Report - glennmarkdizon.com/

Report Overview

Submitted URL
glennmarkdizon.com/
IP
198.187.29.109
ASN
#22612 NAMECHEAP-NET
Submitted
2022-11-24 19:59:15
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
368

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.148.213.75
c.bing.com	247	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	478 B	795 B	13.107.21.200
b.clarity.ms	3462	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	937 B	582 B	20.75.32.255
heapanalytics.com	27367	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	706 B	361 B	54.159.51.104
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	746 B	142.250.74.10
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.5 kB	9.1 kB	142.250.74.3
assets.calendly.com	15697	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	12 kB	172.66.43.26
www.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	435 B	164 kB	142.250.74.163
m.stripe.network	1204	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	864 B	18 kB	151.101.84.176
geolocation.onetrust.com	802	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	428 B	88 kB	104.18.27.85
d3v0px0pttie1i.cloudfront.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	842 B	108 kB	143.204.42.220
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.9 kB	161 kB	216.58.207.195
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	59 kB	34.120.237.76
calendly.com	6123	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	13 kB	172.66.43.26
data.pendo.io	1459	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	1.4 kB	34.107.204.85
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	5.4 kB	93.184.220.29
glennmarkdizon.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	798 B	1.7 kB	198.187.29.109
cdn.heapanalytics.com	3660	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	375 B	120 kB	54.230.111.52
cdn.pendo.io	1165	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	403 B	1.0 kB	54.230.111.15
c.clarity.ms	803	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	476 B	555 B	20.234.93.27
m.stripe.com	1092	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	443 B	682 B	52.39.215.30
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.76.226
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
cdn.segment.io	18102	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.2 kB	72 kB	54.230.111.79
www.recaptcha.net	2060	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	421 B	1.2 kB	142.250.74.131
www.clarity.ms	1404	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	774 B	56 kB	13.107.227.53
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	700 B	2.0 kB	143.204.42.165
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	963 B	172.64.155.188
www.glennmarkdizon.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	34 kB	4.4 MB	198.187.29.109
cdn.cookielaw.org	502	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	40 kB	104.16.148.64
js.stripe.com	1149	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	104 kB	143.204.55.68
js.appboycdn.com	5270	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	374 B	549 B	104.17.218.31

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-24	medium	glennmarkdizon.com/	Malware
2022-11-24	medium	glennmarkdizon.com/	Malware
2022-11-24	medium	www.glennmarkdizon.com/	Malware
2022-11-24	medium	www.glennmarkdizon.com/wp-content/uploads/elementor/css/post-11.css?ver=1668580950	Malware
2022-11-24	medium	www.glennmarkdizon.com/wp-content/uploads/elementor/css/post-31.css?ver=1668580952	Malware
2022-11-24	medium	www.glennmarkdizon.com/wp-content/uploads/elementor/css/post-2.css?ver=1668582133	Malware
2022-11-24	medium	www.glennmarkdizon.com/wp-content/themes/hello-theme-child-master/style.css?ver=1.0.0	Malware
2022-11-24	medium	www.glennmarkdizon.com/wp-content/uploads/elementor/css/post-19.css?ver=1668580952	Malware
2022-11-24	medium	www.glennmarkdizon.com/wp-content/cache/wpfc-minified/86mths0t/41kvu.js	Malware
2022-11-24	medium	www.glennmarkdizon.com/wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js?ver=1.0.0	Malware
2022-11-24	medium	www.glennmarkdizon.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.4.2	Malware
2022-11-24	medium	www.glennmarkdizon.com/wp-content/uploads/essential-addons-elementor/eael-2.js?ver=1668610908	Malware
2022-11-24	medium	www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1	Malware
2022-11-24	medium	www.glennmarkdizon.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4	Malware
2022-11-24	medium	www.glennmarkdizon.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1	Malware
2022-11-24	medium	www.glennmarkdizon.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1	Malware
2022-11-24	medium	www.glennmarkdizon.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9	Malware
2022-11-24	medium	www.glennmarkdizon.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5	Malware
2022-11-24	medium	www.glennmarkdizon.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae	Malware
2022-11-24	medium	www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.8.1	Malware
2022-11-24	medium	www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.8.1	Malware
2022-11-24	medium	www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.8.1	Malware
2022-11-24	medium	www.glennmarkdizon.com/wp-content/uploads/2022/08/bg.webp	Malware
2022-11-24	medium	www.glennmarkdizon.com/wp-content/uploads/2022/08/Industry-Bold.woff	Malware
2022-11-24	medium	www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/js/nav-menu.3de49ba5ef86f9a22ff5.bundle.min.js	Malware
2022-11-24	medium	www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/js/animated-headline.ffb4bb4ce1b16b11446d.bundle.min.js	Malware
2022-11-24	medium	www.glennmarkdizon.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js	Malware
2022-11-24	medium	www.glennmarkdizon.com/wp-content/plugins/elementor/assets/js/image-carousel.e02695895b33b77d89de.bundle.min.js	Malware
2022-11-24	medium	www.glennmarkdizon.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2	Malware
2022-11-24	medium	www.glennmarkdizon.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.16.0	Malware
2022-11-24	medium	www.glennmarkdizon.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2	Malware
2022-11-24	medium	www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/js/carousel.9b02b45d7826c1c48f33.bundle.min.js	Malware

mnemonic secure dns

Scan Date	Severity	Indicator	Alert
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed
2022-11-24	medium	glennmarkdizon.com	Sinkholed

JavaScript (61)

	URL	Size	First Seen	Last Seen
	www.glennmarkdizon.com/	1.2 kB	2023-03-11	2023-03-11
Pretty URL www.glennmarkdizon.com/ IP 198.187.29.109 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:18:12 Last Seen2023-03-11 19:18:12 Times Seen1 Hash 1d1213d75c416a6625d26682928d59ce 8b3284d5610c65039aae900a1e618d8c692a93c5 d4c38d4cca9a04fd29f09573b18cc41ce27ecf89c6a29cf18ab3149d1062152b Loading...

	www.clarity.ms/tag/d8idw26pe6?ref=bwt	1.3 kB	2023-03-11	2023-03-11
Pretty URL www.clarity.ms/tag/d8idw26pe6?ref=bwt IP 13.107.227.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:18:12 Last Seen2023-03-11 19:18:12 Times Seen1 Hash 513b5c31dcdd6995377b711f4e0507a4 7ed626497ecb79580a5fee0bff7d731920d41d1c c0593295de92a029dbe3959bcbfef48f557f7ae304e90614690fb9e097c14d0e Loading...

	www.glennmarkdizon.com/	68 B	2023-03-07	2024-04-24
Pretty URL www.glennmarkdizon.com/ IP 198.187.29.109 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-24 22:39:34 Times Seen22461 Hash d30f13da1f424ee0383b76edc55881e1 7e348a5f57ab13eedbc4ed917cdeee5bb9f9bd46 cf01a621447e67a81629bc28276677c86c48fd72c44cba83a82448574aadfd60 Loading...

	www.recaptcha.net/recaptcha/enterprise.js?render=6LeAb4QUAAAAAOM9CNYSsvbnzWTByRAgm3GA5D4n	977 B	2023-03-08	2023-03-11
Pretty URL www.recaptcha.net/recaptcha/enterprise.js?render=6LeAb4QUAAAAAOM9CNYSsvbnzWTByRAgm3GA5D4n IP 142.250.74.131 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:36:23 Last Seen2023-03-11 23:50:30 Times Seen1 Hash f3c46bd094bf8db3836690f9f1ae7c01 2478d32adff38c744f2b6c09ef443bfb73537304 dbb5f392901e402507f676d286988d3c5670e41e20c3abf8fdb07b3c42daf408 Loading...

	data.pendo.io/data/guide.js/4cfbcefc-fcf9-4b66-5dc6-9b0d81bb07a9?id=4&jzb=eJxNj09rwzAMxb-LDz11TZtbA2EMNmgv-8fuQbPV1VSWgi03ZCPfvS6lYbf3xO_BT3_m7JNXiXtnGtO9v7w-v3Vf3bj98Nv1Z6LTziwNWCuZ9YpwJlqaHKnQR9U-NVVlgZAdjSsrofopmQPEU2WFUyZ9xPCNrnMSwHM7DMNqRpz_Fb6uFjdGxx7bPZNnXARhPbb1uq4fNpviEFDBgYJpZuUSp1nuVnqIyPr0_1RGePc-Y0xe-F4T0mEnSbE8dgBKOE0XZrxhFw&v=2.161.1_prod&ct=1669319948838	1.1 kB	2023-03-11	2023-03-11
Pretty URL data.pendo.io/data/guide.js/4cfbcefc-fcf9-4b66-5dc6-9b0d81bb07a9?id=4&jzb=eJxNj09rwzAMxb-LDz11TZtbA2EMNmgv-8fuQbPV1VSWgi03ZCPfvS6lYbf3xO_BT3_m7JNXiXtnGtO9v7w-v3Vf3bj98Nv1Z6LTziwNWCuZ9YpwJlqaHKnQR9U-NVVlgZAdjSsrofopmQPEU2WFUyZ9xPCNrnMSwHM7DMNqRpz_Fb6uFjdGxx7bPZNnXARhPbb1uq4fNpviEFDBgYJpZuUSp1nuVnqIyPr0_1RGePc-Y0xe-F4T0mEnSbE8dgBKOE0XZrxhFw&v=2.161.1_prod&ct=1669319948838 IP 34.107.204.85 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:18:12 Last Seen2023-03-11 19:18:12 Times Seen1 Hash aa183d2b6bc0cf23e2beab329d9472f1 645969c4a5c5eb33f5ce3db6eac550d0038ef0c5 ca230a8e0550573c8d0e79b20d7d73e904d0a4e214d0ca8cc33c4b620f4b44ec Loading...

	www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1	25 kB	2023-03-07	2024-04-24
Pretty URL www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1 IP 198.187.29.109 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-24 19:06:29 Times Seen16599 Hash 046405de007ff73e52d17dab2af75258 887cfb8a9de27005875f6e1c1d1ead43bd0865c8 533e264cc615ee4601da8d2c1dee4a8987319e53d4d7162272f067fbbf250020 Loading...

	www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.8.1	22 kB	2023-03-08	2024-04-18
Pretty URL www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.8.1 IP 198.187.29.109 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:02:56 Last Seen2024-04-18 12:55:21 Times Seen355 Hash a9c365ad6facee60ebfebf49a287fa22 8422edc3a9eae1a170d089ee915a6abee95c5d78 4a7fdd491f449c314d884b9b9b6d11cfe037179d84e567a62e1e19584881e3e9 Loading...

	www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.8.1	3.7 kB	2023-03-08	2024-04-24
Pretty URL www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.8.1 IP 198.187.29.109 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:24:56 Last Seen2024-04-24 22:39:30 Times Seen8004 Hash 3e31a0ddb1f910fc672d22e6435b95ed f478fd262840bfb394da94a2f5dd95eed4991194 34bbd1c367ffc7d80fcff86c7e5f8777e70f4911bb324e8ecfc7dd3604a96e68 Loading...

	assets.calendly.com/assets/booking/js/booking-runtime-591ea883.js	11 kB	2023-03-11	2023-03-11
Pretty URL assets.calendly.com/assets/booking/js/booking-runtime-591ea883.js IP 172.66.43.26 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 12:51:51 Last Seen2023-03-11 19:18:12 Times Seen1 Hash 04108185d0bb67b8a9d54ea4f0771100 d8c74b464d8ee885bb16fa4b03044aed47b2e300 464b802c7834885f4a3c074a19a03c8d4fe898c54212f2fddbfcfe8e8f55732e Loading...

	cdn.segment.io/next-integrations/integrations/vendor/commons.54701049fd6fb8497e9e.js.gz	75 kB	2023-03-07	2023-10-23
Pretty URL cdn.segment.io/next-integrations/integrations/vendor/commons.54701049fd6fb8497e9e.js.gz IP 54.230.111.79 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:34 Last Seen2023-10-23 08:11:03 Times Seen30 Hash c28a851c299978ef8d29b58fd781abe6 704f59cc56c369c86dddbeee2f36d6d67b5875c6 e79b59c22ca684f9de8a73d41964f0c80ee9ca68713f35c33ad4fccf8cf64ffa Loading...

	www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LeAb4QUAAAAAOM9CNYSsvbnzWTByRAgm3GA5D4n&co=aHR0cHM6Ly9jYWxlbmRseS5jb206NDQz&hl=en&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=uvfpm4p9ra61	35 kB	2023-03-11	2023-03-11
Pretty URL www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LeAb4QUAAAAAOM9CNYSsvbnzWTByRAgm3GA5D4n&co=aHR0cHM6Ly9jYWxlbmRseS5jb206NDQz&hl=en&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=uvfpm4p9ra61 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:18:12 Last Seen2023-03-11 19:18:12 Times Seen1 Hash 42577b30f4f77de066ded186666f80a2 5fb17b10ba480f85e238592c20b265f93cd9d479 59db0002d0eedad6a6d3cbe580973c5f35e157ffc8eed13209b59f5d3e977b22 Loading...

	www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.8.1	5.2 kB	2023-03-08	2024-04-18
Pretty URL www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.8.1 IP 198.187.29.109 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:02:56 Last Seen2024-04-18 12:55:21 Times Seen328 Hash f44edc9992aef81487f64b40e4e052d2 eeed718d00ea7f732c0cf73d57e4bf958e2fa1d9 cc65806adf6c251323693c9b7adb6b97e19879aa2f5428f2f05c0f08fca18404 Loading...

	assets.calendly.com/assets/booking/js/locales/en-5ce89ddb.chunk.js	26 kB	2023-03-08	2023-03-11
Pretty URL assets.calendly.com/assets/booking/js/locales/en-5ce89ddb.chunk.js IP 172.66.43.26 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:36:23 Last Seen2023-03-11 23:50:30 Times Seen1 Hash 5777d56f8757afb041bd71777ba2c269 be3bf2aca67ace76fe2897b8a572a17e98a271e3 61b7fb02c775218b7f159e68f63afe606be078d027441bf0658369f4866c6dc1 Loading...

	www.glennmarkdizon.com/wp-content/plugins/elementor/assets/js/image-carousel.e02695895b33b77d89de.bundle.min.js	2.8 kB	2023-03-08	2023-11-15
Pretty URL www.glennmarkdizon.com/wp-content/plugins/elementor/assets/js/image-carousel.e02695895b33b77d89de.bundle.min.js IP 198.187.29.109 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:27:23 Last Seen2023-11-15 13:18:40 Times Seen39 Hash 0867bc0f38d2e795b486b23f63878c94 029e570354857302d438933780aea78cb6d82db4 327f9b2dcba094127adb8f8668fa6dce7bf30e14a9f9166cc7fa1f5f03aecbbf Loading...

	www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/js/carousel.9b02b45d7826c1c48f33.bundle.min.js	5.0 kB	2023-03-10	2024-04-19
Pretty URL www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/js/carousel.9b02b45d7826c1c48f33.bundle.min.js IP 198.187.29.109 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 05:41:26 Last Seen2024-04-19 14:54:08 Times Seen18 Hash 72b874baab48968bb26429c676107ca0 d20b25a5fbed8812fd4306096b23122ee0a30933 104ff52b0da087bad525dd0248fc30895dd36f2a9c50fe6371e2bea7bb383985 Loading...

	cdn.segment.io/analytics-next/bundles/ajs-destination.bundle.f10d3096539d72f6123e.js	8.6 kB	2023-03-08	2023-03-12
Pretty URL cdn.segment.io/analytics-next/bundles/ajs-destination.bundle.f10d3096539d72f6123e.js IP 54.230.111.79 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:36:23 Last Seen2023-03-12 17:59:35 Times Seen1 Hash 3fe4d92339c7d21c57f0044fcdcf5274 37ea36bd0be6e5e8fe9c40bbcbfc660c2d2f67fc d69f268036b3545e930a8b74711a739e7e973debc9bd006841cbd2a558b44432 Loading...

	www.glennmarkdizon.com/	314 B	2023-03-11	2023-03-11
Pretty URL www.glennmarkdizon.com/ IP 198.187.29.109 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:18:13 Last Seen2023-03-11 19:18:13 Times Seen1 Hash 688e85f5639e4dff6275f1a9fba43777 4a1faf758411187e5fc2a998540f272ac2930df0 cae4b0d2148ffc4f46ac32b3eb2ef20d205a3d9db24cda247b62be63552d90f5 Loading...

	www.glennmarkdizon.com/wp-content/uploads/essential-addons-elementor/eael-2.js?ver=1668610908	1.6 kB	2023-03-11	2024-01-28
Pretty URL www.glennmarkdizon.com/wp-content/uploads/essential-addons-elementor/eael-2.js?ver=1668610908 IP 198.187.29.109 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:18:13 Last Seen2024-01-28 12:22:12 Times Seen3 Hash 7040427ded85611d93f1baafeef2daf9 57aff87c4bb03b0b10e05b3b0e8924af421ec7f8 3a50923d2fbc04f0bb77a34b7423f387f16b614d84bca233916b16889c3e0118 Loading...

	www.glennmarkdizon.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5	4.9 kB	2023-03-07	2024-04-24
Pretty URL www.glennmarkdizon.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5 IP 198.187.29.109 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-24 18:24:18 Times Seen24388 Hash b33ab4d5dcf02436276a717e9d1b7c18 f47b9a9c41b3b11c9dffabca22945727c3ec6566 9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134 Loading...

	www.glennmarkdizon.com/	2.3 kB	2023-03-11	2023-03-11
Pretty URL www.glennmarkdizon.com/ IP 198.187.29.109 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:18:13 Last Seen2023-03-11 19:18:13 Times Seen1 Hash 15b664d4ff55aac6cfbb5b06cccdaaa4 fdc424974fb70b097894f3175ae4e02c3501fec8 a700325d56395fdfd6a21a36a3fd7e73cf30c101e16a292cf83ddc5e133f060a Loading...

	calendly.com/glennmark/consult?embed_domain=www.glennmarkdizon.com&embed_type=Inline	120 kB	2023-03-11	2023-03-11
Pretty URL calendly.com/glennmark/consult?embed_domain=www.glennmarkdizon.com&embed_type=Inline IP 172.66.43.26 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:18:13 Last Seen2023-03-11 19:18:13 Times Seen1 Hash f35e973ede1bd23406403e5e4f07baaf 7c806ff6db970081e52957e19de5cee250d09496 e7e24d0b43d5d4a6212576b47bb8c079b5ac09aed69ddabeffd56c053b00a6ac Loading...

	calendly.com/glennmark/consult?embed_domain=www.glennmarkdizon.com&embed_type=Inline	64 B	2023-03-08	2024-03-06
Pretty URL calendly.com/glennmark/consult?embed_domain=www.glennmarkdizon.com&embed_type=Inline IP 172.66.43.26 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:36:23 Last Seen2024-03-06 16:35:11 Times Seen450 Hash 567353b92170ae88b81b17b6b8181a45 9800de614863d081da3ea8fe6857552d3456f68e 2f6abaf4a87c3101100fca626131ca5f0855844b00fc5cddc37406449474b537 Loading...

	assets.calendly.com/assets/external/widget.js	45 kB	2023-03-08	2023-03-11
Pretty URL assets.calendly.com/assets/external/widget.js IP 172.66.43.26 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:30:11 Last Seen2023-03-11 23:34:37 Times Seen1 Hash d55a502aec51c2d81fe7d6b5b166ddcf 8cd8233f21a9a781a2cb56149a6544625d88046f 32b1329aa865baea00d42aa3abb2a8a7d618fbd91eceb92294a378314af30ecf Loading...

	www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js	409 kB	2023-03-08	2023-03-17
Pretty URL www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js IP 142.250.74.163 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:03 Last Seen2023-03-17 23:14:58 Times Seen1 Hash b2507198388fcc94ca9e94ed4c5561c5 8853fc86f1c616bd20a73e3e24442036fd90fd2f 02c7565a86d6d3a80295b85161d78fc88d8c79a0e314c0c7777570237a365ed0 Loading...

	cdn.segment.io/analytics-next/bundles/schemaFilter.bundle.debb169c1abb431faaa6.js	1.6 kB	2023-03-07	2024-01-01
Pretty URL cdn.segment.io/analytics-next/bundles/schemaFilter.bundle.debb169c1abb431faaa6.js IP 54.230.111.79 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:34 Last Seen2024-01-01 04:29:45 Times Seen23 Hash 3e448afdfea355c0f19700d04431ce7d 596b746237018bdddd0ede5f65d9d854e2340a2c e8771b238c60c36fc935fd2dad0aed6e70cea50a635ff4f89f394a968a258c42 Loading...

