
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 140 x 36, 8-bit/color RGBA, non-interlaced\012- data
Size:   3986
Md5:    e0d48d94a0a35ba69a314be3fec11d0d
Sha1:   500a7bc35022a71787837ae5ebea5871c327111f
Sha256: 2fa14fbb7bd5461d3af10e4a60658663059a47f33e776bd59322550ffa23380c

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/elementor/thumbs/logo-HTML5-pt2y1b3wvps66157k34eylzdl0vdx0cnu3f076r0bs.png HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Fri, 12 Aug 2022 09:53:19 GMT
accept-ranges: bytes
content-length: 2783
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 140 x 36, 8-bit/color RGBA, non-interlaced\012- data
Size:   2783
Md5:    fb7d6a3ac5382e210a60a577eec114b0
Sha1:   ef2f93c62c461e173df98bc219088fe71d6e5844
Sha256: 25058f0da8b2c7977897f1ec0f87849968d74049568eaebe343b2741e0697f5f

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/elementor/thumbs/logo-CSS3-pt2y1988i1plit7xv2b5tmgge94nhm575u418mtso8.png HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Fri, 12 Aug 2022 09:53:19 GMT
accept-ranges: bytes
content-length: 2897
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 140 x 36, 8-bit/color RGBA, non-interlaced\012- data
Size:   2897
Md5:    25bafe78742a2d6acd0ed82a7446fa7d
Sha1:   d45bd52541342b02f243bba3ed622bdcdc422603
Sha256: 19057893cd0d90ad5cd83bf7a4926804b76e315e0ab21e0df4792487c0d0513c

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/elementor/thumbs/namecheap-pt2y1s10aqfbz0gmtafp7hpo9yjzrk7twf5qu61x7s.png HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Fri, 12 Aug 2022 09:53:19 GMT
accept-ranges: bytes
content-length: 3333
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 140 x 36, 8-bit/color RGBA, non-interlaced\012- data
Size:   3333
Md5:    1564a44d7e81ddf5227dd4766aa508cb
Sha1:   e7046f47130b781bd3cac4bf2c8cbe298fb8c46f
Sha256: dbbdd9028c8e464ff576e979c347635b5ff867e138c89cbfb35e01a889dc5c20

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/elementor/thumbs/logo-Photoshop-pt2y1jkgl83r2isx6os231uixhpouaa8v9adioegrs.png HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Fri, 12 Aug 2022 09:53:19 GMT
accept-ranges: bytes
content-length: 3768
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 140 x 36, 8-bit/color RGBA, non-interlaced\012- data
Size:   3768
Md5:    ae4de1fa77573dd7a2ac69896c473065
Sha1:   9f4a6d1b9f8658f901808ecf998eb9b11577f502
Sha256: 205ecd1e43eca1def39d6a6c2075646e19c7d06a1e4976805ec3bb5497b906d8

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/elementor/thumbs/logo-HostGator-pt2y1a62ovqvuf6kpkpse47wzn00pb8xhyripwsei0.png HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Fri, 12 Aug 2022 09:53:19 GMT
accept-ranges: bytes
content-length: 4910
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 140 x 36, 8-bit/color RGBA, non-interlaced\012- data
Size:   4910
Md5:    9071bcb5a072e810ac270a86196f17fc
Sha1:   66c4075cae05c95075e3bf19f93082fa5646208c
Sha256: 6df6139a2c6985b6bb6973f99056bccf830c81d084c183b9004e277c7b9e7124

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/elementor/thumbs/shopee-pt2y13l7d1hvl5g4rzveenvotxwg7fit5274cz25pk.png HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Fri, 12 Aug 2022 09:53:19 GMT
accept-ranges: bytes
content-length: 3336
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 140 x 36, 8-bit/color RGBA, non-interlaced\012- data
Size:   3336
Md5:    765fdc719233f33a0cf8a98f3d99011c
Sha1:   c61f8531ad94e63e51a8e114e31b236a31bb26ba
Sha256: 933e91f9c6e053735b422e6d9b3c29480ddc4f4cf71ad4d27600854ed16297a6