	cdn.segment.io/next-integrations/integrations/pendo/1.1.3/pendo.dynamic.js.gz	2.8 kB	2023-03-08	2023-03-11
Pretty URL cdn.segment.io/next-integrations/integrations/pendo/1.1.3/pendo.dynamic.js.gz IP 54.230.111.79 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:55:16 Last Seen2023-03-11 23:50:30 Times Seen1 Hash 7ea3601e864e5f81fe132e8a4ed3c855 e5d43609375807596b7af0c28ea21416c9d1074b 246c052272d13af654d11aa0f4c22695cabe1ab60d831d9c0502aa6d70848b51 Loading...

	cdn.segment.io/next-integrations/integrations/heap/2.1.2/heap.dynamic.js.gz	3.8 kB	2023-03-08	2023-03-25
Pretty URL cdn.segment.io/next-integrations/integrations/heap/2.1.2/heap.dynamic.js.gz IP 54.230.111.79 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 12:23:08 Last Seen2023-03-25 23:40:17 Times Seen3 Hash 7f734a96726ef1daa57049a1f9b04e80 0df8243a5f5ef64ac854518eae417ebc8bb88e5d 26fa172d7e46f42e6186c4f42dc0e0fa9227987c68589d641f3dbf38036554f4 Loading...

	www.glennmarkdizon.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.4.2	8.2 kB	2023-03-08	2024-03-26
Pretty URL www.glennmarkdizon.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.4.2 IP 198.187.29.109 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:32:47 Last Seen2024-03-26 13:56:01 Times Seen56 Hash 8e05b5f30f52c6945e022b0530220a92 d0365de44bb0f057629811caa098e43e3e491e93 00d4a77dd4b514aa28dce3f45816647d96dcbd4d4b16fbbcd6d3e2012a996dd0 Loading...

	www.glennmarkdizon.com/wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js?ver=1.0.0	3.2 kB	2023-03-07	2024-04-18
Pretty URL www.glennmarkdizon.com/wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js?ver=1.0.0 IP 198.187.29.109 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:35 Last Seen2024-04-18 12:45:31 Times Seen2021 Hash e846984437ce810e4757bb0d935e67f0 0cd5ea1fde5aceba86a2ed59e77e35eff4acd2df 7f161501494bc2f199eaf414c3104318a00e2072f272ebce45540eef58cfb08b Loading...

	www.glennmarkdizon.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2	12 kB	2023-03-07	2024-04-24
Pretty URL www.glennmarkdizon.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 IP 198.187.29.109 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-24 22:39:36 Times Seen52710 Hash 3819c3569da71daec283a75483735f7e ecd40a5cc6f0b76200c454ca880210dc301cfab8 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0 Loading...

	www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/js/animated-headline.ffb4bb4ce1b16b11446d.bundle.min.js	7.9 kB	2023-03-08	2024-03-04
Pretty URL www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/js/animated-headline.ffb4bb4ce1b16b11446d.bundle.min.js IP 198.187.29.109 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:14:52 Last Seen2024-03-04 04:56:50 Times Seen12 Hash 889992756d5f4f85c6106e39796b5efb fe8010eff7e967c365a6a615c267b55b476f6198 7f0dfb3d046cfad6be324a4852e1f9df716d81858caeace17dd12630a814b61c Loading...

	cdn.segment.io/analytics-next/bundles/remoteMiddleware.bundle.6e91ab7aa7b9f5c2b127.js	1.2 kB	2023-03-08	2023-05-09
Pretty URL cdn.segment.io/analytics-next/bundles/remoteMiddleware.bundle.6e91ab7aa7b9f5c2b127.js IP 54.230.111.79 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 12:23:08 Last Seen2023-05-09 17:51:22 Times Seen21 Hash c1cb8e289adb2c1ec05b08a6ef25cfaf d931c410ea46b56e648d478c3b3702a048b68e80 df28dfc35b36ef6200bd6bc617813691d0072fc30528fb1eade1abc13f984f93 Loading...

	www.glennmarkdizon.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4	5.6 kB	2023-03-07	2024-04-24
Pretty URL www.glennmarkdizon.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4 IP 198.187.29.109 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:40 Last Seen2024-04-24 19:00:09 Times Seen30965 Hash 3a56752b736635bf69cb069b8818cbfd 42e0951fe74bb3f56a30f51291823bcd4a84d76e ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869 Loading...

	www.glennmarkdizon.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9	6.5 kB	2023-03-07	2024-04-24
Pretty URL www.glennmarkdizon.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 IP 198.187.29.109 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-24 18:24:18 Times Seen15494 Hash 61449413a42d2daaa79dbe7298b40e21 d86c474164c603084397bdc50fb0e469d28b5772 f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a Loading...

	cdn.segment.io/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz	75 kB	2023-03-08	2024-04-24
Pretty URL cdn.segment.io/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:19:31 Last Seen2024-04-24 16:14:32 Times Seen6356 Hash 801600ab7c3d52577df419402f83c046 36d7570708ef36b90ba588fc76706384b8bf2a15 b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13 Loading...

	cdn.pendo.io/agent/static/4cfbcefc-fcf9-4b66-5dc6-9b0d81bb07a9/pendo.js	399 kB	2023-03-11	2023-03-11
Pretty URL cdn.pendo.io/agent/static/4cfbcefc-fcf9-4b66-5dc6-9b0d81bb07a9/pendo.js IP 54.230.111.15 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 13:46:16 Last Seen2023-03-11 19:18:13 Times Seen1 Hash 7a3a75a1e4b7f77fcf109ea3c4fc2663 a2a4a4698a604d135221f417268380ad0378d033 c8c7a342f4b12ae6c73fff4552184a3d5e53aa6c5b6627b1635ee62a7c7413be Loading...

	cdn.cookielaw.org/scripttemplates/otSDKStub.js	22 kB	2023-03-07	2024-03-05
Pretty URL cdn.cookielaw.org/scripttemplates/otSDKStub.js IP 104.16.148.64 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:58:52 Last Seen2024-03-05 19:00:25 Times Seen96 Hash a750a84d2cd5eb69aa0b8b1b94db6da8 56fd3e55c49aa5f3e48e525ae794da9b070cfa6c bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0 Loading...

	www.glennmarkdizon.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6	139 kB	2023-03-07	2024-04-24
Pretty URL www.glennmarkdizon.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6 IP 198.187.29.109 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-24 18:24:18 Times Seen23153 Hash 15bb2b8491fc7e84137d65f610e1685a cd76b70a5426893e9c022b9a75c50a7c1348e2d0 b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804 Loading...

	cdn.segment.io/next-integrations/middleware/analytics.js-middleware-braze-deduplicate/latest/analytics.js-middleware-braze-deduplicate.js.gz	1.8 kB	2023-03-08	2024-04-24
Pretty URL cdn.segment.io/next-integrations/middleware/analytics.js-middleware-braze-deduplicate/latest/analytics.js-middleware-braze-deduplicate.js.gz IP 54.230.111.79 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 12:23:08 Last Seen2024-04-24 10:19:35 Times Seen335 Hash 3fa7abe12ac60941c90bdb6feed82551 d91a1dd00d96e1ae779fa8c08c18236b5744e282 66681843d2dddef898a0e614bc668cab30aceecd7a0d89965b7b0447bfcf14c4 Loading...

	js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js	631 B	2023-03-08	2024-04-03
Pretty URL js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js IP 143.204.55.68 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:24:46 Last Seen2024-04-03 16:20:49 Times Seen6173 Hash f8f6a4584135f737b26927596ce6e0a7 609ea9e9c46563fb1dc78a7967c926394e73ffab 250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6 Loading...

	www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LeAb4QUAAAAAOM9CNYSsvbnzWTByRAgm3GA5D4n&co=aHR0cHM6Ly9jYWxlbmRseS5jb206NDQz&hl=en&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=uvfpm4p9ra61	78 B	2023-03-07	2024-04-24
Pretty URL www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LeAb4QUAAAAAOM9CNYSsvbnzWTByRAgm3GA5D4n&co=aHR0cHM6Ly9jYWxlbmRseS5jb206NDQz&hl=en&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=uvfpm4p9ra61 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2024-04-24 21:46:36 Times Seen2125 Hash 448da244080e4e0ea89e10703010ba71 8c1f7e69138083db28206be2ac8e434a49f381a4 ca21a8ec20b3329036ccc2e1c9166f6a9f3a710473cf7beed37019787e24948f Loading...

	www.glennmarkdizon.com/	7.8 kB	2023-03-11	2023-03-11
Pretty URL www.glennmarkdizon.com/ IP 198.187.29.109 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:18:13 Last Seen2023-03-11 19:18:13 Times Seen1 Hash 79f9173155ec119e42c1c841ffe8e1b8 c8c32db9479f6ff6c8558423b7b1fa397f2ed80f 1c8083c30470656c567b70448de375e0a277cc833ce86e1ed9cf6a296c38f507 Loading...

	cdn.segment.io/next-integrations/integrations/appboy/1.16.1/appboy.dynamic.js.gz	18 kB	2023-03-07	2023-03-14
Pretty URL cdn.segment.io/next-integrations/integrations/appboy/1.16.1/appboy.dynamic.js.gz IP 54.230.111.79 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:27:24 Last Seen2023-03-14 07:49:04 Times Seen1 Hash fa5d0d9b378c0d2532b9ea09291c8bad 7dac59629e67995e47a0b1f789dfba2464ba6602 96783423ce1406c21248079d2e697fe9b7d719bb700d2b21007cb629d2b6216e Loading...

	m.stripe.network/inner.html#url=https%3A%2F%2Fcalendly.com%2Fglennmark%2Fconsult%3Fembed_domain%3Dwww.glennmarkdizon.com%26embed_type%3DInline%26month%3D2022-11&title=Select%20a%20Date%20%26%20Time%20-%20Calendly&referrer=https%3A%2F%2Fwww.glennmarkdizon.com%2F&muid=NA&sid=NA&version=6&preview=false	809 B	2023-03-07	2023-04-05
Pretty URL m.stripe.network/inner.html#url=https%3A%2F%2Fcalendly.com%2Fglennmark%2Fconsult%3Fembed_domain%3Dwww.glennmarkdizon.com%26embed_type%3DInline%26month%3D2022-11&title=Select%20a%20Date%20%26%20Time%20-%20Calendly&referrer=https%3A%2F%2Fwww.glennmarkdizon.com%2F&muid=NA&sid=NA&version=6&preview=false IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2023-04-05 02:11:07 Times Seen392 Hash c27cf622675c4437d72f0a597fc0b071 7b93ce05044f359f9ba5a335fe47c6aa462d7251 7bf26abb893d1a4d590963ba4ad02c7e11778bbaa02307ee8ad683d60f43caf1 Loading...

	cdn.segment.io/analytics.js/v1/rfvnxd6wnn/analytics.min.js	103 kB	2023-03-08	2023-03-11
Pretty URL cdn.segment.io/analytics.js/v1/rfvnxd6wnn/analytics.min.js IP 54.230.111.79 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:36:23 Last Seen2023-03-11 23:50:30 Times Seen1 Hash bcf6e40a47c7245c7cc594ffdfdc8766 6422f988c5e34d701282e875ec78830e07b6b32e cc412359bc2f5c087889ad2f23464b6755af396e1a656d919301a3f6214abfac Loading...

	js.appboycdn.com/web-sdk/3.1/appboy.min.js	188 kB	2023-03-07	2024-04-15
Pretty URL js.appboycdn.com/web-sdk/3.1/appboy.min.js IP 104.17.218.31 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2024-04-15 12:04:44 Times Seen29 Hash 1c3631b60e0fed888d7a4fcedb3e0448 fd9cd3b7e767ce846cff470d0a78024c08776cd8 dad2e6bb3ac10b4da6dd0f1985d87364af3aa1a0dba6e88b749e38f4207f6ec7 Loading...

	www.glennmarkdizon.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2	21 kB	2023-03-08	2024-04-24
Pretty URL www.glennmarkdizon.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 IP 198.187.29.109 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-24 08:08:08 Times Seen9803 Hash 034bd11ecaf6fb9240d905245e42e202 ff136c394ed95badfc0107fb98a890dcff642828 ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651 Loading...

	www.glennmarkdizon.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1	40 kB	2023-03-08	2024-04-15
Pretty URL www.glennmarkdizon.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1 IP 198.187.29.109 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-15 22:34:30 Times Seen724 Hash 2331d602370faa61829c8aa628996c7d e097dda010d924637e9c9f906be7653ae2d29343 5ceb0c2088d29cecbe3ee571dc3cf6fec764bbb7c73f0e22c73007149a2ce68d Loading...

	js.stripe.com/v3	408 kB	2023-03-11	2023-03-11
Pretty URL js.stripe.com/v3 IP 143.204.55.68 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:32:20 Last Seen2023-03-11 23:47:44 Times Seen1 Hash 0811280c436e51c657484d591864732e 0da49611241e99bcaf4c8cb271b71bfc805ce024 0867efe4ab18c35f3ea7591f9eee0ebbb8631a6e65f7287104d1f8eef992d9ea Loading...

	unknown	0 B	2023-03-07	2024-04-24
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-24 22:49:19 Times Seen37049625 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.glennmarkdizon.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1	5.0 kB	2023-03-08	2024-04-15
Pretty URL www.glennmarkdizon.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1 IP 198.187.29.109 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-15 22:34:30 Times Seen647 Hash 562ad59077018eb139d1f46afd69a050 d33c188f7d0f306b8a0ede1e3b67a0edb7be8966 f6eb858ead7f15dcd18541c5433714e0c0966d81b8d009a2d49e5a181e548fbb Loading...

	www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.8.1	25 kB	2023-03-08	2024-04-18
Pretty URL www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.8.1 IP 198.187.29.109 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:38:07 Last Seen2024-04-18 12:55:21 Times Seen229 Hash 055f01cb6912284f7e3c7d3ab88ec499 4b4712ecd4eeb4b51c3bf6bccc613d798d014f99 27c3bae726c78894582c23e5b507dda2dacd2c5c8aa9afe17ae179519e4ba3e0 Loading...

	www.glennmarkdizon.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js	1.4 kB	2023-03-08	2024-04-15
Pretty URL www.glennmarkdizon.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js IP 198.187.29.109 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-15 22:34:30 Times Seen332 Hash bd7fa9b462b379ac441355772351f14e 5cc11b3af3e31e790cfa0ecf28598f9509cf9e68 4a518bd1723da2b6011895ad68059361ebb4cb80de3eec9145eacee89ddd9745 Loading...

	www.clarity.ms/eus2/s/0.6.43/clarity.js	55 kB	2023-03-08	2023-10-23
Pretty URL www.clarity.ms/eus2/s/0.6.43/clarity.js IP 13.107.227.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:44 Last Seen2023-10-23 15:37:18 Times Seen9 Hash 441723b72633b1ac9757ad7c63168005 806166ca9ebb5839dd90a5e5c9335e3e0b18c169 cc8a16ce849d72f106bd67187e4b60c20da3093375202bf0b53f23e8f40a8b11 Loading...

	www.glennmarkdizon.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae	10 kB	2023-03-08	2024-04-24
Pretty URL www.glennmarkdizon.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae IP 198.187.29.109 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:32 Last Seen2024-04-24 16:05:58 Times Seen25613 Hash 8cd696505481e74ffee89b4995f37379 ee9aad199ef2bc60a3460f4c52f37d22907b2ec9 01c3955df67a9b9d1367957e2c187729eae46b72e92c2b52bdb217b14a8fc874 Loading...

	cdn.segment.io/next-integrations/integrations/optimizely/3.5.1/optimizely.dynamic.js.gz	7.0 kB	2023-03-08	2024-04-16
Pretty URL cdn.segment.io/next-integrations/integrations/optimizely/3.5.1/optimizely.dynamic.js.gz IP 54.230.111.79 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:25:13 Last Seen2024-04-16 20:04:45 Times Seen469 Hash 80c0c189df673c031b78b09c5f598745 b87bedc92d63e378e58f6230a4284958959d3293 cae962a70d36874622214e00e5f0da33974facafc55fb443757d8615359c413a Loading...

		Size	First Seen	Last Seen
	#1 Eval - f7656e08f419dab0921bcffc274655f4	22 B	2023-03-08	2023-03-17
Pretty Observations First Seen2023-03-08 14:22:03 Last Seen2023-03-17 23:14:58 Times Seen1 Hash f7656e08f419dab0921bcffc274655f4 5acf6b5d541b60f71be9ac794938821eb3bfbdcd c4e7ca158015332be1df536c970a209b44cb4744fae720ed1caaefdc87f37f93 Loading...

	#2 Eval - e838c48a2ad3ca7b3611c5c2c8b63fe4	22 B	2023-03-08	2023-03-17
Pretty Observations First Seen2023-03-08 14:22:03 Last Seen2023-03-17 23:14:58 Times Seen1 Hash e838c48a2ad3ca7b3611c5c2c8b63fe4 3e54acc073cfa8db68daf806991e34eeef26d115 d8fc182869d21957579c2a09eae263e41ab53e4c30c4ffa96d93584a64eb6f77 Loading...

	#3 Eval - 806f2d97105b300b4b5c594b860841ff	16 kB	2023-03-08	2023-03-17
Pretty Observations First Seen2023-03-08 14:22:03 Last Seen2023-03-17 23:14:58 Times Seen1 Hash 806f2d97105b300b4b5c594b860841ff d89d7c7eea801d1e1ff172b2cbe554e4e3606ee2 ac67106da7775f013b7cb9730c8cde5cfa186d74c2bff74fe27579bb046366be Loading...

	#4 Eval - 49c1c847adb5c2108736fba55cc9e8ea	21 kB	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 19:18:13 Last Seen2023-03-11 19:18:13 Times Seen1 Hash 49c1c847adb5c2108736fba55cc9e8ea 99c61b7fb6afdd094535ef6cd14a3e2653ce741d fa3ca93da3b5ef56bed8e3ac8f3273a58d3b1120bd267406f72b826788dc63db Loading...

	#5 Eval - ae29ed92f6bcf000b77945d046e689b4	64 B	2023-03-08	2023-03-17
Pretty Observations First Seen2023-03-08 14:22:03 Last Seen2023-03-17 23:14:58 Times Seen1 Hash ae29ed92f6bcf000b77945d046e689b4 a4d4bd1aa2d7a4fae1ef26244a5cb8f40d62ea91 14ed98b8b82987bce49c9e6a0f9b620434ec92ad83e9815037257823fe34071e Loading...

HTTP Transactions (172)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a9f1d4d98705c281fed3b60343463200
db6f8aa98d2eda4e5473b116a222c3055568bb78
164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3846
Expires: Thu, 24 Nov 2022 21:03:09 GMT
Date: Thu, 24 Nov 2022 19:59:03 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5860
Cache-Control: max-age=144588
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:59:03 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 12:08:51 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5813
Expires: Thu, 24 Nov 2022 21:35:56 GMT
Date: Thu, 24 Nov 2022 19:59:03 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 24 Nov 2022 19:18:59 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2404
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: N1zfAkIMDQ6AN0prB9uJvtkO2J3gsyQmgwsEC1V6HeGRSl2xVK3j8Kvsmkqjgh/X9TfM6ktQsn4=
x-amz-request-id: 9FMGQP5R1SDCSMS0
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 24 Nov 2022 19:40:31 GMT
age: 1112
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

glennmarkdizon.com/

198.187.29.109

301 Moved Permanently

707 B

URL HTTP/1.1
glennmarkdizon.com/
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
707 B (707 bytes)
Hash
1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 24 Nov 2022 19:59:03 GMT
server: LiteSpeed
location: https://glennmarkdizon.com/
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 19:59:03 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 24 Nov 2022 19:08:53 GMT
cache-control: public,max-age=3600
age: 3010
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5257
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:59:03 GMT
Last-Modified: Thu, 24 Nov 2022 18:31:26 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
7f6a69ede955722d257b5c053b411395
ea5e2514c52e148ded3b5eceecbf04643e8ad14c
e339ad3859de4c93e90d6523a423f4f62634cf13057135457dd23fe7e7d40302

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 19:59:03 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 21 Nov 2022 18:49:10 GMT
Expires: Mon, 28 Nov 2022 18:49:09 GMT
Etag: "ea5e2514c52e148ded3b5eceecbf04643e8ad14c"
Cache-Control: max-age=340805,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f4b90f7acdb4ff-OSL

push.services.mozilla.com/

54.148.213.75

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.148.213.75:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 15ruoCu8cPwmAnLgvh53AA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 74TwQBWGCPOFj8dtmDWbhubA7ug=

glennmarkdizon.com/

198.187.29.109

301 Moved Permanently

0 B

URL HTTP/2
glennmarkdizon.com/
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
x-pingback: https://www.glennmarkdizon.com/xmlrpc.php
x-redirect-by: WordPress
location: https://www.glennmarkdizon.com/
content-length: 0
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/

198.187.29.109

200 OK

23 kB

URL HTTP/2
www.glennmarkdizon.com/
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (9381)
Size
23 kB (23300 bytes)
Hash
f5ea130c187c885b87f09d13b6afa9c2
58ac225ebda0f0f7b5e1f2c57a14b8f5c0e19a7c
b68502649329703c615cad6731faa350cd52f785081710d87a82f6488a2bf64e

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
content-type: text/html
last-modified: Wed, 16 Nov 2022 07:40:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 23300
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
expires: Mon, 29 Oct 1923 20:30:00 GMT
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:59:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
f7830d8e96be37800f9b435c4536fc98
000d2a5d8a23b63cb3c0c8855187d77b853a7b95
43a73253d3b77edeb3501f68b02de848cc602672cb647049a6ccdf4b39da5d00

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4003
Cache-Control: max-age=170054
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:59:04 GMT
Etag: "637fb2ab-117"
Expires: Sat, 26 Nov 2022 19:13:18 GMT
Last-Modified: Thu, 24 Nov 2022 18:06:35 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279

www.glennmarkdizon.com/wp-content/cache/wpfc-minified/79tjo3f4/ab39e.css

198.187.29.109

200 OK

11 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/cache/wpfc-minified/79tjo3f4/ab39e.css
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65517)
Size
11 kB (10957 bytes)
Hash
5b3b0083c3dfe8d164683c33929dda7b
dbab68ae166e3f8769066b6cad03ce72d98d11c8
2985202349399d40c5bd4fc32f52cdb82775c176224b08b2384f5ba7e7c8b455

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/cache/wpfc-minified/79tjo3f4/ab39e.css HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: text/css
last-modified: Wed, 16 Nov 2022 07:40:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10957
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:59:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.glennmarkdizon.com/wp-content/cache/wpfc-minified/qtjdgbki/fr1mn.css

198.187.29.109

200 OK

16 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/cache/wpfc-minified/qtjdgbki/fr1mn.css
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
16 kB (16418 bytes)
Hash
604b4b0177e09915b54398381cd1ff79
d72ff5c1624b996bf25c7d8514555784a6eb2552
440d5002a7e4c5add5df83138421acbe29c0e2859258ca8981e712c6ec4db0b4

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/cache/wpfc-minified/qtjdgbki/fr1mn.css HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: text/css
last-modified: Thu, 18 Aug 2022 21:10:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 16418
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/uploads/elementor/css/post-11.css?ver=1668580950

198.187.29.109

200 OK

364 B

URL HTTP/2
www.glennmarkdizon.com/wp-content/uploads/elementor/css/post-11.css?ver=1668580950
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (1244), with no line terminators
Size
364 B (364 bytes)
Hash
92033d2ab63fcea3f4a50b7ffc8bb6a9
7b5246a7af243f5ddf8e943f35ca465ec1e448f4
4188b340d2337c4732ef47464e6018e79e941750b4683dea85a235c448e8dba7

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/css/post-11.css?ver=1668580950 HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: text/css
last-modified: Wed, 16 Nov 2022 06:42:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 364
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/cache/wpfc-minified/2qbsyya5/ab39e.css

198.187.29.109

200 OK

4.5 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/cache/wpfc-minified/2qbsyya5/ab39e.css
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (20596)
Size
4.5 kB (4536 bytes)
Hash
558f42780be85751a7b77e207c7f2b03
071a66e0279541ce7d3777a55643c34e122ea06c
c540828c392a38be24d1d28a202ff4e9a478b45549948d8418d0e81bd20f15d7

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/cache/wpfc-minified/2qbsyya5/ab39e.css HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: text/css
last-modified: Wed, 16 Nov 2022 07:40:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4536
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/cache/wpfc-minified/f12l1vzu/41kvu.css

198.187.29.109

200 OK

7.2 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/cache/wpfc-minified/f12l1vzu/41kvu.css
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (39280)
Size
7.2 kB (7216 bytes)
Hash
69c00878d510b6035128d975734014fc
46e69cd6683e4901c97a48d39f2c4c4ece0628ac
3231297f5675fd1f3454182331e0d24a9fbc1781daab7c6ca9bc765830f08e75

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/cache/wpfc-minified/f12l1vzu/41kvu.css HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: text/css
last-modified: Thu, 11 Aug 2022 14:44:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7216
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/cache/wpfc-minified/ehs6yavo/41kvu.css

198.187.29.109

200 OK

12 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/cache/wpfc-minified/ehs6yavo/41kvu.css
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (59598), with no line terminators
Size
12 kB (12280 bytes)
Hash
b268ed80c5f11ea6bf7987ab6b99eaa9
15add3ec9d5336462b9522a7584c66f58180ba28
96e7c84e13979da6573098cc76072f20884cacb1ce2e2786d8163104397dedf4

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/cache/wpfc-minified/ehs6yavo/41kvu.css HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: text/css
last-modified: Thu, 11 Aug 2022 14:44:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12280
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/uploads/elementor/css/post-31.css?ver=1668580952

198.187.29.109

200 OK

1.7 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/uploads/elementor/css/post-31.css?ver=1668580952
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (5828)
Size
1.7 kB (1714 bytes)
Hash
41c0c7cff12d3f3f2ce44213a25594b0
3517ebb78f0309e1258ef42f7a5f50815df2b072
b1ef76b17de9df92043e1a7ec71155c2e0b65faf2c66f648621ea53f115d5127

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/css/post-31.css?ver=1668580952 HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: text/css
last-modified: Wed, 16 Nov 2022 06:42:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1714
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/uploads/elementor/css/post-2.css?ver=1668582133

198.187.29.109

200 OK

5.5 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/uploads/elementor/css/post-2.css?ver=1668582133
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (44672)
Size
5.5 kB (5499 bytes)
Hash
8f04bad0f4c8e873351f42d1eff427cf
615033e0e6dfb6ece597a039074774978df636bf
e454e4922b625dc23068b90efcf57160108a5eae9935991df95a221984ea2f40

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/css/post-2.css?ver=1668582133 HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: text/css
last-modified: Wed, 16 Nov 2022 07:02:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5499
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/themes/hello-theme-child-master/style.css?ver=1.0.0

198.187.29.109

200 OK

287 B

URL HTTP/2
www.glennmarkdizon.com/wp-content/themes/hello-theme-child-master/style.css?ver=1.0.0
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
287 B (287 bytes)
Hash
9cfc60525bfc5d073088e68254b87b1a
1d85ee6b11cf58bf9a822e1faf03b2dba630ad12
de286cadb2def7a628c401906d9abfa5669015f51de399cbd5bc3a7867862145

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/hello-theme-child-master/style.css?ver=1.0.0 HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: text/css
last-modified: Mon, 08 Aug 2022 14:03:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 287
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/uploads/elementor/css/post-19.css?ver=1668580952

198.187.29.109

200 OK

1.1 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/uploads/elementor/css/post-19.css?ver=1668580952
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (2398), with CRLF, LF line terminators
Size
1.1 kB (1080 bytes)
Hash
c58a66ea1e0369666a12ccd49563e730
2bc6f3bb11d5645c6b58be8baae2e93ffcd6de6e
5900e442cb7163937c11c33d541bf37db64b45855c6f1193888a96a7e2c5c127

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/css/post-19.css?ver=1668580952 HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: text/css
last-modified: Wed, 16 Nov 2022 06:42:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1080
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14534
Expires: Fri, 25 Nov 2022 00:01:19 GMT
Date: Thu, 24 Nov 2022 19:59:05 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14534
Expires: Fri, 25 Nov 2022 00:01:19 GMT
Date: Thu, 24 Nov 2022 19:59:05 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14534
Expires: Fri, 25 Nov 2022 00:01:19 GMT
Date: Thu, 24 Nov 2022 19:59:05 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14534
Expires: Fri, 25 Nov 2022 00:01:19 GMT
Date: Thu, 24 Nov 2022 19:59:05 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp

34.120.237.76

200 OK

5.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.1 kB (5070 bytes)
Hash
0856fdb55f19f03a1bec38b3d6e0ac77
89accd230fba95fe0049678070817b36ead015fa
17c6e6f9bb8f4261fff2dc2a43ed994986418761624b8afead768e89927594f2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5070
x-amzn-requestid: d86d95ad-9b78-4047-82e7-04e83a97e330
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwViF1GIAMF_PQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9423-10809ba1634776171cf79cb8;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:44:03 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8rbsN9OVJmneT9ov-Q7V4RB8DP5UWhhn-7cnukHiBpl06zmMM0zJTg==
via: 1.1 0dc4feb22bb4657ce2bb95fd05ec7122.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:57:20 GMT
age: 79305
etag: "89accd230fba95fe0049678070817b36ead015fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (7993 bytes)
Hash
92c78302bcce1568eb6a5563100b932c
43d1dec7fc06879988c9c3cadd800cc8145df988
0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7YSXUV-LZpsI7vciFhuqt1EVr6YRkhxcOgMg8z8bxLcOE01_baf6Gg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:47:06 GMT
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
content-type: image/jpeg
age: 79919
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.3 kB (4309 bytes)
Hash
841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE0hGNioAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:14:07 GMT
age: 45898
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6789 bytes)
Hash
d9d93b2a6875d446c3467eb49767eef5
303c571b13b05fcf27ee1159d8fdf6369aaef0a2
2a2345a925e0187979930a7f2de8548957ad9f2baae77364dcb157286e2b3fcf

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6789
x-amzn-requestid: 4d94ce1b-d18f-43b8-bb4d-e7093f9bea42
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvd2G9UIAMFrEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5f2-64a570135be59b83031811da;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:04:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JygkDI7XSvlgurUTot874ZAXlOIqnv4cntMQ55IvHVqw93JBcksZjQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:15:22 GMT
age: 45823
etag: "303c571b13b05fcf27ee1159d8fdf6369aaef0a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (13882 bytes)
Hash
64d79191f005c9876b952c5f948aa0f7
1102dbdcbcabf5c25d17840f8f00d5b55b9b8f0a
00fb36c3d322e8302c5ce202d6d4119d637510cd6f3b63e1347781ec3bb9d7fc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13882
x-amzn-requestid: 9022b0b3-31d5-4149-a969-02514f11b95a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvzNHjMoAMFWMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9347-0e8354a02bef623644714e31;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ve4q5FDkwMGhPK6ZVVVCZtoBTaGaz43r_PwINzwS5Nx5tcZeQkVIfw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:49:47 GMT
age: 79758
etag: "1102dbdcbcabf5c25d17840f8f00d5b55b9b8f0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7462 bytes)
Hash
b4157f2c5c3c77ce699324ecb08f47c7
a7d9135f9d01ba13c3cdaf8b038c70212f159297
2305f7afee95bb34d9e8dbff571c6b146ba7b694be96e9e925c32d1f41785916

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7462
x-amzn-requestid: 1f6fb14d-83e0-43d3-9dab-5bc83af1a7c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwV3HV9oAMFs9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9425-634d43db6308e0be596aa5a0;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:44:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GW5UTfY7-TwPWTno9z1e21a2cA9fmU7GfHFYWdL-zQvMLxeq-S9Trg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 22:03:54 GMT
age: 78911
etag: "a7d9135f9d01ba13c3cdaf8b038c70212f159297"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/cache/wpfc-minified/86mths0t/41kvu.js

198.187.29.109

200 OK

34 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/cache/wpfc-minified/86mths0t/41kvu.js
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65355)
Size
34 kB (33590 bytes)
Hash
9cce7f9a0b0947d811ae7881e41df566
d1384a96d6373b2cc907dad1ee5a996cbb46f53f
a8f1b4d1e14d4d828e50a38cf685372e51622a196eb5be37c47a2dac4ffead90

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/cache/wpfc-minified/86mths0t/41kvu.js HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: application/javascript
last-modified: Thu, 11 Aug 2022 14:44:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 33590
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/cache/wpfc-minified/130m63we/41kvu.css

198.187.29.109

200 OK

5.1 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/cache/wpfc-minified/130m63we/41kvu.css
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (48579)
Size
5.1 kB (5073 bytes)
Hash
1455a28a05089d9a6751985dd94c2cfb
0437523688a53c0ada2da4c16bde6137794afaf1
a4df5226ecb5a2f19182bd787a2c534c00599f0bf691ac1950c9aa5d1b034ea1

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/cache/wpfc-minified/130m63we/41kvu.css HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: text/css
last-modified: Thu, 11 Aug 2022 14:44:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5073
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/uploads/elementor/thumbs/logo-Shopify-pt2y1lg4yw6bpqq6vplb81dg49gf9ohpjilch8bofc.png

198.187.29.109

200 OK

4.3 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/uploads/elementor/thumbs/logo-Shopify-pt2y1lg4yw6bpqq6vplb81dg49gf9ohpjilch8bofc.png
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 140 x 36, 8-bit/color RGBA, non-interlaced\012- data
Size
4.3 kB (4282 bytes)
Hash
bb0d0772bad9b88c081ba7fca06fb12d
1b7acc88cfd137af21fcb0ff9abbfb768703105c
2b30b52b80fc37cf53eb939f18dcd399b8103c4b20e6166965dc94860201a4b0

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/thumbs/logo-Shopify-pt2y1lg4yw6bpqq6vplb81dg49gf9ohpjilch8bofc.png HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: image/png
last-modified: Fri, 12 Aug 2022 09:53:19 GMT
accept-ranges: bytes
content-length: 4282
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/uploads/elementor/thumbs/logo-Wordpress-pt2y1nbtck8wcyngkqekd0wdb175p2p67rwbfs8w2w.png

198.187.29.109

200 OK

3.9 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/uploads/elementor/thumbs/logo-Wordpress-pt2y1nbtck8wcyngkqekd0wdb175p2p67rwbfs8w2w.png
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 140 x 36, 8-bit/color RGBA, non-interlaced\012- data
Size
3.9 kB (3901 bytes)
Hash
062bb3f100224787c8cac10a5d2c6be9
c3a5853928262f97cccd1b2fb26b4dc2ec186671
bfcb4f63fd7bc27818b902f77c88b46927df345b4eabda9917d2726e8dcbe517

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/thumbs/logo-Wordpress-pt2y1nbtck8wcyngkqekd0wdb175p2p67rwbfs8w2w.png HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: image/png
last-modified: Fri, 12 Aug 2022 09:53:19 GMT
accept-ranges: bytes
content-length: 3901
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/uploads/elementor/thumbs/elementor-pt2y17ck4dn0vlao61hwomxj7hdx27xqhkt2a2wl0o.png

198.187.29.109

200 OK

4.0 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/uploads/elementor/thumbs/elementor-pt2y17ck4dn0vlao61hwomxj7hdx27xqhkt2a2wl0o.png
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 140 x 36, 8-bit/color RGBA, non-interlaced\012- data
Size
4.0 kB (3986 bytes)
Hash
e0d48d94a0a35ba69a314be3fec11d0d
500a7bc35022a71787837ae5ebea5871c327111f
2fa14fbb7bd5461d3af10e4a60658663059a47f33e776bd59322550ffa23380c

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/thumbs/elementor-pt2y17ck4dn0vlao61hwomxj7hdx27xqhkt2a2wl0o.png HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: image/png
last-modified: Fri, 12 Aug 2022 09:53:19 GMT
accept-ranges: bytes
content-length: 3986
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/uploads/elementor/thumbs/logo-HTML5-pt2y1b3wvps66157k34eylzdl0vdx0cnu3f076r0bs.png

198.187.29.109

200 OK

2.8 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/uploads/elementor/thumbs/logo-HTML5-pt2y1b3wvps66157k34eylzdl0vdx0cnu3f076r0bs.png
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 140 x 36, 8-bit/color RGBA, non-interlaced\012- data
Size
2.8 kB (2783 bytes)
Hash
fb7d6a3ac5382e210a60a577eec114b0
ef2f93c62c461e173df98bc219088fe71d6e5844
25058f0da8b2c7977897f1ec0f87849968d74049568eaebe343b2741e0697f5f

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/thumbs/logo-HTML5-pt2y1b3wvps66157k34eylzdl0vdx0cnu3f076r0bs.png HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: image/png
last-modified: Fri, 12 Aug 2022 09:53:19 GMT
accept-ranges: bytes
content-length: 2783
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/uploads/elementor/thumbs/logo-CSS3-pt2y1988i1plit7xv2b5tmgge94nhm575u418mtso8.png

198.187.29.109

200 OK

2.9 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/uploads/elementor/thumbs/logo-CSS3-pt2y1988i1plit7xv2b5tmgge94nhm575u418mtso8.png
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 140 x 36, 8-bit/color RGBA, non-interlaced\012- data
Size
2.9 kB (2897 bytes)
Hash
25bafe78742a2d6acd0ed82a7446fa7d
d45bd52541342b02f243bba3ed622bdcdc422603
19057893cd0d90ad5cd83bf7a4926804b76e315e0ab21e0df4792487c0d0513c

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/thumbs/logo-CSS3-pt2y1988i1plit7xv2b5tmgge94nhm575u418mtso8.png HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: image/png
last-modified: Fri, 12 Aug 2022 09:53:19 GMT
accept-ranges: bytes
content-length: 2897
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/uploads/elementor/thumbs/namecheap-pt2y1s10aqfbz0gmtafp7hpo9yjzrk7twf5qu61x7s.png

198.187.29.109

200 OK

3.3 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/uploads/elementor/thumbs/namecheap-pt2y1s10aqfbz0gmtafp7hpo9yjzrk7twf5qu61x7s.png
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 140 x 36, 8-bit/color RGBA, non-interlaced\012- data
Size
3.3 kB (3333 bytes)
Hash
1564a44d7e81ddf5227dd4766aa508cb
e7046f47130b781bd3cac4bf2c8cbe298fb8c46f
dbbdd9028c8e464ff576e979c347635b5ff867e138c89cbfb35e01a889dc5c20

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/thumbs/namecheap-pt2y1s10aqfbz0gmtafp7hpo9yjzrk7twf5qu61x7s.png HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: image/png
last-modified: Fri, 12 Aug 2022 09:53:19 GMT
accept-ranges: bytes
content-length: 3333
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/uploads/elementor/thumbs/logo-Photoshop-pt2y1jkgl83r2isx6os231uixhpouaa8v9adioegrs.png

198.187.29.109

200 OK

3.8 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/uploads/elementor/thumbs/logo-Photoshop-pt2y1jkgl83r2isx6os231uixhpouaa8v9adioegrs.png
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 140 x 36, 8-bit/color RGBA, non-interlaced\012- data
Size
3.8 kB (3768 bytes)
Hash
ae4de1fa77573dd7a2ac69896c473065
9f4a6d1b9f8658f901808ecf998eb9b11577f502
205ecd1e43eca1def39d6a6c2075646e19c7d06a1e4976805ec3bb5497b906d8

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/thumbs/logo-Photoshop-pt2y1jkgl83r2isx6os231uixhpouaa8v9adioegrs.png HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: image/png
last-modified: Fri, 12 Aug 2022 09:53:19 GMT
accept-ranges: bytes
content-length: 3768
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/uploads/elementor/thumbs/logo-HostGator-pt2y1a62ovqvuf6kpkpse47wzn00pb8xhyripwsei0.png

198.187.29.109

200 OK

4.9 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/uploads/elementor/thumbs/logo-HostGator-pt2y1a62ovqvuf6kpkpse47wzn00pb8xhyripwsei0.png
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 140 x 36, 8-bit/color RGBA, non-interlaced\012- data
Size
4.9 kB (4910 bytes)
Hash
9071bcb5a072e810ac270a86196f17fc
66c4075cae05c95075e3bf19f93082fa5646208c
6df6139a2c6985b6bb6973f99056bccf830c81d084c183b9004e277c7b9e7124

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/thumbs/logo-HostGator-pt2y1a62ovqvuf6kpkpse47wzn00pb8xhyripwsei0.png HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: image/png
last-modified: Fri, 12 Aug 2022 09:53:19 GMT
accept-ranges: bytes
content-length: 4910
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/uploads/elementor/thumbs/shopee-pt2y13l7d1hvl5g4rzveenvotxwg7fit5274cz25pk.png