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/elementor/thumbs/logo-WPengine-pt2y1p7hq8bh06kq9r7ti0fahsxw4gwmw17aec63qg.png HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Fri, 12 Aug 2022 09:53:19 GMT
accept-ranges: bytes
content-length: 3271
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 140 x 36, 8-bit/color RGBA, non-interlaced\012- data
Size:   3271
Md5:    fcef63af0518b0d13041502544a3d231
Sha1:   577da15dc9e891c9349f2fe06178dad290808472
Sha256: 748cd20d28be695bafeaae7d1eb85c1cd407e6d88c58faaddadcf3c0d583628a

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/elementor/thumbs/Untitled-2-pt2y15gvqpkg8ddeh0onjnem0pn6mtq9tbi3bizdd4.png HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Fri, 12 Aug 2022 09:53:19 GMT
accept-ranges: bytes
content-length: 3375
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 140 x 36, 8-bit/color RGBA, non-interlaced\012- data
Size:   3375
Md5:    1925d84fe3988cec8251658434b22a6b
Sha1:   066b07e1353baab964a68744b2c89633dd7485c1
Sha256: b9cbf8fbeb39bf8709c71425a83803cd0b2fa18842fce009eaa9e5171d4424e2

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/elementor/thumbs/logo-Illustrator-pt2y1dxfg7w14v143mcao39rd6hhk3nuuhdgn0mtt4.png HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Fri, 12 Aug 2022 09:53:19 GMT
accept-ranges: bytes
content-length: 3688
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 140 x 36, 8-bit/color RGBA, non-interlaced\012- data
Size:   3688
Md5:    747b717b917ab49daae2e7d54e3c7d3e
Sha1:   8827fb28d9254a363724c965086ca8ec14ae641a
Sha256: 497cb2861e9ef3a90f9fa8b2b85ee201f4ee6f9b37fa9b9cdae0fab18de5832f

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/cache/wpfc-minified/lx9btp4a/41kvu.css HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Thu, 11 Aug 2022 14:44:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3345
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (36838), with no line terminators
Size:   3345
Md5:    3053705e86436f1507e5f5e3d9c78611
Sha1:   2cfe3797cb07db8ad1584986004a59755ceef7e5
Sha256: e9d21ad4e49760e27bf26891ccd4ff0acd7acb7895d7ff234d25604d99ea4e32

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js?ver=1.0.0 HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Mon, 08 Aug 2022 13:57:47 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 953
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3164), with no line terminators
Size:   953
Md5:    4a7d773f90facef221a9cfa11bdb2973
Sha1:   5ecb3100b641b2af7f7d56533a14b23fcaf15787
Sha256: 0fe42ed1de09f98dd0cc32f562d016a8d9cc13fcd0a0d407a11a66714c999fca

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.4.2 HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Tue, 22 Nov 2022 11:12:20 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2731
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (8185), with no line terminators
Size:   2731
Md5:    ba446cbbeaa0ebc4d483c0af3c8011a9
Sha1:   b3db5d00f7eb45930023bee244092cd0cd38c1a8
Sha256: 54afa453a475042c53f887f928eccc98162050432fecb325caf3df562a484a44

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/essential-addons-elementor/eael-2.js?ver=1668610908 HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Thu, 11 Aug 2022 21:15:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 626
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1594), with no line terminators
Size:   626
Md5:    32774a9240f7180491544bc57c2c34ac
Sha1:   b3c625489a17de8eacdc131a0c58dd0925497edf
Sha256: 646361968934ca7f7459cf22d81bc56f40e446376c49a94bbf22f4691aee7ed1

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1 HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Wed, 16 Nov 2022 06:34:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6935
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (25115)
Size:   6935
Md5:    e8d8c6e4997a420abc51e5fa8c1caa8b
Sha1:   39ae930f057de725cff8549eed82f31f8d0816c1
Sha256: 730b8265b47a7f9bf014b64fb5c27f9f1cff1051dbf53e60ceb3cc16def732cc

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Sun, 14 Jun 2020 04:23:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1733
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5477)
Size:   1733
Md5:    fa921f07ecc438baf227765de450e215
Sha1:   1fdd49d8bb681cb118ea8d67d4fc61b0ad46cc95
Sha256: b2cc68637048b04952a2f33163f64571145dbe0817a14c68fe6f1661bd81091f

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.8.1 HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Wed, 16 Nov 2022 06:34:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2208
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5191)
Size:   2208
Md5:    e4998c3ccd0be231c124cc8b901c9fb3
Sha1:   48f7574440965c442de02067c8a830fd2ce88533
Sha256: d7cb3803938f026316dd1ac3056c785c9a56148783a8d8180c1aa0bb0a5e7961

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1 HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 2274
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4918)
Size:   2274
Md5:    42c158f69cb0e3a2a07a7e4aa108138d
Sha1:   a0887957851c1fb2a575429361e17a75d28f3f70
Sha256: c97662942502af783f14fca6970a683f62d7d10f112e867c52f34d9b6a272d07

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1 HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10425
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (32907)
Size:   10425
Md5:    72fd7d7a61961996172a081cb3eed6cb
Sha1:   7f6d4dc14ef08153606c57d374fd50b685ba383d
Sha256: 757fe1355fa4c3eed3c286520c6af9d344ab9d15a78d8d54a17e7573f866b9be

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 19:59:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 19:59:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 19:59:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.glennmarkdizon.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:08 GMT
expires: Thu, 23 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 87897
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 19:59:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/rubik/v21/iJWEBXyIfDnIV7nEnX661A.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.glennmarkdizon.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 34500
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 03:40:18 GMT
expires: Wed, 22 Nov 2023 03:40:18 GMT
cache-control: public, max-age=31536000
age: 231527
last-modified: Mon, 18 Jul 2022 19:24:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 34500, version 1.0\012- data
Size:   34500
Md5:    faff0ee016116a366390902ac4445672
Sha1:   f0392ff9fc0b9fd3169662810504bb0108857e4a
Sha256: 7537368c23adecd664ec589e81d5279bbc5ff02c09d52247daf460e2046c4cdc
                                        
                                            GET /s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.glennmarkdizon.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:56:18 GMT
expires: Thu, 23 Nov 2023 18:56:18 GMT
cache-control: public, max-age=31536000
age: 90167
last-modified: Wed, 11 May 2022 19:24:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 17368, version 1.0\012- data
Size:   17368
Md5:    abe083d96b58eb02ada8b7c30d7b09f2
Sha1:   61447d66d13a8c8f4335696777a85c438c46f749
Sha256: db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
                                        
                                            GET /s/teko/v15/LYjCdG7kmE0gdRhYsCRgqA.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.glennmarkdizon.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 20:06:17 GMT
expires: Tue, 21 Nov 2023 20:06:17 GMT
cache-control: public, max-age=31536000
age: 258768
last-modified: Wed, 27 Apr 2022 16:11:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 12908, version 1.0\012- data
Size:   12908
Md5:    16665b9f4631861e47e30e227eea4da4
Sha1:   bf293bdca2aea57481dd3055cbfc8ae63e132302
Sha256: 3ac7f47be06ed56cebf7d19f23386fa58144a3fec5dfb68a82edcecc20df444a
                                        
                                            GET /s/teko/v15/LYjCdG7kmE0gdVBesCRgqA.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.glennmarkdizon.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13196
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 18 Nov 2022 23:39:55 GMT
expires: Sat, 18 Nov 2023 23:39:55 GMT
cache-control: public, max-age=31536000
age: 505150
last-modified: Wed, 27 Apr 2022 16:17:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 13196, version 1.0\012- data
Size:   13196
Md5:    5b9fce771bd530ab9767e2b5aebd28c1
Sha1:   28ee5935b59df8b2d6876707e1f0f0e6768d2d31
Sha256: a3bf77e9dea5a047c348fa98ccbeb5d5e07de3541ce0a2dfb243690da964804c
                                        