198.187.29.109

200 OK

3.3 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/uploads/elementor/thumbs/shopee-pt2y13l7d1hvl5g4rzveenvotxwg7fit5274cz25pk.png
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 140 x 36, 8-bit/color RGBA, non-interlaced\012- data
Size
3.3 kB (3336 bytes)
Hash
765fdc719233f33a0cf8a98f3d99011c
c61f8531ad94e63e51a8e114e31b236a31bb26ba
933e91f9c6e053735b422e6d9b3c29480ddc4f4cf71ad4d27600854ed16297a6

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/thumbs/shopee-pt2y13l7d1hvl5g4rzveenvotxwg7fit5274cz25pk.png HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: image/png
last-modified: Fri, 12 Aug 2022 09:53:19 GMT
accept-ranges: bytes
content-length: 3336
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/uploads/elementor/thumbs/logo-WPengine-pt2y1p7hq8bh06kq9r7ti0fahsxw4gwmw17aec63qg.png

198.187.29.109

200 OK

3.3 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/uploads/elementor/thumbs/logo-WPengine-pt2y1p7hq8bh06kq9r7ti0fahsxw4gwmw17aec63qg.png
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 140 x 36, 8-bit/color RGBA, non-interlaced\012- data
Size
3.3 kB (3271 bytes)
Hash
fcef63af0518b0d13041502544a3d231
577da15dc9e891c9349f2fe06178dad290808472
748cd20d28be695bafeaae7d1eb85c1cd407e6d88c58faaddadcf3c0d583628a

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/thumbs/logo-WPengine-pt2y1p7hq8bh06kq9r7ti0fahsxw4gwmw17aec63qg.png HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: image/png
last-modified: Fri, 12 Aug 2022 09:53:19 GMT
accept-ranges: bytes
content-length: 3271
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/uploads/elementor/thumbs/Untitled-2-pt2y15gvqpkg8ddeh0onjnem0pn6mtq9tbi3bizdd4.png

198.187.29.109

200 OK

3.4 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/uploads/elementor/thumbs/Untitled-2-pt2y15gvqpkg8ddeh0onjnem0pn6mtq9tbi3bizdd4.png
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 140 x 36, 8-bit/color RGBA, non-interlaced\012- data
Size
3.4 kB (3375 bytes)
Hash
1925d84fe3988cec8251658434b22a6b
066b07e1353baab964a68744b2c89633dd7485c1
b9cbf8fbeb39bf8709c71425a83803cd0b2fa18842fce009eaa9e5171d4424e2

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/thumbs/Untitled-2-pt2y15gvqpkg8ddeh0onjnem0pn6mtq9tbi3bizdd4.png HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: image/png
last-modified: Fri, 12 Aug 2022 09:53:19 GMT
accept-ranges: bytes
content-length: 3375
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/uploads/elementor/thumbs/logo-Illustrator-pt2y1dxfg7w14v143mcao39rd6hhk3nuuhdgn0mtt4.png

198.187.29.109

200 OK

3.7 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/uploads/elementor/thumbs/logo-Illustrator-pt2y1dxfg7w14v143mcao39rd6hhk3nuuhdgn0mtt4.png
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 140 x 36, 8-bit/color RGBA, non-interlaced\012- data
Size
3.7 kB (3688 bytes)
Hash
747b717b917ab49daae2e7d54e3c7d3e
8827fb28d9254a363724c965086ca8ec14ae641a
497cb2861e9ef3a90f9fa8b2b85ee201f4ee6f9b37fa9b9cdae0fab18de5832f

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/thumbs/logo-Illustrator-pt2y1dxfg7w14v143mcao39rd6hhk3nuuhdgn0mtt4.png HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: image/png
last-modified: Fri, 12 Aug 2022 09:53:19 GMT
accept-ranges: bytes
content-length: 3688
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/cache/wpfc-minified/lx9btp4a/41kvu.css

198.187.29.109

200 OK

3.3 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/cache/wpfc-minified/lx9btp4a/41kvu.css
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (36838), with no line terminators
Size
3.3 kB (3345 bytes)
Hash
3053705e86436f1507e5f5e3d9c78611
2cfe3797cb07db8ad1584986004a59755ceef7e5
e9d21ad4e49760e27bf26891ccd4ff0acd7acb7895d7ff234d25604d99ea4e32

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/cache/wpfc-minified/lx9btp4a/41kvu.css HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: text/css
last-modified: Thu, 11 Aug 2022 14:44:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3345
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js?ver=1.0.0

198.187.29.109

200 OK

953 B

URL HTTP/2
www.glennmarkdizon.com/wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js?ver=1.0.0
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (3164), with no line terminators
Size
953 B (953 bytes)
Hash
4a7d773f90facef221a9cfa11bdb2973
5ecb3100b641b2af7f7d56533a14b23fcaf15787
0fe42ed1de09f98dd0cc32f562d016a8d9cc13fcd0a0d407a11a66714c999fca

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js?ver=1.0.0 HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: application/javascript
last-modified: Mon, 08 Aug 2022 13:57:47 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 953
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.4.2

198.187.29.109

200 OK

2.7 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.4.2
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (8185), with no line terminators
Size
2.7 kB (2731 bytes)
Hash
ba446cbbeaa0ebc4d483c0af3c8011a9
b3db5d00f7eb45930023bee244092cd0cd38c1a8
54afa453a475042c53f887f928eccc98162050432fecb325caf3df562a484a44

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.4.2 HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: application/javascript
last-modified: Tue, 22 Nov 2022 11:12:20 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2731
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/uploads/essential-addons-elementor/eael-2.js?ver=1668610908

198.187.29.109

200 OK

626 B

URL HTTP/2
www.glennmarkdizon.com/wp-content/uploads/essential-addons-elementor/eael-2.js?ver=1668610908
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (1594), with no line terminators
Size
626 B (626 bytes)
Hash
32774a9240f7180491544bc57c2c34ac
b3c625489a17de8eacdc131a0c58dd0925497edf
646361968934ca7f7459cf22d81bc56f40e446376c49a94bbf22f4691aee7ed1

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/essential-addons-elementor/eael-2.js?ver=1668610908 HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: application/javascript
last-modified: Thu, 11 Aug 2022 21:15:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 626
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1

198.187.29.109

200 OK

6.9 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (25115)
Size
6.9 kB (6935 bytes)
Hash
e8d8c6e4997a420abc51e5fa8c1caa8b
39ae930f057de725cff8549eed82f31f8d0816c1
730b8265b47a7f9bf014b64fb5c27f9f1cff1051dbf53e60ceb3cc16def732cc

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1 HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: application/javascript
last-modified: Wed, 16 Nov 2022 06:34:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6935
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4

198.187.29.109

200 OK

1.7 kB

URL HTTP/2
www.glennmarkdizon.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (5477)
Size
1.7 kB (1733 bytes)
Hash
fa921f07ecc438baf227765de450e215
1fdd49d8bb681cb118ea8d67d4fc61b0ad46cc95
b2cc68637048b04952a2f33163f64571145dbe0817a14c68fe6f1661bd81091f

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: application/javascript
last-modified: Sun, 14 Jun 2020 04:23:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1733
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.8.1

198.187.29.109

200 OK

2.2 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.8.1
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (5191)
Size
2.2 kB (2208 bytes)
Hash
e4998c3ccd0be231c124cc8b901c9fb3
48f7574440965c442de02067c8a830fd2ce88533
d7cb3803938f026316dd1ac3056c785c9a56148783a8d8180c1aa0bb0a5e7961

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.8.1 HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: application/javascript
last-modified: Wed, 16 Nov 2022 06:34:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2208
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1

198.187.29.109

200 OK

2.3 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (4918)
Size
2.3 kB (2274 bytes)
Hash
42c158f69cb0e3a2a07a7e4aa108138d
a0887957851c1fb2a575429361e17a75d28f3f70
c97662942502af783f14fca6970a683f62d7d10f112e867c52f34d9b6a272d07

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1 HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: application/javascript
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 2274
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1

198.187.29.109

200 OK

10 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (32907)
Size
10 kB (10425 bytes)
Hash
72fd7d7a61961996172a081cb3eed6cb
7f6d4dc14ef08153606c57d374fd50b685ba383d
757fe1355fa4c3eed3c286520c6af9d344ab9d15a78d8d54a17e7573f866b9be

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1 HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: application/javascript
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10425
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:59:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:59:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:59:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.glennmarkdizon.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:08 GMT
expires: Thu, 23 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 87897
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:59:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/rubik/v21/iJWEBXyIfDnIV7nEnX661A.woff2

216.58.207.195

200 OK

34 kB

URL HTTP/2
fonts.gstatic.com/s/rubik/v21/iJWEBXyIfDnIV7nEnX661A.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 34500, version 1.0\012- data
Size
34 kB (34500 bytes)
Hash
faff0ee016116a366390902ac4445672
f0392ff9fc0b9fd3169662810504bb0108857e4a
7537368c23adecd664ec589e81d5279bbc5ff02c09d52247daf460e2046c4cdc

HTTP Headers

GET /s/rubik/v21/iJWEBXyIfDnIV7nEnX661A.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.glennmarkdizon.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 34500
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 03:40:18 GMT
expires: Wed, 22 Nov 2023 03:40:18 GMT
cache-control: public, max-age=31536000
age: 231527
last-modified: Mon, 18 Jul 2022 19:24:57 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2

216.58.207.195

200 OK

17 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 17368, version 1.0\012- data
Size
17 kB (17368 bytes)
Hash
abe083d96b58eb02ada8b7c30d7b09f2
61447d66d13a8c8f4335696777a85c438c46f749
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9

HTTP Headers

GET /s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.glennmarkdizon.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:56:18 GMT
expires: Thu, 23 Nov 2023 18:56:18 GMT
cache-control: public, max-age=31536000
age: 90167
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/teko/v15/LYjCdG7kmE0gdRhYsCRgqA.woff2

216.58.207.195

200 OK

13 kB

URL HTTP/2
fonts.gstatic.com/s/teko/v15/LYjCdG7kmE0gdRhYsCRgqA.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 12908, version 1.0\012- data
Size
13 kB (12908 bytes)
Hash
16665b9f4631861e47e30e227eea4da4
bf293bdca2aea57481dd3055cbfc8ae63e132302
3ac7f47be06ed56cebf7d19f23386fa58144a3fec5dfb68a82edcecc20df444a

HTTP Headers

GET /s/teko/v15/LYjCdG7kmE0gdRhYsCRgqA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.glennmarkdizon.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 20:06:17 GMT
expires: Tue, 21 Nov 2023 20:06:17 GMT
cache-control: public, max-age=31536000
age: 258768
last-modified: Wed, 27 Apr 2022 16:11:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/teko/v15/LYjCdG7kmE0gdVBesCRgqA.woff2

216.58.207.195

200 OK

13 kB

URL HTTP/2
fonts.gstatic.com/s/teko/v15/LYjCdG7kmE0gdVBesCRgqA.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 13196, version 1.0\012- data
Size
13 kB (13196 bytes)
Hash
5b9fce771bd530ab9767e2b5aebd28c1
28ee5935b59df8b2d6876707e1f0f0e6768d2d31
a3bf77e9dea5a047c348fa98ccbeb5d5e07de3541ce0a2dfb243690da964804c

HTTP Headers

GET /s/teko/v15/LYjCdG7kmE0gdVBesCRgqA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.glennmarkdizon.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13196
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 18 Nov 2022 23:39:55 GMT
expires: Sat, 18 Nov 2023 23:39:55 GMT
cache-control: public, max-age=31536000
age: 505150
last-modified: Wed, 27 Apr 2022 16:17:49 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2

216.58.207.195

200 OK

13 kB

URL HTTP/2
fonts.gstatic.com/s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 13324, version 1.0\012- data
Size
13 kB (13324 bytes)
Hash
b4082c888eefa2dca3fe2c9d46a87180
05aeb6c58175f659fe59eaca5a9d3735dd0530e3
352ad1513eeaeec51060f01d5bed32345862ec4d9c0802b81e0a47885951e4b6

HTTP Headers

GET /s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.glennmarkdizon.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13324
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 21:50:27 GMT
expires: Thu, 23 Nov 2023 21:50:27 GMT
cache-control: public, max-age=31536000
age: 79718
last-modified: Wed, 27 Apr 2022 17:05:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/teko/v15/LYjCdG7kmE0gdQhfsCRgqA.woff2

216.58.207.195

200 OK

13 kB

URL HTTP/2
fonts.gstatic.com/s/teko/v15/LYjCdG7kmE0gdQhfsCRgqA.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 12920, version 1.0\012- data
Size
13 kB (12920 bytes)
Hash
4e9bb95d9d1d1977ad49de19cc440798
f329c5954156fda7ad91aca3f7176825e1deeaa7
7ca4f53e3c51595a3147ed5b6c325af58291810132602f0b2bc9305faeea770b

HTTP Headers

GET /s/teko/v15/LYjCdG7kmE0gdQhfsCRgqA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.glennmarkdizon.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 23:59:27 GMT
expires: Thu, 23 Nov 2023 23:59:27 GMT
cache-control: public, max-age=31536000
age: 71978
last-modified: Wed, 27 Apr 2022 16:12:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2

216.58.207.195

200 OK

34 kB

URL HTTP/2
fonts.gstatic.com/s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 33580, version 1.0\012- data
Size
34 kB (33580 bytes)
Hash
848cd2ecd011428969dc6b90431bc482
6b1a7b562a56bd54510e0f6f95e26babca331a1b
981307dcbbd348f6fb4e3eab184077392f9ee15097ea868f630debefad9044e9

HTTP Headers

GET /s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.glennmarkdizon.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Nov 2022 21:38:57 GMT
expires: Fri, 17 Nov 2023 21:38:57 GMT
cache-control: public, max-age=31536000
age: 598808
last-modified: Mon, 18 Jul 2022 19:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:59:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.glennmarkdizon.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9

198.187.29.109

200 OK

2.4 kB

URL HTTP/2
www.glennmarkdizon.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (6475), with no line terminators
Size
2.4 kB (2354 bytes)
Hash
4e773d7cec56bacab6d2db420be6f262
c95573d884c1caec0ec9c6f3e2a8c0fbf28d939a
5c8839d0b02f21e8d83d856bbf85a6b87fbedf9ba0b70711b11a1c378d5443e7

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: application/javascript
last-modified: Mon, 11 Apr 2022 21:34:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2354
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/cache/wpfc-minified/6jw9eva4/41kvu.css

198.187.29.109

200 OK

876 B

URL HTTP/2
www.glennmarkdizon.com/wp-content/cache/wpfc-minified/6jw9eva4/41kvu.css
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (11736), with no line terminators
Size
876 B (876 bytes)
Hash
75770153fafe35685a4fd3af6fc83d2d
77bfd1b39a070d3dabfa7d0994e737638871f540
2b85df6dfce745a3560d171f592e0264c9d3d9ac67e28d45da8b3a17f7fdbb17

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/cache/wpfc-minified/6jw9eva4/41kvu.css HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: text/css
last-modified: Thu, 11 Aug 2022 14:44:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 876
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/cache/wpfc-minified/fptr1xbo/41kvu.css

198.187.29.109

200 OK

2.4 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/cache/wpfc-minified/fptr1xbo/41kvu.css
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (10019)
Size
2.4 kB (2442 bytes)
Hash
d2db71c82a8f672aea59a3e050cd8cd7
af626566f94b3164e4310288cfb142431e8349a6
bcd2c9c2ba22a48a8fabf9fbe5e947deb6404367e4be24f48326e302aead1180

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/cache/wpfc-minified/fptr1xbo/41kvu.css HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: text/css
last-modified: Thu, 11 Aug 2022 14:44:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2442
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

198.187.29.109

200 OK

6.3 kB

URL HTTP/2
www.glennmarkdizon.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (17819), with no line terminators
Size
6.3 kB (6335 bytes)
Hash
fecbc00e8af71d8cfb678cd811c7cb2e
44e5dd77f62cb5c67271442b75cdff10d45f2f8d
d6f03fb4728d0c23251451df8d66b5107d3c87458dc624aacfbad437e99d01f1

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 03:43:21 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6335
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5

198.187.29.109

200 OK

1.6 kB

URL HTTP/2
www.glennmarkdizon.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (4875)
Size
1.6 kB (1575 bytes)
Hash
06a8ac0e71976bc143cfa7861a31169d
def6031fe13259bf17752661832d815e37068bf2
e6f42d97e7299522bbb002364128fdf72cd22263ca72c5edc41dcd8f4672cd33

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5 HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: application/javascript
last-modified: Mon, 11 Apr 2022 21:34:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1575
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae

198.187.29.109

200 OK

3.7 kB

URL HTTP/2
www.glennmarkdizon.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
data
Size
3.7 kB (3717 bytes)
Hash
f7acc55c5b34188d3e66c5f2ecf3ba80
802270f7a221e406af63d622d364b119d912c15b
826c4e13764f5bf1bd0a17f2e693d943f8605df1024815f67f43694f4338b713

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 03:43:21 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3717
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.8.1

198.187.29.109

200 OK

5.5 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.8.1
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (21520)
Size
5.5 kB (5541 bytes)
Hash
f0e84537d354c9d7fb417acba75f1653
951a99450e68b70dd4fe96d2e9d78bac403c300e
5583cd2973b67e37163e8bbc5c83e3d0f5b73e0457ec7b3d0d1748b6ea6e5d3a

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.8.1 HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: application/javascript
last-modified: Wed, 16 Nov 2022 06:34:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5541
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2

198.187.29.109

200 OK

2.9 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (12198), with no line terminators
Size
2.9 kB (2867 bytes)
Hash
869caa171b68cbec9fee5abbfb944ee8
f237e485e41f88b77384cfdb880f9d5a8f46eac8
25c2896e2790fb0e52f6b6ba1ce97bd87eb40463b4bb65ba16ad434c1d7a36dc

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: application/javascript
last-modified: Wed, 11 Jan 2017 21:35:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2867
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2

198.187.29.109

200 OK

6.8 kB

URL HTTP/2
www.glennmarkdizon.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (8189)
Size
6.8 kB (6800 bytes)
Hash
3d0ff0f6731d9cef860af9a5a0e3ce62
13aed444304d782039e261475c8b4450b83e743e
e8d05db77732c71843ced6f386ea82eb32243ac36e7ca3e071cb7f53e2ffbce5

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 03:43:20 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6800
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1

198.187.29.109

200 OK

14 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (40474)
Size
14 kB (14013 bytes)
Hash
80ea5e6364819060d3ff0eb352c659b7
f0be9c1c7847452e72308179235c6174c996233b
adb011166bf2c942b960995ea4fc1c74a7981c5d025164ee8935db98ddb07b19

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1 HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: application/javascript
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 14013
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.8.1

198.187.29.109

200 OK

6.4 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.8.1
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (24753)
Size
6.4 kB (6449 bytes)
Hash
d96ee6f32f0e67ba70c27a29700c0115
587a4e1c432a35a9c53ba3380b8aa204a176fbd4
86e714e095b0a12d1cbcf4f7bfade2978db9e3010821400709ec154ba343aede

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.8.1 HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: application/javascript
last-modified: Wed, 16 Nov 2022 06:34:13 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 6449
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.8.1

198.187.29.109

200 OK

1.4 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.8.1
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (3720)
Size
1.4 kB (1442 bytes)
Hash
28591e063f51afa032f2605cfb94e626
abdf45f59842867e3e07a79b902b59b53cdb02c7
a9801cf7c307371a05e3353dcf3da66ae32588136a92732a88d0745b8e08d100

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.8.1 HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: application/javascript
last-modified: Wed, 16 Nov 2022 06:34:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1442
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/uploads/2022/08/glow.jpg

198.187.29.109

200 OK

153 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/uploads/2022/08/glow.jpg
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, progressive, precision 8, 600x1765, components 3\012- data
Size
153 kB (153099 bytes)
Hash
c209af520cd47ed4f20470621981b2e4
0a02fc1ebdaefdde41c2c7ffadf5202a64252900
27c9a0749205167838c52ff9de0422fc39698683af1c72875f1ebf2c2772e871

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/08/glow.jpg HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: image/jpeg
last-modified: Thu, 11 Aug 2022 00:58:48 GMT
accept-ranges: bytes
content-length: 153099
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/uploads/2022/08/go.jpg

198.187.29.109

200 OK

185 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/uploads/2022/08/go.jpg
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, progressive, precision 8, 600x1897, components 3\012- data
Size
185 kB (185417 bytes)
Hash
b84f3f0c427735cba8b8a0fe78557a7b
2766dd223c34865ea7696b6d24c5a78f948182c9
017a5a0a0f0343549f728d37b827f94748feaeceddfcf97746b9fdfbd4f1af56