                                            GET /s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.glennmarkdizon.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13324
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 21:50:27 GMT
expires: Thu, 23 Nov 2023 21:50:27 GMT
cache-control: public, max-age=31536000
age: 79718
last-modified: Wed, 27 Apr 2022 17:05:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 13324, version 1.0\012- data
Size:   13324
Md5:    b4082c888eefa2dca3fe2c9d46a87180
Sha1:   05aeb6c58175f659fe59eaca5a9d3735dd0530e3
Sha256: 352ad1513eeaeec51060f01d5bed32345862ec4d9c0802b81e0a47885951e4b6
                                        
                                            GET /s/teko/v15/LYjCdG7kmE0gdQhfsCRgqA.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.glennmarkdizon.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 23:59:27 GMT
expires: Thu, 23 Nov 2023 23:59:27 GMT
cache-control: public, max-age=31536000
age: 71978
last-modified: Wed, 27 Apr 2022 16:12:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 12920, version 1.0\012- data
Size:   12920
Md5:    4e9bb95d9d1d1977ad49de19cc440798
Sha1:   f329c5954156fda7ad91aca3f7176825e1deeaa7
Sha256: 7ca4f53e3c51595a3147ed5b6c325af58291810132602f0b2bc9305faeea770b
                                        
                                            GET /s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.glennmarkdizon.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Nov 2022 21:38:57 GMT
expires: Fri, 17 Nov 2023 21:38:57 GMT
cache-control: public, max-age=31536000
age: 598808
last-modified: Mon, 18 Jul 2022 19:32:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 33580, version 1.0\012- data
Size:   33580
Md5:    848cd2ecd011428969dc6b90431bc482
Sha1:   6b1a7b562a56bd54510e0f6f95e26babca331a1b
Sha256: 981307dcbbd348f6fb4e3eab184077392f9ee15097ea868f630debefad9044e9
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 19:59:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Mon, 11 Apr 2022 21:34:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2354
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6475), with no line terminators
Size:   2354
Md5:    4e773d7cec56bacab6d2db420be6f262
Sha1:   c95573d884c1caec0ec9c6f3e2a8c0fbf28d939a
Sha256: 5c8839d0b02f21e8d83d856bbf85a6b87fbedf9ba0b70711b11a1c378d5443e7

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/cache/wpfc-minified/6jw9eva4/41kvu.css HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Thu, 11 Aug 2022 14:44:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 876
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11736), with no line terminators
Size:   876
Md5:    75770153fafe35685a4fd3af6fc83d2d
Sha1:   77bfd1b39a070d3dabfa7d0994e737638871f540
Sha256: 2b85df6dfce745a3560d171f592e0264c9d3d9ac67e28d45da8b3a17f7fdbb17

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/cache/wpfc-minified/fptr1xbo/41kvu.css HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Thu, 11 Aug 2022 14:44:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2442
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (10019)
Size:   2442
Md5:    d2db71c82a8f672aea59a3e050cd8cd7
Sha1:   af626566f94b3164e4310288cfb142431e8349a6
Sha256: bcd2c9c2ba22a48a8fabf9fbe5e947deb6404367e4be24f48326e302aead1180

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Wed, 02 Nov 2022 03:43:21 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6335
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (17819), with no line terminators
Size:   6335
Md5:    fecbc00e8af71d8cfb678cd811c7cb2e
Sha1:   44e5dd77f62cb5c67271442b75cdff10d45f2f8d
Sha256: d6f03fb4728d0c23251451df8d66b5107d3c87458dc624aacfbad437e99d01f1

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5 HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Mon, 11 Apr 2022 21:34:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1575
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4875)
Size:   1575
Md5:    06a8ac0e71976bc143cfa7861a31169d
Sha1:   def6031fe13259bf17752661832d815e37068bf2
Sha256: e6f42d97e7299522bbb002364128fdf72cd22263ca72c5edc41dcd8f4672cd33

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Wed, 02 Nov 2022 03:43:21 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3717
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   3717
Md5:    f7acc55c5b34188d3e66c5f2ecf3ba80
Sha1:   802270f7a221e406af63d622d364b119d912c15b
Sha256: 826c4e13764f5bf1bd0a17f2e693d943f8605df1024815f67f43694f4338b713

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.8.1 HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Wed, 16 Nov 2022 06:34:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5541
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (21520)
Size:   5541
Md5:    f0e84537d354c9d7fb417acba75f1653
Sha1:   951a99450e68b70dd4fe96d2e9d78bac403c300e
Sha256: 5583cd2973b67e37163e8bbc5c83e3d0f5b73e0457ec7b3d0d1748b6ea6e5d3a

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Wed, 11 Jan 2017 21:35:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2867
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (12198), with no line terminators
Size:   2867
Md5:    869caa171b68cbec9fee5abbfb944ee8
Sha1:   f237e485e41f88b77384cfdb880f9d5a8f46eac8
Sha256: 25c2896e2790fb0e52f6b6ba1ce97bd87eb40463b4bb65ba16ad434c1d7a36dc

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Wed, 02 Nov 2022 03:43:20 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6800
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (8189)
Size:   6800
Md5:    3d0ff0f6731d9cef860af9a5a0e3ce62
Sha1:   13aed444304d782039e261475c8b4450b83e743e
Sha256: e8d05db77732c71843ced6f386ea82eb32243ac36e7ca3e071cb7f53e2ffbce5

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1 HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 14013
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (40474)
Size:   14013
Md5:    80ea5e6364819060d3ff0eb352c659b7
Sha1:   f0be9c1c7847452e72308179235c6174c996233b
Sha256: adb011166bf2c942b960995ea4fc1c74a7981c5d025164ee8935db98ddb07b19

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.8.1 HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Wed, 16 Nov 2022 06:34:13 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 6449
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (24753)
Size:   6449
Md5:    d96ee6f32f0e67ba70c27a29700c0115
Sha1:   587a4e1c432a35a9c53ba3380b8aa204a176fbd4
Sha256: 86e714e095b0a12d1cbcf4f7bfade2978db9e3010821400709ec154ba343aede

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.8.1 HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Wed, 16 Nov 2022 06:34:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1442
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3720)
Size:   1442
Md5:    28591e063f51afa032f2605cfb94e626
Sha1:   abdf45f59842867e3e07a79b902b59b53cdb02c7
Sha256: a9801cf7c307371a05e3353dcf3da66ae32588136a92732a88d0745b8e08d100

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2022/08/glow.jpg HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Thu, 11 Aug 2022 00:58:48 GMT
accept-ranges: bytes
content-length: 153099
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, progressive, precision 8, 600x1765, components 3\012- data
Size:   153099
Md5:    c209af520cd47ed4f20470621981b2e4
Sha1:   0a02fc1ebdaefdde41c2c7ffadf5202a64252900
Sha256: 27c9a0749205167838c52ff9de0422fc39698683af1c72875f1ebf2c2772e871

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2022/08/go.jpg HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Fri, 12 Aug 2022 09:32:32 GMT
accept-ranges: bytes
content-length: 185417
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, progressive, precision 8, 600x1897, components 3\012- data
Size:   185417
Md5:    b84f3f0c427735cba8b8a0fe78557a7b
Sha1:   2766dd223c34865ea7696b6d24c5a78f948182c9
Sha256: 017a5a0a0f0343549f728d37b827f94748feaeceddfcf97746b9fdfbd4f1af56