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/08/go.jpg HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: image/jpeg
last-modified: Fri, 12 Aug 2022 09:32:32 GMT
accept-ranges: bytes
content-length: 185417
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/uploads/2022/08/bg.webp

198.187.29.109

200 OK

50 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/uploads/2022/08/bg.webp
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
50 kB (50346 bytes)
Hash
9fcf1463c71292f02f3c204f637e05b1
e8399d14c60f329c97c0cc2700a9d545aac4bf51
eb385a1d07c938205381ddba2642b44b06c1089e5478ff9c8106d6e61281457a

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/08/bg.webp HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/wp-content/uploads/elementor/css/post-2.css?ver=1668582133
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: image/webp
last-modified: Wed, 10 Aug 2022 21:49:14 GMT
accept-ranges: bytes
content-length: 50346
date: Thu, 24 Nov 2022 19:59:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/uploads/2022/08/dmp.jpg

198.187.29.109

200 OK

238 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/uploads/2022/08/dmp.jpg
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, progressive, precision 8, 600x1853, components 3\012- data
Size
238 kB (238029 bytes)
Hash
5c3e5995264dcff7048d5172bc8d6fca
9be54a3966d9e986fbda64ff9dd4b41c983afcc7
40bc3f4431bf873d953b805d84d15db8187f6a96b2b0bcb12709346868beae71

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/08/dmp.jpg HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: image/jpeg
last-modified: Thu, 11 Aug 2022 00:58:37 GMT
accept-ranges: bytes
content-length: 238029
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/uploads/2022/08/web-design.png

198.187.29.109

200 OK

17 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/uploads/2022/08/web-design.png
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 256 x 256, 16-bit/color RGBA, non-interlaced\012- data
Size
17 kB (17423 bytes)
Hash
3e3db35e684d78168abce6cb1524b3b3
9c0afc30bdf6f5e31ec1bee7727ba228795d8681
0d6efa5c1b5bb5c2047bb05d6978e1310e14edc330da92a3bcab0af93ffd47c4

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/08/web-design.png HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: image/png
last-modified: Wed, 10 Aug 2022 18:10:51 GMT
accept-ranges: bytes
content-length: 17423
date: Thu, 24 Nov 2022 19:59:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/uploads/2022/08/Industry-Bold.woff

198.187.29.109

200 OK

22 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/uploads/2022/08/Industry-Bold.woff
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format, TrueType, length 21988, version 0.0\012- data
Size
22 kB (21988 bytes)
Hash
7625d0cbac06b1c7f639d3e5b19dbd2e
222614bc82fff15ecdc843927e0707d97eb7261e
3a9054fdd24aea91754ac01e4ca2bab64622c02900c4dec131be8789aedbf367

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/08/Industry-Bold.woff HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://www.glennmarkdizon.com/wp-content/uploads/elementor/css/post-31.css?ver=1668580952
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: max-age=A10368000, public
content-type: font/woff
last-modified: Wed, 10 Aug 2022 14:47:54 GMT
accept-ranges: bytes
content-length: 21988
date: Thu, 24 Nov 2022 19:59:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
e82bac439b4e05b63bd8049769218cb8
fe8c2994c00b1d8c6212d9a7006ff58498375575
5b905305e33eb7e21beb21216242ed0af8a4288b3a36c6aa278755244e57c373

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5519
Cache-Control: max-age=111138
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:59:07 GMT
Etag: "637ec69e-1d7"
Expires: Sat, 26 Nov 2022 02:51:25 GMT
Last-Modified: Thu, 24 Nov 2022 01:19:26 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

www.glennmarkdizon.com/wp-content/uploads/2022/08/ui.png

198.187.29.109

200 OK

27 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/uploads/2022/08/ui.png
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 256 x 256, 16-bit/color RGBA, non-interlaced\012- data
Size
27 kB (27319 bytes)
Hash
a1775be50c6146a33e111eb99e4c0748
a87376ac5da476b9107e35160651efaa4f97a646
6289975037106e189a89cafeff127d0cfdb34db504df3d16bba0c35a6bbcac0d

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/08/ui.png HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: image/png
last-modified: Wed, 10 Aug 2022 18:10:50 GMT
accept-ranges: bytes
content-length: 27319
date: Thu, 24 Nov 2022 19:59:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/uploads/2022/08/2.jpg

198.187.29.109

200 OK

213 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/uploads/2022/08/2.jpg
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1894x972, components 3\012- data
Size
213 kB (213053 bytes)
Hash
217c9ab0419a92e5faca541e47d46596
c64ada491942b98c079a1a488e805f93b1ae503d
74fd72bcd233e7ccb122f9b4b8cff9b90cc7c9c44a3d1ac22e99fc8a0c0a26eb

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/08/2.jpg HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: image/jpeg
last-modified: Thu, 11 Aug 2022 00:14:37 GMT
accept-ranges: bytes
content-length: 213053
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

assets.calendly.com/assets/booking/js/locales/en-5ce89ddb.chunk.js

172.66.43.26

200 OK

9.0 kB

URL HTTP/2
assets.calendly.com/assets/booking/js/locales/en-5ce89ddb.chunk.js
IP
172.66.43.26:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (25489), with no line terminators
Size
9.0 kB (9038 bytes)
Hash
35b3bf3e63c7324c2d2267fa3745b993
da0386c29eb21020fa5574ccdbf7c3e53ca0a271
9f61ed30601ef521806c5fa50e186a798631ab1ce258016ff49425903d155f85

HTTP Headers

GET /assets/booking/js/locales/en-5ce89ddb.chunk.js HTTP/1.1
Host: assets.calendly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Cookie: __cf_bm=37hwnrPCUu_OBWTr3Teh2yzEu8KSP5HTYXLCq54PPXU-1669319944-0-AVS0QNd/eSpmx5A+DOin9r5niJlyQXxy/jT41UvwvEDEz/4MXl3/68t0rAhxjDjncM6bd/CD5uWVKf+L6/ifMII=; __cfruid=690fc1972f5ae59fbd36ba522948ffd4515b8537-1669319946
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Thu, 24 Nov 2022 19:59:07 GMT
content-type: application/javascript
cf-ray: 76f4b926ff2bb529-OSL
age: 284553
cache-control: public, max-age=31536000
etag: W/"5777d56f8757afb041bd71777ba2c269"
expires: Fri, 25 Nov 2022 19:59:07 GMT
last-modified: Mon, 21 Nov 2022 12:51:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
cf-bgj: minify
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/js/nav-menu.3de49ba5ef86f9a22ff5.bundle.min.js

198.187.29.109

200 OK

1.2 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/js/nav-menu.3de49ba5ef86f9a22ff5.bundle.min.js
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (3262)
Size
1.2 kB (1172 bytes)
Hash
1f95630d4f2fb8bf9de5439bbcbd90e7
b54331bd36ece8ecce75a79317cf580ec4db55c8
956f6c7592a93b3b069f9a1958cb992ff789a6e9c40aae30f68e0a858d9dd02a

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor-pro/assets/js/nav-menu.3de49ba5ef86f9a22ff5.bundle.min.js HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: application/javascript
last-modified: Wed, 16 Nov 2022 06:34:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1172
date: Thu, 24 Nov 2022 19:59:06 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/js/animated-headline.ffb4bb4ce1b16b11446d.bundle.min.js

198.187.29.109

200 OK

2.6 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/js/animated-headline.ffb4bb4ce1b16b11446d.bundle.min.js
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (7828)
Size
2.6 kB (2613 bytes)
Hash
84d2b938cc5d8f6afe1819a456eca7cf
19c881484ea45407eed28135f284448d1ae26388
c6eece1ddff8d9c24132eba8970829a3b029777806da856193b11639f9229bce

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor-pro/assets/js/animated-headline.ffb4bb4ce1b16b11446d.bundle.min.js HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: application/javascript
last-modified: Wed, 16 Nov 2022 06:34:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2613
date: Thu, 24 Nov 2022 19:59:06 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js

198.187.29.109

200 OK

599 B

URL HTTP/2
www.glennmarkdizon.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (1320)
Size
599 B (599 bytes)
Hash
b59e163b50b8e62a7e08b4ce88241b48
4f45b1e9e0270133c35c43a1a33d5b2d292b8693
73ba293d6c6c5c89f37eb310eead199d2a7268ada96c881f41ec8ca5b7f693bb

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: application/javascript
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 599
date: Thu, 24 Nov 2022 19:59:06 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/plugins/elementor/assets/js/image-carousel.e02695895b33b77d89de.bundle.min.js

198.187.29.109

200 OK

1.1 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/plugins/elementor/assets/js/image-carousel.e02695895b33b77d89de.bundle.min.js
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (2738)
Size
1.1 kB (1106 bytes)
Hash
342e83f267626b6f21cf7991fec9cf80
c05d9303d2d4e452fbbea9b3f9f95971619e81ce
83ccf5a8047707030e4ee4d08611ec393a84a8ff9ebc24e1798e54716af23076

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/image-carousel.e02695895b33b77d89de.bundle.min.js HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: application/javascript
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1106
date: Thu, 24 Nov 2022 19:59:06 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/uploads/2022/08/gmd-logo-with-white.png

198.187.29.109

200 OK

56 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/uploads/2022/08/gmd-logo-with-white.png
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 494 x 348, 8-bit/color RGBA, non-interlaced\012- data
Size
56 kB (55618 bytes)
Hash
a44ca03f27dda10a0eece2ccb8bfe4db
2da349e8768d68b51ecdfa95cc671a7468edbc7f
8c949245ee63715a22e03bade20eefabafb3ee3712b16994bcecb6ba54d767f5

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/08/gmd-logo-with-white.png HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: image/png
last-modified: Wed, 10 Aug 2022 16:02:04 GMT
accept-ranges: bytes
content-length: 55618
date: Thu, 24 Nov 2022 19:59:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2

198.187.29.109

200 OK

77 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format (Version 2), TrueType, length 76764, version 331.-31261\012- data
Size
77 kB (76764 bytes)
Hash
f7307680c7fe85959f3ecf122493ea7d
fce0da592a3e536d6d5df5b50cb513398d8c5161
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://www.glennmarkdizon.com/wp-content/cache/wpfc-minified/ehs6yavo/41kvu.css
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: application/font-woff2
last-modified: Thu, 17 Jun 2021 14:07:24 GMT
accept-ranges: bytes
content-length: 76764
date: Thu, 24 Nov 2022 19:59:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/uploads/2022/08/kelly.jpg

198.187.29.109

200 OK

235 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/uploads/2022/08/kelly.jpg
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, progressive, precision 8, 600x1868, components 3\012- data
Size
235 kB (235216 bytes)
Hash
cef725b86a14fea4b1e869390979a3c7
37088d3800f3141fd86ee1ff3b7ab091532dcb7e
da8115dd5f79ca2bac681b421296720cb16aac71f7e3ed41b92b3c6f6a1dbb0e

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/08/kelly.jpg HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: image/jpeg
last-modified: Thu, 11 Aug 2022 00:58:13 GMT
accept-ranges: bytes
content-length: 235216
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.16.0

198.187.29.109

200 OK

93 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.16.0
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format (Version 2), TrueType, length 93372, version 1.0\012- data
Size
93 kB (93372 bytes)
Hash
aab0bb3379e0eb7ebc26071db61fbd57
711c8d350c4192c2f1aa7f73551445b89fb4b161
691fa7d17effc7d303eda0ad7e4a1d91b2f375506cfc8a774480cc2b55f156ea

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.16.0 HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://www.glennmarkdizon.com/wp-content/cache/wpfc-minified/2qbsyya5/ab39e.css
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: application/font-woff2
last-modified: Mon, 01 Aug 2022 04:11:38 GMT
accept-ranges: bytes
content-length: 93372
date: Thu, 24 Nov 2022 19:59:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2

198.187.29.109

200 OK

78 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Size
78 kB (78196 bytes)
Hash
e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://www.glennmarkdizon.com/wp-content/cache/wpfc-minified/ehs6yavo/41kvu.css
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: application/font-woff2
last-modified: Thu, 17 Jun 2021 14:07:24 GMT
accept-ranges: bytes
content-length: 78196
date: Thu, 24 Nov 2022 19:59:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/uploads/2022/08/sty.jpg

198.187.29.109

200 OK

277 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/uploads/2022/08/sty.jpg
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, progressive, precision 8, 600x2179, components 3\012- data
Size
277 kB (276920 bytes)
Hash
bd8118714e71b5e819e9db8402ad52d4
9d80dd44e264059d6e79d6f5635f2a66d2b8a6aa
3be8eb8965b5c3e6207819066e7efc15357a2fad5d1d700c0732dd7506db0681

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/08/sty.jpg HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: image/jpeg
last-modified: Fri, 12 Aug 2022 09:32:35 GMT
accept-ranges: bytes
content-length: 276920
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/js/carousel.9b02b45d7826c1c48f33.bundle.min.js

198.187.29.109

200 OK

1.6 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/js/carousel.9b02b45d7826c1c48f33.bundle.min.js
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (4970)
Size
1.6 kB (1593 bytes)
Hash
97e2cedd69ff056c2bf91d5a9d73021a
b1e0fde13d2eb1fa820481cdc33ce04d25798212
077370b64847099a0ed7ea5c82e7f4f55291d360451210877a2374fe26e16f25

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor-pro/assets/js/carousel.9b02b45d7826c1c48f33.bundle.min.js HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: application/javascript
last-modified: Wed, 16 Nov 2022 06:34:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1593
date: Thu, 24 Nov 2022 19:59:06 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/uploads/2022/08/dark-grey-black-slate-texture-with-high-resolution-background-natural-black-stone-wall-e1622754926233.jpg

198.187.29.109

200 OK

168 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/uploads/2022/08/dark-grey-black-slate-texture-with-high-resolution-background-natural-black-stone-wall-e1622754926233.jpg
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, baseline, precision 8, 1300x866, components 3\012- data
Size
168 kB (167936 bytes)
Hash
d78b950a8091a65a540d3461b42dbebc
b8af228b22ebc617c4d3fface4758f408f0644d1
5d88015b2627fadb11ab53779cf0c45b79ae90ccc169dfa01927ce8b23b718de

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/08/dark-grey-black-slate-texture-with-high-resolution-background-natural-black-stone-wall-e1622754926233.jpg HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/wp-content/uploads/elementor/css/post-2.css?ver=1668582133
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: image/jpeg
last-modified: Wed, 10 Aug 2022 17:14:45 GMT
accept-ranges: bytes
content-length: 167936
date: Thu, 24 Nov 2022 19:59:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

cdn.cookielaw.org/scripttemplates/otSDKStub.js

104.16.148.64

200 OK

7.2 kB

URL HTTP/2
cdn.cookielaw.org/scripttemplates/otSDKStub.js
IP
104.16.148.64:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (21747)
Size
7.2 kB (7151 bytes)
Hash
7b4564ae957eef3a8302343f44c5cfb3
296c38b2ae23a31d80201b32a38c02e75de27c91
15155c8652fe9654c2d2813743ae09ff93a469d790d3424a6b090f876b3d9bb2

HTTP Headers

GET /scripttemplates/otSDKStub.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 24 Nov 2022 19:59:07 GMT
content-type: application/javascript
content-length: 7151
content-encoding: gzip
content-md5: e0VkrpV+7zqDAjQ/RMXPsw==
last-modified: Tue, 22 Nov 2022 16:39:23 GMT
etag: 0x8DACCA81CF94662
x-ms-request-id: 612b53d7-501e-0067-08d0-fe6b41000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 65382
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76f4b9295ba2b50f-OSL
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b9d9f8ed6c8abffda48365f6bc32b84b
33ad802992d04ae77047e05a68120cb4e42a00e6
7009ce6ea1f0023531d8fd70bcf73a0091b663ad7b0f5a9d1785a0f1d2334583

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:59:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.segment.io/analytics.js/v1/rfvnxd6wnn/analytics.min.js

54.230.111.79

200 OK

27 kB

URL HTTP/1.1
cdn.segment.io/analytics.js/v1/rfvnxd6wnn/analytics.min.js
IP
54.230.111.79:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (65536), with no line terminators
Size
27 kB (27200 bytes)
Hash
ee95babc0355098f897fa1f255f8f792
8465690a970b1c8b2633ae047a981fcf81b39412
395c44a432d4d983f5731e2905f503a2020742a43e52b41b23c6e7afb6d6d85b

HTTP Headers

GET /analytics.js/v1/rfvnxd6wnn/analytics.min.js HTTP/1.1
Host: cdn.segment.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Max-Age: 3000
x-amz-replication-status: COMPLETED
Last-Modified: Wed, 23 Nov 2022 02:37:15 GMT
x-amz-version-id: mRFzy5lg.Mdn5xPxPbasxX8N.ivxAIuX
Server: AmazonS3
Content-Encoding: br
Date: Thu, 24 Nov 2022 19:59:07 GMT
Cache-Control: public, max-age=120
ETag: W/"bcf6e40a47c7245c7cc594ffdfdc8766"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: b_yWOaehf0gy552G933wy3Jb5jf9X_mOBeVbEmMeCTTjShHTrbXDTA==
Age: 21

www.recaptcha.net/recaptcha/enterprise.js?render=6LeAb4QUAAAAAOM9CNYSsvbnzWTByRAgm3GA5D4n

142.250.74.131

200 OK

616 B

URL HTTP/2
www.recaptcha.net/recaptcha/enterprise.js?render=6LeAb4QUAAAAAOM9CNYSsvbnzWTByRAgm3GA5D4n
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (977), with no line terminators
Size
616 B (616 bytes)
Hash
b3263bd0dc85f12157aaa26f96a859c0
df6b8b8e21bd4710f71745807022ae385d2357b3
f0d7a906206e04ab3457a2196be1a25cb72af9b86c622deacda44aed925e5276

HTTP Headers

GET /recaptcha/enterprise.js?render=6LeAb4QUAAAAAOM9CNYSsvbnzWTByRAgm3GA5D4n HTTP/1.1
Host: www.recaptcha.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
expires: Thu, 24 Nov 2022 19:59:07 GMT
date: Thu, 24 Nov 2022 19:59:07 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 616
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/uploads/2022/08/816.jpg

198.187.29.109

200 OK

327 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/uploads/2022/08/816.jpg
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, progressive, precision 8, 600x1999, components 3\012- data
Size
327 kB (326832 bytes)
Hash
bdaf57ace22465a60f4ac5b067a3f6ca
86da152b1666f57603b5f4abce7aa11c064becd1
23272d33b7ddbe3c034fdad9c19c764d3ab4982bdc4fc4fc0f1ae04253faaec8

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/08/816.jpg HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: image/jpeg
last-modified: Thu, 11 Aug 2022 00:58:34 GMT
accept-ranges: bytes
content-length: 326832
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/uploads/2022/08/miss.jpg

198.187.29.109

200 OK

398 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/uploads/2022/08/miss.jpg
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, progressive, precision 8, 600x2402, components 3\012- data
Size
398 kB (397753 bytes)
Hash
6118a0498f8a6aeae35b09a7f0619b8c
79f02403e76a0e7b36d25732a8f521f8f6bc10a9
a89aaabde960baae6b75f7181175097172821aa0909e09583775b3b0bff3c60a

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/08/miss.jpg HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: image/jpeg
last-modified: Thu, 11 Aug 2022 00:58:25 GMT
accept-ranges: bytes
content-length: 397753
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b9d9f8ed6c8abffda48365f6bc32b84b
33ad802992d04ae77047e05a68120cb4e42a00e6
7009ce6ea1f0023531d8fd70bcf73a0091b663ad7b0f5a9d1785a0f1d2334583

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:59:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

js.stripe.com/v3

143.204.55.68

200 OK

100 kB

URL HTTP/2
js.stripe.com/v3
IP
143.204.55.68:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (65536), with no line terminators
Size
100 kB (100111 bytes)
Hash
f26b30a01526e9ff2d25b75998afc060
03a25b8b2516b7b0cd176443c02a707928c2f169
584f44062fc51e5e462ff4f0f63955a72cd97420d7f97d0612a8715e2fcde9e0