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2022/08/bg.webp HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/wp-content/uploads/elementor/css/post-2.css?ver=1668582133
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: image/webp
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Wed, 10 Aug 2022 21:49:14 GMT
accept-ranges: bytes
content-length: 50346
date: Thu, 24 Nov 2022 19:59:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   50346
Md5:    9fcf1463c71292f02f3c204f637e05b1
Sha1:   e8399d14c60f329c97c0cc2700a9d545aac4bf51
Sha256: eb385a1d07c938205381ddba2642b44b06c1089e5478ff9c8106d6e61281457a

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2022/08/dmp.jpg HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Thu, 11 Aug 2022 00:58:37 GMT
accept-ranges: bytes
content-length: 238029
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, progressive, precision 8, 600x1853, components 3\012- data
Size:   238029
Md5:    5c3e5995264dcff7048d5172bc8d6fca
Sha1:   9be54a3966d9e986fbda64ff9dd4b41c983afcc7
Sha256: 40bc3f4431bf873d953b805d84d15db8187f6a96b2b0bcb12709346868beae71

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2022/08/web-design.png HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Wed, 10 Aug 2022 18:10:51 GMT
accept-ranges: bytes
content-length: 17423
date: Thu, 24 Nov 2022 19:59:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 256 x 256, 16-bit/color RGBA, non-interlaced\012- data
Size:   17423
Md5:    3e3db35e684d78168abce6cb1524b3b3
Sha1:   9c0afc30bdf6f5e31ec1bee7727ba228795d8681
Sha256: 0d6efa5c1b5bb5c2047bb05d6978e1310e14edc330da92a3bcab0af93ffd47c4

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2022/08/Industry-Bold.woff HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://www.glennmarkdizon.com/wp-content/uploads/elementor/css/post-31.css?ver=1668580952
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: font/woff
                                        
cache-control: public, max-age=604800
expires: max-age=A10368000, public
last-modified: Wed, 10 Aug 2022 14:47:54 GMT
accept-ranges: bytes
content-length: 21988
date: Thu, 24 Nov 2022 19:59:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 21988, version 0.0\012- data
Size:   21988
Md5:    7625d0cbac06b1c7f639d3e5b19dbd2e
Sha1:   222614bc82fff15ecdc843927e0707d97eb7261e
Sha256: 3a9054fdd24aea91754ac01e4ca2bab64622c02900c4dec131be8789aedbf367

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5519
Cache-Control: max-age=111138
Date: Thu, 24 Nov 2022 19:59:07 GMT
Etag: "637ec69e-1d7"
Expires: Sat, 26 Nov 2022 02:51:25 GMT
Last-Modified: Thu, 24 Nov 2022 01:19:26 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /wp-content/uploads/2022/08/ui.png HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Wed, 10 Aug 2022 18:10:50 GMT
accept-ranges: bytes
content-length: 27319
date: Thu, 24 Nov 2022 19:59:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 256 x 256, 16-bit/color RGBA, non-interlaced\012- data
Size:   27319
Md5:    a1775be50c6146a33e111eb99e4c0748
Sha1:   a87376ac5da476b9107e35160651efaa4f97a646
Sha256: 6289975037106e189a89cafeff127d0cfdb34db504df3d16bba0c35a6bbcac0d

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2022/08/2.jpg HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Thu, 11 Aug 2022 00:14:37 GMT
accept-ranges: bytes
content-length: 213053
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1894x972, components 3\012- data
Size:   213053
Md5:    217c9ab0419a92e5faca541e47d46596
Sha1:   c64ada491942b98c079a1a488e805f93b1ae503d
Sha256: 74fd72bcd233e7ccb122f9b4b8cff9b90cc7c9c44a3d1ac22e99fc8a0c0a26eb

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /assets/booking/js/locales/en-5ce89ddb.chunk.js HTTP/1.1 
Host: assets.calendly.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Cookie: __cf_bm=37hwnrPCUu_OBWTr3Teh2yzEu8KSP5HTYXLCq54PPXU-1669319944-0-AVS0QNd/eSpmx5A+DOin9r5niJlyQXxy/jT41UvwvEDEz/4MXl3/68t0rAhxjDjncM6bd/CD5uWVKf+L6/ifMII=; __cfruid=690fc1972f5ae59fbd36ba522948ffd4515b8537-1669319946
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         172.66.43.26
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 24 Nov 2022 19:59:07 GMT
cf-ray: 76f4b926ff2bb529-OSL
age: 284553
cache-control: public, max-age=31536000
etag: W/"5777d56f8757afb041bd71777ba2c269"
expires: Fri, 25 Nov 2022 19:59:07 GMT
last-modified: Mon, 21 Nov 2022 12:51:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
cf-bgj: minify
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (25489), with no line terminators
Size:   9038
Md5:    35b3bf3e63c7324c2d2267fa3745b993
Sha1:   da0386c29eb21020fa5574ccdbf7c3e53ca0a271
Sha256: 9f61ed30601ef521806c5fa50e186a798631ab1ce258016ff49425903d155f85
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/js/nav-menu.3de49ba5ef86f9a22ff5.bundle.min.js HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Wed, 16 Nov 2022 06:34:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1172
date: Thu, 24 Nov 2022 19:59:06 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3262)
Size:   1172
Md5:    1f95630d4f2fb8bf9de5439bbcbd90e7
Sha1:   b54331bd36ece8ecce75a79317cf580ec4db55c8
Sha256: 956f6c7592a93b3b069f9a1958cb992ff789a6e9c40aae30f68e0a858d9dd02a

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/js/animated-headline.ffb4bb4ce1b16b11446d.bundle.min.js HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Wed, 16 Nov 2022 06:34:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2613
date: Thu, 24 Nov 2022 19:59:06 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (7828)
Size:   2613
Md5:    84d2b938cc5d8f6afe1819a456eca7cf
Sha1:   19c881484ea45407eed28135f284448d1ae26388
Sha256: c6eece1ddff8d9c24132eba8970829a3b029777806da856193b11639f9229bce

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 599
date: Thu, 24 Nov 2022 19:59:06 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1320)
Size:   599
Md5:    b59e163b50b8e62a7e08b4ce88241b48
Sha1:   4f45b1e9e0270133c35c43a1a33d5b2d292b8693
Sha256: 73ba293d6c6c5c89f37eb310eead199d2a7268ada96c881f41ec8ca5b7f693bb

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/elementor/assets/js/image-carousel.e02695895b33b77d89de.bundle.min.js HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1106
date: Thu, 24 Nov 2022 19:59:06 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2738)
Size:   1106
Md5:    342e83f267626b6f21cf7991fec9cf80
Sha1:   c05d9303d2d4e452fbbea9b3f9f95971619e81ce
Sha256: 83ccf5a8047707030e4ee4d08611ec393a84a8ff9ebc24e1798e54716af23076

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2022/08/gmd-logo-with-white.png HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Wed, 10 Aug 2022 16:02:04 GMT
accept-ranges: bytes
content-length: 55618
date: Thu, 24 Nov 2022 19:59:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 494 x 348, 8-bit/color RGBA, non-interlaced\012- data
Size:   55618
Md5:    a44ca03f27dda10a0eece2ccb8bfe4db
Sha1:   2da349e8768d68b51ecdfa95cc671a7468edbc7f
Sha256: 8c949245ee63715a22e03bade20eefabafb3ee3712b16994bcecb6ba54d767f5

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1 
Host: www.glennmarkdizon.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://www.glennmarkdizon.com/wp-content/cache/wpfc-minified/ehs6yavo/41kvu.css
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         198.187.29.109
HTTP/2 200 OK
content-type: application/font-woff2
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Thu, 17 Jun 2021 14:07:24 GMT
accept-ranges: bytes
content-length: 76764
date: Thu, 24 Nov 2022 19:59:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 76764, version 331.-31261\012- data
Size:   76764
Md5:    f7307680c7fe85959f3ecf122493ea7d
Sha1:   fce0da592a3e536d6d5df5b50cb513398d8c5161
Sha256:&nb