HTTP Headers

GET /v3 HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
last-modified: Tue, 22 Nov 2022 04:35:52 GMT
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-encoding: br
date: Thu, 24 Nov 2022 19:59:08 GMT
cache-control: max-age=60
etag: W/"0811280c436e51c657484d591864732e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: X9ewMyJEgwPHCRxUyB_fAI_znXgHIju-pS2DwAQIV37U09NSJIRymA==
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
64bacbb678651eb2188087ef97a8d3ba
b60612b4347f06f6252787c9818d0abf23142a8c
52da706502df2f837bf52848fe06737bb2c3d2bfd5f099650a6c7491164c5b2d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6268
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:59:08 GMT
Last-Modified: Thu, 24 Nov 2022 18:14:40 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 278

geolocation.onetrust.com/cookieconsentpub/v1/geo/location

104.18.27.85

200 OK

87 kB

URL HTTP/2
geolocation.onetrust.com/cookieconsentpub/v1/geo/location
IP
104.18.27.85:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (65383)
Size
87 kB (87203 bytes)
Hash
1261714cb9b0baf8f8b2d836fa0e8f16
b6ed581ab182395b3e97fb3b3a3fe3500cc4073a
e54bf5a9997c2d8d029df7967f99df7d85cbbe069b76e590f8e42bde6bfa0fb4

HTTP Headers

GET /cookieconsentpub/v1/geo/location HTTP/1.1
Host: geolocation.onetrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Origin: https://calendly.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 24 Nov 2022 19:59:08 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 76f4b92b2a861c0e-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.cookielaw.org/consent/a838c8e4-e3ce-442e-8f96-c88d0af98990/5951f320-20c6-4a8b-af0f-fd8407279735/en.json

104.16.148.64

200 OK

21 kB

URL HTTP/2
cdn.cookielaw.org/consent/a838c8e4-e3ce-442e-8f96-c88d0af98990/5951f320-20c6-4a8b-af0f-fd8407279735/en.json
IP
104.16.148.64:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- HTML document, Unicode text, UTF-8 text, with very long lines (65528), with no line terminators
Size
21 kB (20906 bytes)
Hash
53c569621461f0386d693c493281e2a1
5c689aca672259108d4e6d3346973f229f308f38
99e7bf0855166fa1881fee477c05906fe832677584a62507e57d7a774f76fe4b

HTTP Headers

GET /consent/a838c8e4-e3ce-442e-8f96-c88d0af98990/5951f320-20c6-4a8b-af0f-fd8407279735/en.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Origin: https://calendly.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 24 Nov 2022 19:59:08 GMT
content-type: application/x-javascript
content-length: 20906
cache-control: public, max-age=86400
content-encoding: gzip
content-md5: U8VpYhRh8DhtaTxJMoHioQ==
last-modified: Fri, 23 Sep 2022 14:23:26 GMT
etag: 0x8DA9D6F2E2A99CC
x-ms-request-id: 1008f8a9-201e-0128-685f-cfe90c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 76357
expires: Fri, 25 Nov 2022 19:59:08 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76f4b92bfb76b511-OSL
X-Firefox-Spdy: h2

cdn.cookielaw.org/scripttemplates/6.35.0/assets/otFlat.json

104.16.148.64

200 OK

3.0 kB

URL HTTP/2
cdn.cookielaw.org/scripttemplates/6.35.0/assets/otFlat.json
IP
104.16.148.64:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (10856)
Size
3.0 kB (2959 bytes)
Hash
cc948eb637569cf77ed166fd88c3725f
1f4a0b0572bec956b6cf690649a2d02b84bb57e2
33dfefa3180070c5a5006930180d07fd4248aa69b6b82d81e246db42ce82bb26

HTTP Headers

GET /scripttemplates/6.35.0/assets/otFlat.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Origin: https://calendly.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 24 Nov 2022 19:59:08 GMT
content-type: application/json
content-length: 2959
content-encoding: gzip
content-md5: zJSOtjdWnPd+0Wb9iMNyXw==
last-modified: Mon, 06 Jun 2022 06:20:56 GMT
etag: 0x8DA4784B7908BBB
x-ms-request-id: 76124876-a01e-0176-5b81-791a0f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 76357
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76f4b92c4c4db511-OSL
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/uploads/2022/08/hero-image.jpg

198.187.29.109

200 OK

13 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/uploads/2022/08/hero-image.jpg
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
gzip compressed data, was "otPcPanel.json", last modified: Mon Apr 25 18:47:33 2022, from Unix\012- data
Size
13 kB (13040 bytes)
Hash
9246cb73c01d3b10b1067a8b4e7010a6
5565240d8384405f853a078aa9c436d33748caa0
5aca462cb4e9f0fd04a42f030a23531e9a8f937d0aaa697b25af883e92a94841

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/08/hero-image.jpg HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/wp-content/uploads/elementor/css/post-2.css?ver=1668582133
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: image/jpeg
last-modified: Wed, 10 Aug 2022 16:22:55 GMT
accept-ranges: bytes
content-length: 507784
date: Thu, 24 Nov 2022 19:59:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6

198.187.29.109

200 OK

34 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65280)
Size
34 kB (34004 bytes)
Hash
83a90323ac82b98062b4b2c8ac8c5051
d7d376677e3546b756b4fec6219be72b85c4f8f5
7fd68e9ea0ebd35958da46d7373113d1a3646a671217cf2cf471c65c3d710613

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6 HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: application/javascript
last-modified: Mon, 01 Jun 2020 20:47:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 34004
date: Thu, 24 Nov 2022 19:59:07 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg

104.16.148.64

200 OK

4.8 kB

URL HTTP/2
cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg
IP
104.16.148.64:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (20550), with no line terminators
Size
4.8 kB (4773 bytes)
Hash
2707a5bc273fae34697e5fc4f0fbccd0
e286f1402ca0fcb300426479deb9f98c2aaccc5d
87869b9d7343e8c3f925baabb5f396aeb1ee940710c0eec6eace4a39a9d7a329

HTTP Headers

GET /logos/static/poweredBy_ot_logo.svg HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 24 Nov 2022 19:59:08 GMT
content-type: image/svg+xml
content-md5: LpuayL42jB78xRllx0vkOw==
last-modified: Tue, 22 Nov 2022 16:39:33 GMT
x-ms-request-id: 96b32c63-f01e-000c-6fd7-fe3617000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 65385
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76f4b92cca22b50f-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

d3v0px0pttie1i.cloudfront.net/uploads/user/logo/734293/c6cf98c8.png

143.204.42.220

200 OK

36 kB

URL HTTP/1.1
d3v0px0pttie1i.cloudfront.net/uploads/user/logo/734293/c6cf98c8.png
IP
143.204.42.220:0
ASN
#16509 AMAZON-02

File type
PNG image data, 345 x 240, 8-bit/color RGBA, non-interlaced\012- data
Size
36 kB (36044 bytes)
Hash
8b3009082b340ab48d5150568ca107e4
ec34b346c51c4a6bd88938cc591b84e0476c8a8b
6d4a2ecfccda2e52de0eeeab44b96183b41f02e3c1a678df0f03cb954bfdcb70

HTTP Headers

GET /uploads/user/logo/734293/c6cf98c8.png HTTP/1.1
Host: d3v0px0pttie1i.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 36044
Connection: keep-alive
Date: Thu, 24 Nov 2022 19:59:09 GMT
Last-Modified: Thu, 11 Aug 2022 02:15:06 GMT
ETag: "8b3009082b340ab48d5150568ca107e4"
Cache-Control: max-age=315576000
x-amz-version-id: tnADKw9y2VC2QRPVHdFS0XZartmyATUJ
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Miss from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Vpy9qTLQnPu_poXnRtWRwFODoS14evhj5lVPTArGBgWgR2gFFomKqA==

www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js

142.250.74.163

200 OK

163 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (730)
Size
163 kB (162976 bytes)
Hash
79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6

HTTP Headers

GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Origin: https://calendly.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 09:43:42 GMT
expires: Fri, 24 Nov 2023 09:43:42 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 36926
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

d3v0px0pttie1i.cloudfront.net/uploads/user/avatar/734293/18d48b11.png

143.204.42.220

200 OK

71 kB

URL HTTP/1.1
d3v0px0pttie1i.cloudfront.net/uploads/user/avatar/734293/18d48b11.png
IP
143.204.42.220:0
ASN
#16509 AMAZON-02

File type
PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Size
71 kB (70579 bytes)
Hash
7e6b45d0a2e44112417afa20953afcf8
eadf3609c7ecdb1e0ccdba411ab520aad8707150
188ef70124c556c63f58bd4d748384958331d0cea81a18f8ddd130fbfd64ff92

HTTP Headers

GET /uploads/user/avatar/734293/18d48b11.png HTTP/1.1
Host: d3v0px0pttie1i.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 70579
Connection: keep-alive
Date: Thu, 24 Nov 2022 19:59:09 GMT
Last-Modified: Thu, 26 Nov 2020 19:42:29 GMT
ETag: "7e6b45d0a2e44112417afa20953afcf8"
Cache-Control: max-age=315576000
x-amz-version-id: WW6ZFP9OnhePw_DwmuzGQycS0ucADPrI
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Miss from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: q-iF7q52Zyrw2zubo9Qzb1vjJMxchlbIYzJHXifwsuM_YFsz_O_wVQ==

www.glennmarkdizon.com/wp-content/uploads/2022/08/genesis.jpg

198.187.29.109

200 OK

1.4 MB

URL HTTP/2
www.glennmarkdizon.com/wp-content/uploads/2022/08/genesis.jpg
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, progressive, precision 8, 600x2539, components 3\012- data
Size
1.4 MB (1445764 bytes)
Hash
92c763f8a690570c3a3dbec0d04ee344
1d20f0542adad35f1ae68935e6bc8df393383615
e420f894994f026270d4984c0a65722ec31ce90baa60e08da53cb825e02f6247

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/08/genesis.jpg HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: image/jpeg
last-modified: Thu, 11 Aug 2022 00:58:45 GMT
accept-ranges: bytes
content-length: 1445764
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/uploads/2022/08/cropped-fav-32x32.png

198.187.29.109

200 OK

1.3 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/uploads/2022/08/cropped-fav-32x32.png
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
1.3 kB (1260 bytes)
Hash
5b9b7b8537cfdf2f467e9df7b9600b20
1211fc909f1a2b1df2ef6e46924c0d7f1dfd6830
157fe729b2ce5fff2197f8f623d587ada1974da1ec1a9938da2c6ac2ad53f849

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/08/cropped-fav-32x32.png HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: image/png
last-modified: Thu, 11 Aug 2022 14:42:21 GMT
accept-ranges: bytes
content-length: 1260
date: Thu, 24 Nov 2022 19:59:08 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

calendly.com/api/booking/event_types/BDGHPFPV3N67WYM5/calendar/range?timezone=UTC&diagnostics=false&range_start=2022-11-24&range_end=2022-11-30&embed_domain=www.glennmarkdizon.com&embed_type=Inline

172.66.43.26

200 OK

10 kB

URL HTTP/2
calendly.com/api/booking/event_types/BDGHPFPV3N67WYM5/calendar/range?timezone=UTC&diagnostics=false&range_start=2022-11-24&range_end=2022-11-30&embed_domain=www.glennmarkdizon.com&embed_type=Inline
IP
172.66.43.26:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (9051), with no line terminators
Size
10 kB (10474 bytes)
Hash
3c5e067b4c60b6ad1f89bb8237fd6c4a
7120fbdc4363a58961d3932f56c7ebbcdfd44624
5b2a9943ce4903350a7357d17368a0a8c932e8444ee40f3538d4151ac4c9f5fb

HTTP Headers

GET /api/booking/event_types/BDGHPFPV3N67WYM5/calendar/range?timezone=UTC&diagnostics=false&range_start=2022-11-24&range_end=2022-11-30&embed_domain=www.glennmarkdizon.com&embed_type=Inline HTTP/1.1
Host: calendly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/glennmark/consult?embed_domain=www.glennmarkdizon.com&embed_type=Inline&month=2022-11
X-CSRF-Token: eDjMnBFTPGepi5aLt1JeomKVnWVval7VN3GUABwzjlKPiKXPspOmbx93VCjXcK4PIVz7Utgkl87YSuo0MW7LLg
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Cookie: __cf_bm=37hwnrPCUu_OBWTr3Teh2yzEu8KSP5HTYXLCq54PPXU-1669319944-0-AVS0QNd/eSpmx5A+DOin9r5niJlyQXxy/jT41UvwvEDEz/4MXl3/68t0rAhxjDjncM6bd/CD5uWVKf+L6/ifMII=; __cfruid=690fc1972f5ae59fbd36ba522948ffd4515b8537-1669319946
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 24 Nov 2022 19:59:08 GMT
content-type: application/json; charset=utf-8
cf-ray: 76f4b92a2d0db529-OSL
cache-control: max-age=0, private, must-revalidate
etag: W/"b9391f318a3e464089c19baf88e246f4"
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-request-id: 8f6c44ca54db5a24ba228bb7ccb1ea01
x-runtime: 0.318562
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

cdn.segment.io/analytics-next/bundles/ajs-destination.bundle.f10d3096539d72f6123e.js

54.230.111.79

200 OK

2.7 kB

URL HTTP/1.1
cdn.segment.io/analytics-next/bundles/ajs-destination.bundle.f10d3096539d72f6123e.js
IP
54.230.111.79:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (8508)
Size
2.7 kB (2724 bytes)
Hash
1f4dc513a43a6127d9c445f7c51e3d1a
fa22a5ff67815833a1ba78ccf14fbf845163b5e7
5597751e6f24ee5c5ce738d676eaf9ee2c206f5b685a83c266db9e415bf77ac0

HTTP Headers

GET /analytics-next/bundles/ajs-destination.bundle.f10d3096539d72f6123e.js HTTP/1.1
Host: cdn.segment.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sun, 20 Nov 2022 06:42:31 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Max-Age: 3000
x-amz-replication-status: COMPLETED
Last-Modified: Sun, 20 Nov 2022 04:05:11 GMT
ETag: W/"3fe4d92339c7d21c57f0044fcdcf5274"
Cache-Control: public,max-age=31536000,immutable
x-amz-version-id: BhXw106yreYvIp1G4_0Aby1fMn2RRwDM
Server: AmazonS3
Content-Encoding: br
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: xSb6pchGM9L9J096zSZAEhOvpiOLA_L7dnQiZqmoDUyHXVXIVBL7Ug==
Age: 393398

cdn.segment.io/analytics-next/bundles/schemaFilter.bundle.debb169c1abb431faaa6.js

54.230.111.79

200 OK

759 B

URL HTTP/1.1
cdn.segment.io/analytics-next/bundles/schemaFilter.bundle.debb169c1abb431faaa6.js
IP
54.230.111.79:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (1508)
Size
759 B (759 bytes)
Hash
3d4b031e451f32f4995c5636eb2e9a2c
81da1ed66c50ed669f55223d0d25ff4ca70ef2de
129829afb5f8e69b51d6e4bc36b984f5f75a4db3a68f516090fd24632fbb334d

HTTP Headers

GET /analytics-next/bundles/schemaFilter.bundle.debb169c1abb431faaa6.js HTTP/1.1
Host: cdn.segment.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Date: Wed, 29 Jun 2022 22:58:24 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Max-Age: 3000
x-amz-replication-status: COMPLETED
Last-Modified: Wed, 29 Jun 2022 22:36:31 GMT
ETag: W/"3e448afdfea355c0f19700d04431ce7d"
Cache-Control: public,max-age=31536000,immutable
x-amz-version-id: 8IDMvv7_EUs2Qtk.QHOxLzoE3aR.o_xp
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Jb2IoNCgX2lknzpUZ1lMLpBAbucNmyWRtI2Ef35FtX4M1ZPAk8Oszg==
Age: 12776445

cdn.segment.io/next-integrations/integrations/pendo/1.1.3/pendo.dynamic.js.gz

54.230.111.79

200 OK

1.3 kB

URL HTTP/1.1
cdn.segment.io/next-integrations/integrations/pendo/1.1.3/pendo.dynamic.js.gz
IP
54.230.111.79:0
ASN
#16509 AMAZON-02

File type
HTML document, ASCII text, with very long lines (2755)
Size
1.3 kB (1295 bytes)
Hash
5749d02af60dbfc1f75ad8995c26282b
45ab2a3bb35cfe92ed113fd5127d6f87dab90285
39868881163d6156e67642dcae7bd345c2294d5d834ca11462c5209be68c5d72

HTTP Headers

GET /next-integrations/integrations/pendo/1.1.3/pendo.dynamic.js.gz HTTP/1.1
Host: cdn.segment.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 1295
Connection: keep-alive
Date: Mon, 24 Oct 2022 06:06:15 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Max-Age: 3000
Last-Modified: Mon, 19 Sep 2022 21:38:20 GMT
ETag: "5749d02af60dbfc1f75ad8995c26282b"
Cache-Control: public,max-age=31536000,immutable
Content-Encoding: gzip
x-amz-version-id: YGzypEO4YcfB5iLv40HrvB7qFMLMEWuT
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: IKNexlRdHKdBWvnksUW48L7sDpQwr3sEvwzMet9bovwkVvYJVGRBHQ==
Age: 2728374

cdn.segment.io/next-integrations/integrations/heap/2.1.2/heap.dynamic.js.gz

54.230.111.79

200 OK

1.7 kB

URL HTTP/1.1
cdn.segment.io/next-integrations/integrations/heap/2.1.2/heap.dynamic.js.gz
IP
54.230.111.79:0
ASN
#16509 AMAZON-02

File type
HTML document, ASCII text, with very long lines (3723)
Size
1.7 kB (1671 bytes)
Hash
aa7430c79694e6aab503a222c1b8cf22
09cd72fc1d557ee98ed04150cc6b75918e331211
7a66306bea19aa57277a29ae51e3452aba6f4f3c102f013076a6b01966f88604

HTTP Headers

GET /next-integrations/integrations/heap/2.1.2/heap.dynamic.js.gz HTTP/1.1
Host: cdn.segment.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 1671
Connection: keep-alive
Date: Sat, 07 May 2022 03:04:55 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Max-Age: 3000
Last-Modified: Thu, 21 Apr 2022 20:31:57 GMT
ETag: "aa7430c79694e6aab503a222c1b8cf22"
Cache-Control: public,max-age=31536000,immutable
Content-Encoding: gzip
x-amz-version-id: IEr5b0YMf8gXJe8_msNsrr6tlk_T2o2g
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: dDcY0IoxSyzXzIZiyE3gnhTDEMnbIeRb9m-uAKg8dOHZDw7GvDgsbg==
Age: 17427254

cdn.segment.io/next-integrations/integrations/optimizely/3.5.1/optimizely.dynamic.js.gz

54.230.111.79

200 OK

2.6 kB

URL HTTP/1.1
cdn.segment.io/next-integrations/integrations/optimizely/3.5.1/optimizely.dynamic.js.gz
IP
54.230.111.79:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (7007)
Size
2.6 kB (2586 bytes)
Hash
6ac19b71da72b08483644c17ed6a4986
882ae07fffd74a49df8c5a1fa57b67667fd4a47f
29db086ab143b305f4c9de9fce4b11259b1897d01e0b7dcb6e68ba13fa972ffc

HTTP Headers

GET /next-integrations/integrations/optimizely/3.5.1/optimizely.dynamic.js.gz HTTP/1.1
Host: cdn.segment.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 2586
Connection: keep-alive
Date: Mon, 03 Oct 2022 19:04:32 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Max-Age: 3000
Last-Modified: Mon, 19 Sep 2022 21:38:20 GMT
ETag: "6ac19b71da72b08483644c17ed6a4986"
Cache-Control: public,max-age=31536000,immutable
Content-Encoding: gzip
x-amz-version-id: LWiuuaOh3MJMcM_mbmFM_xQOt6bARUXq
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: NvDJRqBUltBT3z1lb9frJHGR5P162-FyRH9YCxyOnqzm50OSKybuNg==
Age: 4496077

cdn.segment.io/next-integrations/integrations/appboy/1.16.1/appboy.dynamic.js.gz

54.230.111.79

200 OK

4.7 kB

URL HTTP/1.1
cdn.segment.io/next-integrations/integrations/appboy/1.16.1/appboy.dynamic.js.gz
IP
54.230.111.79:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (18430)
Size
4.7 kB (4666 bytes)
Hash
baefe3076be23f00dcbc1db02d893b65
ebad0d70656d189335183d0efccd5ce1fd64a52b
54a7c0e7f637f6c76557fa7729e9d731a450b83b02acec8d5ed849ed259821e1

HTTP Headers

GET /next-integrations/integrations/appboy/1.16.1/appboy.dynamic.js.gz HTTP/1.1
Host: cdn.segment.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 4666
Connection: keep-alive
Date: Mon, 29 Aug 2022 12:25:11 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Max-Age: 3000
Last-Modified: Mon, 08 Aug 2022 17:49:04 GMT
ETag: "baefe3076be23f00dcbc1db02d893b65"
Cache-Control: public,max-age=31536000,immutable
Content-Encoding: gzip
x-amz-version-id: 5Ji0XTprX36hP1z8XxzwyA3DMZ.GWCip
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: PVw8zGEfUMlH3OSvzxluLKwig19DF5g6IxJCu0oJFPN5ZVIP7-1xCg==
Age: 7544037

www.clarity.ms/eus2/s/0.6.43/clarity.js

13.107.227.53

200 OK

55 kB

URL HTTP/2
www.clarity.ms/eus2/s/0.6.43/clarity.js
IP
13.107.227.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 text, with very long lines (55029)
Size
55 kB (55116 bytes)
Hash
441723b72633b1ac9757ad7c63168005
806166ca9ebb5839dd90a5e5c9335e3e0b18c169
cc8a16ce849d72f106bd67187e4b60c20da3093375202bf0b53f23e8f40a8b11

HTTP Headers

GET /eus2/s/0.6.43/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.glennmarkdizon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=86400
content-length: 55116
content-type: application/javascript;charset=utf-8
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d8fceb15c2864c"
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-cache: CONFIG_NOCACHE
x-azure-ref: 0DM1/YwAAAACWlURDe6ldRLp8me6UdNBbT1NMMjMxMDUwMjA0MDE3ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
date: Thu, 24 Nov 2022 19:59:08 GMT
X-Firefox-Spdy: h2

cdn.segment.io/next-integrations/integrations/vendor/commons.54701049fd6fb8497e9e.js.gz

54.230.111.79

200 OK

22 kB

URL HTTP/1.1
cdn.segment.io/next-integrations/integrations/vendor/commons.54701049fd6fb8497e9e.js.gz
IP
54.230.111.79:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Size
22 kB (22174 bytes)
Hash
7741fd16ad2418cd17ab981f8207b106
13d45dddf2bc6331a72ea781098dafdf715a13e7
c66490dc7f609c24fb66b5aeea8b7142f0d183d2075381daa817002b3c25b375

HTTP Headers

GET /next-integrations/integrations/vendor/commons.54701049fd6fb8497e9e.js.gz HTTP/1.1
Host: cdn.segment.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 22174
Connection: keep-alive
Date: Sat, 14 May 2022 05:34:48 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Max-Age: 3000
Last-Modified: Thu, 21 Apr 2022 20:31:55 GMT
ETag: "7741fd16ad2418cd17ab981f8207b106"
Cache-Control: public,max-age=31536000,immutable
Content-Encoding: gzip
x-amz-version-id: Oj6u2z19LDY4aY4JvHDnjoL7UTBjFuHg
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 1rdpZH7GcvGKRkapZ3ZyYF969WWwsd_JlATTCxrXTj9BoJDS8RCLSw==
Age: 16813461

cdn.segment.io/analytics-next/bundles/remoteMiddleware.bundle.6e91ab7aa7b9f5c2b127.js

54.230.111.79

200 OK

600 B

URL HTTP/1.1
cdn.segment.io/analytics-next/bundles/remoteMiddleware.bundle.6e91ab7aa7b9f5c2b127.js
IP
54.230.111.79:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (1141)
Size
600 B (600 bytes)
Hash
5760af7d8073353cc4076612fbbbeecb
e703a1601c03f4c86bce79684892f07a305abc03
6079b014d79b381b329a8618d0ed0eb01583645457e180c13a68ed87b91b3fd7

HTTP Headers

GET /analytics-next/bundles/remoteMiddleware.bundle.6e91ab7aa7b9f5c2b127.js HTTP/1.1
Host: cdn.segment.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Date: Thu, 30 Jun 2022 05:34:28 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Max-Age: 3000
x-amz-replication-status: COMPLETED
Last-Modified: Thu, 30 Jun 2022 00:39:24 GMT
ETag: W/"c1cb8e289adb2c1ec05b08a6ef25cfaf"
Cache-Control: public,max-age=31536000,immutable
x-amz-version-id: 4uJPXFGNAqMZ3w.PoxWEpPGFTaCNeK4f
Server: AmazonS3
Content-Encoding: br
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 7iqn-5vNqDso55BlWcrrFWmRZiidDqsbvsfLKqEBEJEZdPAoxH4YvQ==
Age: 12752681

cdn.segment.io/next-integrations/middleware/analytics.js-middleware-braze-deduplicate/latest/analytics.js-middleware-braze-deduplicate.js.gz

54.230.111.79

200 OK

778 B

URL HTTP/1.1
cdn.segment.io/next-integrations/middleware/analytics.js-middleware-braze-deduplicate/latest/analytics.js-middleware-braze-deduplicate.js.gz
IP
54.230.111.79:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (1751)
Size
778 B (778 bytes)
Hash
3f0dbc48d4537cdf84414eec13b0164c
daa31dc393ac79c71c464e392dc13a8c4cfff84e
9161f093e2632d08483aba9b8e0b4dab30032316a3c29278e767d69760d11236

HTTP Headers

GET /next-integrations/middleware/analytics.js-middleware-braze-deduplicate/latest/analytics.js-middleware-braze-deduplicate.js.gz HTTP/1.1
Host: cdn.segment.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 778
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Max-Age: 3000
Last-Modified: Mon, 24 Oct 2022 18:47:59 GMT
Content-Encoding: gzip
x-amz-version-id: zvuUQsgnPozOyEKaxRb.XwF.TmEL8OXS
Accept-Ranges: bytes
Server: AmazonS3
Date: Thu, 24 Nov 2022 05:34:59 GMT
ETag: "3f0dbc48d4537cdf84414eec13b0164c"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: tZzu6A56GS4p-ebdgycywG0Obn6ji30dDDBMjbSbnbTcIaHQoKJt2w==
Age: 51952

js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

143.204.55.68

200 OK

200 B

URL HTTP/2
js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
IP
143.204.55.68:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size
200 B (200 bytes)
Hash
93afeeb17bc37e711759584dbfc50d47
bbbc9e5d68854172c90b993064df560996a2a433
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

HTTP Headers

GET /v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/html; charset=utf-8
content-length: 200
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
accept-ranges: bytes
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
timing-allow-origin: *
date: Thu, 24 Nov 2022 19:06:14 GMT
cache-control: max-age=31536000
etag: "93afeeb17bc37e711759584dbfc50d47"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: d8zg0FMvwPAiZ_TOPN2hE9JEnhFLsYIwVh5AuWf8ocLwhRXe_ZMnAQ==
age: 3187
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/uploads/2022/08/GMD-Logo.png

198.187.29.109

404 Not Found

11 kB

URL HTTP/2
www.glennmarkdizon.com/wp-content/uploads/2022/08/GMD-Logo.png
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381)
Size
11 kB (10922 bytes)
Hash
39114d191218ef1bc706146e32820db1
586b76c423d1b2a99a429c7fcc6d47bfb3eb3752
eddd426ecf98d00293a037b174e50817d3f02881919fd91499aa9f756babb365

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/08/GMD-Logo.png HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://www.glennmarkdizon.com/wp-json/>; rel="https://api.w.org/"
content-encoding: br
vary: Accept-Encoding
date: Thu, 24 Nov 2022 19:59:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
cd52f719a72e37b766da52df057908c3
be0ffacfc97a26c6f98170bdaa9003f8bfc9b8f5
ed590bcbe0029e9be7d1166c3ae570461d97d5f14b6291c50cd2c725442e79ec

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1268
Cache-Control: max-age=154349
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:59:08 GMT
Etag: "637f8005-118"
Expires: Sat, 26 Nov 2022 14:51:37 GMT
Last-Modified: Thu, 24 Nov 2022 14:30:29 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280

js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

143.204.55.68

200 OK

631 B

URL HTTP/2
js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
IP
143.204.55.68:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (526)
Size
631 B (631 bytes)
Hash
f8f6a4584135f737b26927596ce6e0a7
609ea9e9c46563fb1dc78a7967c926394e73ffab
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

HTTP Headers

GET /v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 631
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
accept-ranges: bytes
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
date: Thu, 24 Nov 2022 19:33:10 GMT
cache-control: max-age=31536000
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: xhpOvTC9eU_QTyyPapeOenouZBda38h0JftPLhSRcNzymdjWbS_shA==
age: 1563
X-Firefox-Spdy: h2

cdn.heapanalytics.com/js/heap-3509290134.js

54.230.111.52

200 OK

120 kB

URL HTTP/2
cdn.heapanalytics.com/js/heap-3509290134.js
IP
54.230.111.52:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (65502)
Size
120 kB (119819 bytes)
Hash
6588b87191c48a8a06e308c9ac51a560
9c739524102af7368efea3cafd135b90879c2138
75136dc0a4ccf1a3b1f384408e37247c49dfcf760fb77c679107800eeb265a67

HTTP Headers

GET /js/heap-3509290134.js HTTP/1.1
Host: cdn.heapanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 119819
date: Thu, 24 Nov 2022 19:57:45 GMT
server: nginx
etag: W/"1d40b-ZYi4cZHEiooG4wjJrFGlYA"
cache-control: public, max-age=120
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: ejqbbcdpzEXiZhq-pZhul8DBbL_nMI15vbOgvHDsRZlunaPMXH2GLA==
age: 84
X-Firefox-Spdy: h2

www.glennmarkdizon.com/wp-content/uploads/2022/08/mac.jpg

198.187.29.109

200 OK

0 B

URL HTTP/2
www.glennmarkdizon.com/wp-content/uploads/2022/08/mac.jpg
IP
198.187.29.109:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/08/mac.jpg HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: image/jpeg
last-modified: Thu, 11 Aug 2022 00:58:21 GMT
accept-ranges: bytes
content-length: 293116
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

m.stripe.network/inner.html

151.101.84.176

200 OK

527 B

URL HTTP/2
m.stripe.network/inner.html
IP
151.101.84.176:0
ASN
#54113 FASTLY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (930), with no line terminators
Size
527 B (527 bytes)
Hash
e02352ef72e8a9563463c07174b0e50f
7a41613f7eae0819d1a4785eae3617fdbb33b9b3
2275fff71f8cbf1f25a1af7f7bbe5ecbc868ed0b16d345a8ce31770f66fc8ea5

HTTP Headers

GET /inner.html HTTP/1.1
Host: m.stripe.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: max-age=300, public
content-type: text/html; charset=utf-8
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: Fastly
content-encoding: gzip
accept-ranges: bytes
date: Thu, 24 Nov 2022 19:59:09 GMT
via: 1.1 varnish
age: 194
x-request-id: 79e7725f-4bd4-42f9-9b54-b5fc10f2f851
x-served-by: cache-bma1620-BMA
x-cache: HIT
x-cache-hits: 102
x-timer: S1669319949.102156,VS0,VE0
vary: Accept-Encoding, Origin
content-length: 527
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.165

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.165:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
5ad06fea748cc3dd7b2e4b397e9fb7f1
09f14748afe789048ff85b56afdc7906c8f123b9
efa2d8daf4153edfa2d4008223e8c4f83153bc1e4ad0c6c72070467b772beb53

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=167163
Date: Thu, 24 Nov 2022 19:59:09 GMT
Etag: "637fa344-1d7"
Expires: Sat, 26 Nov 2022 18:25:12 GMT
Last-Modified: Thu, 24 Nov 2022 17:00:52 GMT
Server: ECS (bsa/EB21)
X-Cache: Miss from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: omZlIB_U-xf-NtJfD7m1TsR7JtiaJKeYPrUvaNPc2EIxCADNUmrO3Q==
Age: 5060

m.stripe.network/out-4.5.42.js

151.101.84.176

200 OK

16 kB

URL HTTP/2
m.stripe.network/out-4.5.42.js
IP
151.101.84.176:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Size
16 kB (16031 bytes)
Hash
0b880c6e7a381ef1f81263cf34c54e79
af46e0111cb22576b07084f4b49be7b41b5fc3ca
115ea79f002c0c2e3405178f66ce92ecb5173e7678f692ab65d6bbf526880b7b

HTTP Headers

GET /out-4.5.42.js HTTP/1.1
Host: m.stripe.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.stripe.network/inner.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=300, public
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: Fastly
content-encoding: gzip
accept-ranges: bytes
date: Thu, 24 Nov 2022 19:59:09 GMT
via: 1.1 varnish
age: 279
x-request-id: 417cd36f-da55-4622-b821-25cbd61cde7c
x-served-by: cache-bma1620-BMA
x-cache: HIT
x-cache-hits: 140
x-timer: S1669319949.171121,VS0,VE0
vary: Accept-Encoding, Origin
content-length: 16031
X-Firefox-Spdy: h2

c.bing.com/c.gif?CtsSyncId=6ADCF264B4794E78B7EC9DB70E45D6FF&RedC=c.clarity.ms&MXFR=385FFB12CD2F69B5030AE974C92F676D

13.107.21.200

302 Found

0 B

URL HTTP/2
c.bing.com/c.gif?CtsSyncId=6ADCF264B4794E78B7EC9DB70E45D6FF&RedC=c.clarity.ms&MXFR=385FFB12CD2F69B5030AE974C92F676D
IP
13.107.21.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c.gif?CtsSyncId=6ADCF264B4794E78B7EC9DB70E45D6FF&RedC=c.clarity.ms&MXFR=385FFB12CD2F69B5030AE974C92F676D HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=6ADCF264B4794E78B7EC9DB70E45D6FF&MUID=0F47DA933D576F8B1D84C8F53CA26E1E
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=0F47DA933D576F8B1D84C8F53CA26E1E; domain=c.bing.com; expires=Tue, 19-Dec-2023 19:59:09 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 09D1B8B8FA044893A33AF935B4A8F70D Ref B: OSL30EDGE0114 Ref C: 2022-11-24T19:59:09Z
date: Thu, 24 Nov 2022 19:59:09 GMT
content-length: 0
X-Firefox-Spdy: h2

c.clarity.ms/c.gif?CtsSyncId=6ADCF264B4794E78B7EC9DB70E45D6FF&MUID=0F47DA933D576F8B1D84C8F53CA26E1E

20.234.93.27

200 OK

42 B

URL HTTP/2
c.clarity.ms/c.gif?CtsSyncId=6ADCF264B4794E78B7EC9DB70E45D6FF&MUID=0F47DA933D576F8B1D84C8F53CA26E1E
IP
20.234.93.27:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

HTTP Headers

GET /c.gif?CtsSyncId=6ADCF264B4794E78B7EC9DB70E45D6FF&MUID=0F47DA933D576F8B1D84C8F53CA26E1E HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Thu, 13 Oct 2022 20:07:05 GMT
accept-ranges: bytes
etag: "40db785d3fdfd81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Thu, 24-Nov-2022 20:09:09 GMT; path=/; SameSite=None; Secure;
date: Thu, 24 Nov 2022 19:59:08 GMT
content-length: 42
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/S_oXU3H4Jpc

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/S_oXU3H4Jpc
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cbf18dd789b59c4bca8ae8b3f0b63f86
ba8b8e3231ad130eb946666872c2141daf5faa43
534fb17b949ae8ac979e302a84bf4a7f2b88a8d41e431b6698ce96859fa6b0fa

HTTP Headers

POST /s/gts1d4/S_oXU3H4Jpc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:59:09 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1d4/S_oXU3H4Jpc

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/S_oXU3H4Jpc
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cbf18dd789b59c4bca8ae8b3f0b63f86
ba8b8e3231ad130eb946666872c2141daf5faa43
534fb17b949ae8ac979e302a84bf4a7f2b88a8d41e431b6698ce96859fa6b0fa

HTTP Headers

POST /s/gts1d4/S_oXU3H4Jpc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:59:09 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1d4/S_oXU3H4Jpc

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/S_oXU3H4Jpc
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cbf18dd789b59c4bca8ae8b3f0b63f86
ba8b8e3231ad130eb946666872c2141daf5faa43
534fb17b949ae8ac979e302a84bf4a7f2b88a8d41e431b6698ce96859fa6b0fa

HTTP Headers

POST /s/gts1d4/S_oXU3H4Jpc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:59:09 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sca1b.amazontrust.com/

143.204.42.165

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.165:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
95d5d1cfc046e6f7709847614e5111ff
efd834419ef1e3fe8d4e6029abb4a05fdf5c9ea7
8eae014841c35399d434148c5ed0ebfcbb8ae88cc9ff573ebdf48b120f97f56a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=141786
Date: Thu, 24 Nov 2022 19:59:09 GMT
Etag: "637f47fb-1d7"
Expires: Sat, 26 Nov 2022 11:22:15 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:23 GMT
Server: ECS (dcb/7EC7)
X-Cache: Miss from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1Lp5lCjT8acrQp7U81cqAsp-ujOfK_J17Czb_llBf2xaNCulzF8xhg==
Age: 3052

b.clarity.ms/collect

20.75.32.255

204 No Content

0 B

URL HTTP/2
b.clarity.ms/collect
IP
20.75.32.255:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 629
Origin: https://www.glennmarkdizon.com
Connection: keep-alive
Referer: https://www.glennmarkdizon.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://www.glennmarkdizon.com
access-control-allow-credentials: true
date: Thu, 24 Nov 2022 19:59:09 GMT
X-Firefox-Spdy: h2

data.pendo.io/data/guide.gif/4cfbcefc-fcf9-4b66-5dc6-9b0d81bb07a9?jzb=eJwFwIEIAAAAwDDQd3-N1QABFQC5&ct=1669319948839&v=2.161.1_prod

34.107.204.85

200 OK

42 B

URL HTTP/2
data.pendo.io/data/guide.gif/4cfbcefc-fcf9-4b66-5dc6-9b0d81bb07a9?jzb=eJwFwIEIAAAAwDDQd3-N1QABFQC5&ct=1669319948839&v=2.161.1_prod
IP
34.107.204.85:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /data/guide.gif/4cfbcefc-fcf9-4b66-5dc6-9b0d81bb07a9?jzb=eJwFwIEIAAAAwDDQd3-N1QABFQC5&ct=1669319948839&v=2.161.1_prod HTTP/1.1
Host: data.pendo.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 24 Nov 2022 19:59:09 GMT
content-type: image/gif
content-length: 42
access-control-allow-credentials: false
access-control-allow-headers: Origin,Accept,Content-Type,Authorization
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-max-age: 600
x-content-type-options: nosniff
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/S_oXU3H4Jpc

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/S_oXU3H4Jpc
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cbf18dd789b59c4bca8ae8b3f0b63f86
ba8b8e3231ad130eb946666872c2141daf5faa43
534fb17b949ae8ac979e302a84bf4a7f2b88a8d41e431b6698ce96859fa6b0fa

HTTP Headers

POST /s/gts1d4/S_oXU3H4Jpc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:59:09 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

heapanalytics.com/h?a=3509290134&u=4262557727015674&v=7342447697066191&s=7249849657276902&b=web&tv=4.0&z=0&h=%2Fglennmark%2Fconsult&q=%3Fembed_domain%3Dwww.glennmarkdizon.com%26embed_type%3DInline%26month%3D2022-11&d=calendly.com&t=Select%20a%20Date%20%26%20Time%20-%20Calendly&r=https%3A%2F%2Fwww.glennmarkdizon.com%2F&ts=1669319948690&st=1669319948693

54.159.51.104

200 OK

37 B

URL HTTP/2
heapanalytics.com/h?a=3509290134&u=4262557727015674&v=7342447697066191&s=7249849657276902&b=web&tv=4.0&z=0&h=%2Fglennmark%2Fconsult&q=%3Fembed_domain%3Dwww.glennmarkdizon.com%26embed_type%3DInline%26month%3D2022-11&d=calendly.com&t=Select%20a%20Date%20%26%20Time%20-%20Calendly&r=https%3A%2F%2Fwww.glennmarkdizon.com%2F&ts=1669319948690&st=1669319948693
IP
54.159.51.104:0
ASN
#14618 AMAZON-AES

File type
GIF image data, version 89a, 1 x 1\012- data
Size
37 B (37 bytes)
Hash
3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

HTTP Headers

GET /h?a=3509290134&u=4262557727015674&v=7342447697066191&s=7249849657276902&b=web&tv=4.0&z=0&h=%2Fglennmark%2Fconsult&q=%3Fembed_domain%3Dwww.glennmarkdizon.com%26embed_type%3DInline%26month%3D2022-11&d=calendly.com&t=Select%20a%20Date%20%26%20Time%20-%20Calendly&r=https%3A%2F%2Fwww.glennmarkdizon.com%2F&ts=1669319948690&st=1669319948693 HTTP/1.1
Host: heapanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 24 Nov 2022 19:59:09 GMT
content-type: image/gif
content-length: 37
server: nginx
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
pragma: no-cache
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

data.pendo.io/data/ptm.gif/4cfbcefc-fcf9-4b66-5dc6-9b0d81bb07a9?v=2.161.1_prod&ct=1669319948833&jzb=eJw9kF9rwjAUxb9LHnzqrGmLGEHGmEJ92F9kwsYIsclsML0pya1dJ3530zp8y7n5nZtz8nUi2NWKzImxQpKI7JxtvXIcdRWmdDplKWUsm81oFpGj9hqt41oGA39dPS9f-IZ37E2zybs3hzwsEEVhG8CBgcaYiDTOBLxErP08jgthFEjTjQtbxftwhkq4Q1xY8I3Be1XtlOTSVkLDom3b8Q2R-s9C7xpdmT73Yg1GgxpVFrBcJJMkuaM0hKidrT2Zn4ZW_12SWZpGRHv-40Sv0TXqHFDhFOBG7Na3wHgVhPnsMz8-PW6T8rj6-N2HxYN3uCy19znNs4clsL2Bbf93HarwaprS8_cFJKl0Vw

34.107.204.85

200 OK

42 B

URL HTTP/2
data.pendo.io/data/ptm.gif/4cfbcefc-fcf9-4b66-5dc6-9b0d81bb07a9?v=2.161.1_prod&ct=1669319948833&jzb=eJw9kF9rwjAUxb9LHnzqrGmLGEHGmEJ92F9kwsYIsclsML0pya1dJ3530zp8y7n5nZtz8nUi2NWKzImxQpKI7JxtvXIcdRWmdDplKWUsm81oFpGj9hqt41oGA39dPS9f-IZ37E2zybs3hzwsEEVhG8CBgcaYiDTOBLxErP08jgthFEjTjQtbxftwhkq4Q1xY8I3Be1XtlOTSVkLDom3b8Q2R-s9C7xpdmT73Yg1GgxpVFrBcJJMkuaM0hKidrT2Zn4ZW_12SWZpGRHv-40Sv0TXqHFDhFOBG7Na3wHgVhPnsMz8-PW6T8rj6-N2HxYN3uCy19znNs4clsL2Bbf93HarwaprS8_cFJKl0Vw
IP
34.107.204.85:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /data/ptm.gif/4cfbcefc-fcf9-4b66-5dc6-9b0d81bb07a9?v=2.161.1_prod&ct=1669319948833&jzb=eJw9kF9rwjAUxb9LHnzqrGmLGEHGmEJ92F9kwsYIsclsML0pya1dJ3530zp8y7n5nZtz8nUi2NWKzImxQpKI7JxtvXIcdRWmdDplKWUsm81oFpGj9hqt41oGA39dPS9f-IZ37E2zybs3hzwsEEVhG8CBgcaYiDTOBLxErP08jgthFEjTjQtbxftwhkq4Q1xY8I3Be1XtlOTSVkLDom3b8Q2R-s9C7xpdmT73Yg1GgxpVFrBcJJMkuaM0hKidrT2Zn4ZW_12SWZpGRHv-40Sv0TXqHFDhFOBG7Na3wHgVhPnsMz8-PW6T8rj6-N2HxYN3uCy19znNs4clsL2Bbf93HarwaprS8_cFJKl0Vw HTTP/1.1
Host: data.pendo.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 24 Nov 2022 19:59:09 GMT
content-type: image/gif
content-length: 42
access-control-allow-credentials: false
access-control-allow-headers: Origin,Accept,Content-Type,Authorization
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-max-age: 600
x-content-type-options: nosniff
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
426133ba6dfc4d15e0cb4c7b2dabd3fe
17cddc28ede33c87d7dcb9700f39b70c19c644dd
4fcae487b293113493e2fc379ccc680a9189a7dc34165f25ed26f9e05d3a4c20

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3134
Cache-Control: max-age=92163
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:59:09 GMT
Etag: "637e85d2-1d7"
Expires: Fri, 25 Nov 2022 21:35:12 GMT
Last-Modified: Wed, 23 Nov 2022 20:42:58 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

m.stripe.com/6

52.39.215.30

200 OK

156 B

URL HTTP/2
m.stripe.com/6
IP
52.39.215.30:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
156 B (156 bytes)
Hash
c0df34424a5bde16ffa12ce427e6c2d4
47706aba22b59afde3ff7e951e33ac4d66ba0ea6
4b4f018d89d8c81f9545c34d7d18780e3fd81b0216755afd5af32bcb9249e66a

HTTP Headers

POST /6 HTTP/1.1
Host: m.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2984
Origin: https://m.stripe.network
Connection: keep-alive
Referer: https://m.stripe.network/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 19:59:09 GMT
content-length: 156
set-cookie: m=5584b4a0-5e14-4d27-9b1e-83ee213f14c0d3a7d8;Expires=Sat, 23-Nov-2024 19:59:09 GMT;Secure;HttpOnly; SameSite=None
x-content-type-options: nosniff
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
X-Firefox-Spdy: h2

b.clarity.ms/collect

20.75.32.255

204 No Content

0 B

URL HTTP/2
b.clarity.ms/collect
IP
20.75.32.255:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 155260
Origin: https://www.glennmarkdizon.com
Connection: keep-alive
Referer: https://www.glennmarkdizon.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://www.glennmarkdizon.com
access-control-allow-credentials: true
date: Thu, 24 Nov 2022 19:59:09 GMT
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bda37a1-533d-48a6-bc76-7ecc9fe2dfc8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6426 bytes)
Hash
eeac5ead5ce62f0d9e2d4bcefa946208
c2430d901f2b4e4a463e90c540294f334553a246
850a89160f840d7509806c5becd6b074a92613920474195f63d7e7a9cf18d908

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bda37a1-533d-48a6-bc76-7ecc9fe2dfc8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 6426
x-amzn-requestid: 6f27f360-dd76-4aee-a9bc-cbd52cd80def
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvx8GtpIAMFvQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e933f-69fa8ba571cc62036406e6bf;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:40:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ow9srZWasko5f0TMk632PH2_NgfxBEwGPCXoRTp7gVxfDrP9st2opw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 22:03:45 GMT
age: 78927
etag: "c2430d901f2b4e4a463e90c540294f334553a246"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
57aea79f7fde962d9e03337166e292b5
138243191c50f91fdb5172e32c751f504cb39f67
f7c5d0ab857c4d77f89a676c1066b29912be8902c01b5d84bae7d9727d96de5d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5832
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:59:12 GMT
Last-Modified: Thu, 24 Nov 2022 18:22:00 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 278

fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CTeko%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRubik%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CTeko%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRubik%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CTeko%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRubik%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.glennmarkdizon.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 24 Nov 2022 19:59:04 GMT
date: Thu, 24 Nov 2022 19:59:04 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

calendly.com/glennmark/consult?embed_domain=www.glennmarkdizon.com&embed_type=Inline

172.66.43.26

200 OK

0 B

URL HTTP/2
calendly.com/glennmark/consult?embed_domain=www.glennmarkdizon.com&embed_type=Inline
IP
172.66.43.26:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /glennmark/consult?embed_domain=www.glennmarkdizon.com&embed_type=Inline HTTP/1.1
Host: calendly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.glennmarkdizon.com/
Cookie: __cf_bm=37hwnrPCUu_OBWTr3Teh2yzEu8KSP5HTYXLCq54PPXU-1669319944-0-AVS0QNd/eSpmx5A+DOin9r5niJlyQXxy/jT41UvwvEDEz/4MXl3/68t0rAhxjDjncM6bd/CD5uWVKf+L6/ifMII=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 24 Nov 2022 19:59:06 GMT
content-type: text/html; charset=utf-8
cf-ray: 76f4b91f2fe4b529-OSL
cache-control: max-age=0, private, must-revalidate
link: <https://assets.calendly.com/assets/booking/css/booking-474ab179.css>; rel=preload; as=style; nopush
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-request-id: bb576556ff5ee9207db960ded5221dda
x-runtime: 0.155375
vary: Accept-Encoding
set-cookie: _calendly_session=DwslqMNjYl7zG3gGGQGRcq0SkDFybGFUIjljELnB50cSPF2umh0amDiRL9P7RlIlPYA8nvtZ0T1BPYDYRFPJtjFEG6ysDM1AE%2FxYA%2B1gt0T%2BGhP6Zdj2cofWlMm30018c7rCbfwym1R53XBGVlPUaROIZhuLtZvE1pqFas1rrxlULoAR8CTaP2e5%2B4XGf%2BAcloYai7QjaHMhIzMh81MqZDcX22u5TivqAgRXovP4nuaYw7%2B6HMA80CwYMATUT%2BNFfEdPUe13R7Xy%2Bg%2F%2FjW52QSihD6Y7kKmIJ%2F5yqvwjtciI4Q%2BGAdTft%2BbzsCZNDO0nBaMbefNYh51svjxBp%2BLVOkt5AqHDqJsyjuj44ViouCIZXE4QWdtBJiXZiOASbLvqaUXL8hQKWgK4tb1A5tuxifbPpvFc%2FSg5DT3gOgpqH3xMqbb%2F14Iw7uYomF%2FBnV%2FGIElp13VOi3EWdBNhGNJlG%2BD7BF86XntqHSaID7ruIKoU%2F1EfTQ0NaXqdECvOxRzIPlR3rxERXKokk8jUWFN%2BNCXd40cXMJACSQkqAF2kea7%2FXpGze5Gp6B4uHDg4BgojUcjQVjRtyApV6IWLzYgfBJr488jN4XixouDN4KNfJdCGSoK109JUasuVxuRsyR1YprtQqW0NF9A8Zg22OatniWsvV45uHJ1nw%2FOaYIMjuAzwho%2BJy3rW522RWtLnl6VyQuLzGcITcHfn1Hk51hReuXEVNg%3D%3D--0R%2B8jg9SUhSO7Q50--def8JxnjOUSxm6z6VvE9Mw%3D%3D; path=/; expires=Thu, 15 Dec 2022 19:59:06 GMT; secure; HttpOnly; SameSite=Lax
__cfruid=690fc1972f5ae59fbd36ba522948ffd4515b8537-1669319946; path=/; domain=.calendly.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

data.pendo.io/data/guide.js/4cfbcefc-fcf9-4b66-5dc6-9b0d81bb07a9?id=4&jzb=eJxNj09rwzAMxb-LDz11TZtbA2EMNmgv-8fuQbPV1VSWgi03ZCPfvS6lYbf3xO_BT3_m7JNXiXtnGtO9v7w-v3Vf3bj98Nv1Z6LTziwNWCuZ9YpwJlqaHKnQR9U-NVVlgZAdjSsrofopmQPEU2WFUyZ9xPCNrnMSwHM7DMNqRpz_Fb6uFjdGxx7bPZNnXARhPbb1uq4fNpviEFDBgYJpZuUSp1nuVnqIyPr0_1RGePc-Y0xe-F4T0mEnSbE8dgBKOE0XZrxhFw&v=2.161.1_prod&ct=1669319948838

34.107.204.85

200 OK

0 B

URL HTTP/2
data.pendo.io/data/guide.js/4cfbcefc-fcf9-4b66-5dc6-9b0d81bb07a9?id=4&jzb=eJxNj09rwzAMxb-LDz11TZtbA2EMNmgv-8fuQbPV1VSWgi03ZCPfvS6lYbf3xO_BT3_m7JNXiXtnGtO9v7w-v3Vf3bj98Nv1Z6LTziwNWCuZ9YpwJlqaHKnQR9U-NVVlgZAdjSsrofopmQPEU2WFUyZ9xPCNrnMSwHM7DMNqRpz_Fb6uFjdGxx7bPZNnXARhPbb1uq4fNpviEFDBgYJpZuUSp1nuVnqIyPr0_1RGePc-Y0xe-F4T0mEnSbE8dgBKOE0XZrxhFw&v=2.161.1_prod&ct=1669319948838
IP
34.107.204.85:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /data/guide.js/4cfbcefc-fcf9-4b66-5dc6-9b0d81bb07a9?id=4&jzb=eJxNj09rwzAMxb-LDz11TZtbA2EMNmgv-8fuQbPV1VSWgi03ZCPfvS6lYbf3xO_BT3_m7JNXiXtnGtO9v7w-v3Vf3bj98Nv1Z6LTziwNWCuZ9YpwJlqaHKnQR9U-NVVlgZAdjSsrofopmQPEU2WFUyZ9xPCNrnMSwHM7DMNqRpz_Fb6uFjdGxx7bPZNnXARhPbb1uq4fNpviEFDBgYJpZuUSp1nuVnqIyPr0_1RGePc-Y0xe-F4T0mEnSbE8dgBKOE0XZrxhFw&v=2.161.1_prod&ct=1669319948838 HTTP/1.1
Host: data.pendo.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 24 Nov 2022 19:59:09 GMT
content-type: application/javascript
vary: Accept-Encoding
access-control-allow-credentials: false
access-control-allow-headers: Origin,Accept,Content-Type,Authorization
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-max-age: 600
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

assets.calendly.com/assets/external/widget.js

172.66.43.26

200 OK

0 B

URL HTTP/2
assets.calendly.com/assets/external/widget.js
IP
172.66.43.26:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /assets/external/widget.js HTTP/1.1
Host: assets.calendly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.glennmarkdizon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 24 Nov 2022 19:59:04 GMT
content-type: application/javascript
cf-ray: 76f4b916afe0b529-OSL
age: 169
cache-control: public, max-age=300
etag: W/"d55a502aec51c2d81fe7d6b5b166ddcf"
expires: Fri, 25 Nov 2022 19:59:04 GMT
last-modified: Thu, 17 Nov 2022 18:21:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
cf-bgj: minify
x-content-type-options: nosniff
set-cookie: __cf_bm=37hwnrPCUu_OBWTr3Teh2yzEu8KSP5HTYXLCq54PPXU-1669319944-0-AVS0QNd/eSpmx5A+DOin9r5niJlyQXxy/jT41UvwvEDEz/4MXl3/68t0rAhxjDjncM6bd/CD5uWVKf+L6/ifMII=; path=/; expires=Thu, 24-Nov-22 20:29:04 GMT; domain=.calendly.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

cdn.cookielaw.org/scripttemplates/6.35.0/assets/otCommonStyles.css

104.16.148.64

200 OK

0 B

URL HTTP/2
cdn.cookielaw.org/scripttemplates/6.35.0/assets/otCommonStyles.css
IP
104.16.148.64:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /scripttemplates/6.35.0/assets/otCommonStyles.css HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Origin: https://calendly.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 24 Nov 2022 19:59:08 GMT
content-type: text/css
content-md5: /wtHD+oYY7dZRzCx50GZrQ==
last-modified: Mon, 06 Jun 2022 06:21:12 GMT
x-ms-request-id: 56bfbd6c-f01e-00c0-7082-7952a2000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 76357
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76f4b92c4c55b511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

assets.calendly.com/assets/booking/js/booking-runtime-591ea883.js

172.66.43.26

200 OK

0 B

URL HTTP/2
assets.calendly.com/assets/booking/js/booking-runtime-591ea883.js
IP
172.66.43.26:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /assets/booking/js/booking-runtime-591ea883.js HTTP/1.1
Host: assets.calendly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Cookie: __cf_bm=37hwnrPCUu_OBWTr3Teh2yzEu8KSP5HTYXLCq54PPXU-1669319944-0-AVS0QNd/eSpmx5A+DOin9r5niJlyQXxy/jT41UvwvEDEz/4MXl3/68t0rAhxjDjncM6bd/CD5uWVKf+L6/ifMII=; __cfruid=690fc1972f5ae59fbd36ba522948ffd4515b8537-1669319946
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Thu, 24 Nov 2022 19:59:06 GMT
content-type: application/javascript
cf-ray: 76f4b9227e89b529-OSL
age: 284554
cache-control: public, max-age=31536000
etag: W/"70fad10a770cc9f6d19b67c18736dc5f"
expires: Fri, 25 Nov 2022 19:59:06 GMT
last-modified: Mon, 21 Nov 2022 12:51:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
cf-bgj: minify
cf-polished: origSize=19548
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.clarity.ms/tag/d8idw26pe6?ref=bwt

13.107.227.53

200 OK

0 B

URL HTTP/2
www.clarity.ms/tag/d8idw26pe6?ref=bwt
IP
13.107.227.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /tag/d8idw26pe6?ref=bwt HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.glennmarkdizon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=e12e6580e5754e91ae1231c10d65bf5e.20221124.20231124; expires=Fri, 24 Nov 2023 19:59:08 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
x-cache: CONFIG_NOCACHE
x-azure-ref: 0DM1/YwAAAAD3wylatPZ0R4r2P4E18PzFT1NMMjMxMDUwMjA0MDE3ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
date: Thu, 24 Nov 2022 19:59:08 GMT
X-Firefox-Spdy: h2

cdn.pendo.io/agent/static/4cfbcefc-fcf9-4b66-5dc6-9b0d81bb07a9/pendo.js

54.230.111.15

200 OK

0 B

URL HTTP/2
cdn.pendo.io/agent/static/4cfbcefc-fcf9-4b66-5dc6-9b0d81bb07a9/pendo.js
IP
54.230.111.15:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /agent/static/4cfbcefc-fcf9-4b66-5dc6-9b0d81bb07a9/pendo.js HTTP/1.1
Host: cdn.pendo.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 132103
x-guploader-uploadid: ADPycdvX4J4LF5Yjy2eGolNEO2pITQOHLcbT0hgr3xlvx826Wx5vP2qNcnrjj72WRrSBecqJ9_JSBwjTTXMsIxxw3xrMdQ
last-modified: Thu, 17 Nov 2022 19:16:48 GMT
x-goog-generation: 1668712608872610
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 132103
content-encoding: gzip
x-goog-hash: crc32c=fhFFHQ==, md5=p5vf38u/Z6kvzkW47LwULA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: *
server: UploadServer
date: Thu, 24 Nov 2022 19:57:07 GMT
expires: Thu, 24 Nov 2022 20:04:15 GMT
cache-control: max-age=450
etag: "a79bdfdfcbbf67a92fce45b8ecbc142c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: R2DLqT3NFCmFrTxvekPmh70NCZrPmhsnYrxWUPl0jpCWRP0UwgONgA==
age: 144
X-Firefox-Spdy: h2

js.appboycdn.com/web-sdk/3.1/appboy.min.js

104.17.218.31

200 OK

0 B

URL HTTP/2
js.appboycdn.com/web-sdk/3.1/appboy.min.js
IP
104.17.218.31:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /web-sdk/3.1/appboy.min.js HTTP/1.1
Host: js.appboycdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 24 Nov 2022 19:59:09 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: fWaUAy85I3OGfp5Yat3q2YpqLSFkKavxj9T9nlVUzQChU97gFu1zDcKS8fs/SxePpI3qSbZVzME=
x-amz-request-id: 4HN36FEXFZ9BZE1J
last-modified: Tue, 02 Feb 2021 00:22:35 GMT
etag: W/"1c3631b60e0fed888d7a4fcedb3e0448"
cf-cache-status: HIT
age: 2080
expires: Thu, 24 Nov 2022 23:59:09 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f4b9315c4db4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

assets.calendly.com/assets/booking/js/booking-270c1e77.js

172.66.43.26

200 OK

0 B

URL HTTP/2
assets.calendly.com/assets/booking/js/booking-270c1e77.js
IP
172.66.43.26:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /assets/booking/js/booking-270c1e77.js HTTP/1.1
Host: assets.calendly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Cookie: __cf_bm=37hwnrPCUu_OBWTr3Teh2yzEu8KSP5HTYXLCq54PPXU-1669319944-0-AVS0QNd/eSpmx5A+DOin9r5niJlyQXxy/jT41UvwvEDEz/4MXl3/68t0rAhxjDjncM6bd/CD5uWVKf+L6/ifMII=; __cfruid=690fc1972f5ae59fbd36ba522948ffd4515b8537-1669319946
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Thu, 24 Nov 2022 19:59:06 GMT
content-type: application/javascript
cf-ray: 76f4b9227e8cb529-OSL
age: 84717
cache-control: public, max-age=31536000
etag: W/"e75b0b3312fd60d990b8173bcb8ac4af"
expires: Fri, 25 Nov 2022 19:59:06 GMT
last-modified: Wed, 23 Nov 2022 20:21:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
cf-bgj: minify
cf-polished: origSize=1691087
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (61)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations