r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a9f1d4d98705c281fed3b60343463200
db6f8aa98d2eda4e5473b116a222c3055568bb78
164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3846
Expires: Thu, 24 Nov 2022 21:03:09 GMT
Date: Thu, 24 Nov 2022 19:59:03 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5860
Cache-Control: max-age=144588
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:59:03 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 12:08:51 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5813
Expires: Thu, 24 Nov 2022 21:35:56 GMT
Date: Thu, 24 Nov 2022 19:59:03 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 24 Nov 2022 19:18:59 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2404
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: N1zfAkIMDQ6AN0prB9uJvtkO2J3gsyQmgwsEC1V6HeGRSl2xVK3j8Kvsmkqjgh/X9TfM6ktQsn4=
x-amz-request-id: 9FMGQP5R1SDCSMS0
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 24 Nov 2022 19:40:31 GMT
age: 1112
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
glennmarkdizon.com/
198.187.29.109301 Moved Permanently 707 B IP 198.187.29.109:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 24 Nov 2022 19:59:03 GMT
server: LiteSpeed
location: https://glennmarkdizon.com/
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 19:59:03 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 24 Nov 2022 19:08:53 GMT
cache-control: public,max-age=3600
age: 3010
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5257
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:59:03 GMT
Last-Modified: Thu, 24 Nov 2022 18:31:26 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 7f6a69ede955722d257b5c053b411395
ea5e2514c52e148ded3b5eceecbf04643e8ad14c
e339ad3859de4c93e90d6523a423f4f62634cf13057135457dd23fe7e7d40302
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 19:59:03 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 21 Nov 2022 18:49:10 GMT
Expires: Mon, 28 Nov 2022 18:49:09 GMT
Etag: "ea5e2514c52e148ded3b5eceecbf04643e8ad14c"
Cache-Control: max-age=340805,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f4b90f7acdb4ff-OSL
push.services.mozilla.com/
54.148.213.75101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.213.75:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 15ruoCu8cPwmAnLgvh53AA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 74TwQBWGCPOFj8dtmDWbhubA7ug=
glennmarkdizon.com/
198.187.29.109301 Moved Permanently 0 B IP 198.187.29.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
x-pingback: https://www.glennmarkdizon.com/xmlrpc.php
x-redirect-by: WordPress
location: https://www.glennmarkdizon.com/
content-length: 0
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/
198.187.29.109200 OK 23 kB IP 198.187.29.109:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (9381)
Hash f5ea130c187c885b87f09d13b6afa9c2
58ac225ebda0f0f7b5e1f2c57a14b8f5c0e19a7c
b68502649329703c615cad6731faa350cd52f785081710d87a82f6488a2bf64e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Wed, 16 Nov 2022 07:40:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 23300
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
expires: Mon, 29 Oct 1923 20:30:00 GMT
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:59:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash f7830d8e96be37800f9b435c4536fc98
000d2a5d8a23b63cb3c0c8855187d77b853a7b95
43a73253d3b77edeb3501f68b02de848cc602672cb647049a6ccdf4b39da5d00
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4003
Cache-Control: max-age=170054
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:59:04 GMT
Etag: "637fb2ab-117"
Expires: Sat, 26 Nov 2022 19:13:18 GMT
Last-Modified: Thu, 24 Nov 2022 18:06:35 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
www.glennmarkdizon.com/wp-content/cache/wpfc-minified/79tjo3f4/ab39e.css
198.187.29.109200 OK 11 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/cache/wpfc-minified/79tjo3f4/ab39e.css
IP 198.187.29.109:0
File type ASCII text, with very long lines (65517)
Hash 5b3b0083c3dfe8d164683c33929dda7b
dbab68ae166e3f8769066b6cad03ce72d98d11c8
2985202349399d40c5bd4fc32f52cdb82775c176224b08b2384f5ba7e7c8b455
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/wpfc-minified/79tjo3f4/ab39e.css HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: text/css
last-modified: Wed, 16 Nov 2022 07:40:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10957
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:59:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.glennmarkdizon.com/wp-content/cache/wpfc-minified/qtjdgbki/fr1mn.css
198.187.29.109200 OK 16 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/cache/wpfc-minified/qtjdgbki/fr1mn.css
IP 198.187.29.109:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 604b4b0177e09915b54398381cd1ff79
d72ff5c1624b996bf25c7d8514555784a6eb2552
440d5002a7e4c5add5df83138421acbe29c0e2859258ca8981e712c6ec4db0b4
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/wpfc-minified/qtjdgbki/fr1mn.css HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: text/css
last-modified: Thu, 18 Aug 2022 21:10:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 16418
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/uploads/elementor/css/post-11.css?ver=1668580950
198.187.29.109200 OK 364 B URL HTTP/2 www.glennmarkdizon.com/wp-content/uploads/elementor/css/post-11.css?ver=1668580950
IP 198.187.29.109:0
File type ASCII text, with very long lines (1244), with no line terminators
Hash 92033d2ab63fcea3f4a50b7ffc8bb6a9
7b5246a7af243f5ddf8e943f35ca465ec1e448f4
4188b340d2337c4732ef47464e6018e79e941750b4683dea85a235c448e8dba7
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-11.css?ver=1668580950 HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: text/css
last-modified: Wed, 16 Nov 2022 06:42:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 364
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/cache/wpfc-minified/2qbsyya5/ab39e.css
198.187.29.109200 OK 4.5 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/cache/wpfc-minified/2qbsyya5/ab39e.css
IP 198.187.29.109:0
File type ASCII text, with very long lines (20596)
Hash 558f42780be85751a7b77e207c7f2b03
071a66e0279541ce7d3777a55643c34e122ea06c
c540828c392a38be24d1d28a202ff4e9a478b45549948d8418d0e81bd20f15d7
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/wpfc-minified/2qbsyya5/ab39e.css HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: text/css
last-modified: Wed, 16 Nov 2022 07:40:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4536
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/cache/wpfc-minified/f12l1vzu/41kvu.css
198.187.29.109200 OK 7.2 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/cache/wpfc-minified/f12l1vzu/41kvu.css
IP 198.187.29.109:0
File type ASCII text, with very long lines (39280)
Hash 69c00878d510b6035128d975734014fc
46e69cd6683e4901c97a48d39f2c4c4ece0628ac
3231297f5675fd1f3454182331e0d24a9fbc1781daab7c6ca9bc765830f08e75
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/wpfc-minified/f12l1vzu/41kvu.css HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: text/css
last-modified: Thu, 11 Aug 2022 14:44:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7216
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/cache/wpfc-minified/ehs6yavo/41kvu.css
198.187.29.109200 OK 12 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/cache/wpfc-minified/ehs6yavo/41kvu.css
IP 198.187.29.109:0
File type ASCII text, with very long lines (59598), with no line terminators
Hash b268ed80c5f11ea6bf7987ab6b99eaa9
15add3ec9d5336462b9522a7584c66f58180ba28
96e7c84e13979da6573098cc76072f20884cacb1ce2e2786d8163104397dedf4
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/wpfc-minified/ehs6yavo/41kvu.css HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: text/css
last-modified: Thu, 11 Aug 2022 14:44:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12280
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/uploads/elementor/css/post-31.css?ver=1668580952
198.187.29.109200 OK 1.7 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/uploads/elementor/css/post-31.css?ver=1668580952
IP 198.187.29.109:0
File type ASCII text, with very long lines (5828)
Hash 41c0c7cff12d3f3f2ce44213a25594b0
3517ebb78f0309e1258ef42f7a5f50815df2b072
b1ef76b17de9df92043e1a7ec71155c2e0b65faf2c66f648621ea53f115d5127
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-31.css?ver=1668580952 HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: text/css
last-modified: Wed, 16 Nov 2022 06:42:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1714
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/uploads/elementor/css/post-2.css?ver=1668582133
198.187.29.109200 OK 5.5 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/uploads/elementor/css/post-2.css?ver=1668582133
IP 198.187.29.109:0
File type ASCII text, with very long lines (44672)
Hash 8f04bad0f4c8e873351f42d1eff427cf
615033e0e6dfb6ece597a039074774978df636bf
e454e4922b625dc23068b90efcf57160108a5eae9935991df95a221984ea2f40
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-2.css?ver=1668582133 HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: text/css
last-modified: Wed, 16 Nov 2022 07:02:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5499
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/themes/hello-theme-child-master/style.css?ver=1.0.0
198.187.29.109200 OK 287 B URL HTTP/2 www.glennmarkdizon.com/wp-content/themes/hello-theme-child-master/style.css?ver=1.0.0
IP 198.187.29.109:0
Hash 9cfc60525bfc5d073088e68254b87b1a
1d85ee6b11cf58bf9a822e1faf03b2dba630ad12
de286cadb2def7a628c401906d9abfa5669015f51de399cbd5bc3a7867862145
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/hello-theme-child-master/style.css?ver=1.0.0 HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: text/css
last-modified: Mon, 08 Aug 2022 14:03:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 287
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/uploads/elementor/css/post-19.css?ver=1668580952
198.187.29.109200 OK 1.1 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/uploads/elementor/css/post-19.css?ver=1668580952
IP 198.187.29.109:0
File type ASCII text, with very long lines (2398), with CRLF, LF line terminators
Hash c58a66ea1e0369666a12ccd49563e730
2bc6f3bb11d5645c6b58be8baae2e93ffcd6de6e
5900e442cb7163937c11c33d541bf37db64b45855c6f1193888a96a7e2c5c127
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-19.css?ver=1668580952 HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: text/css
last-modified: Wed, 16 Nov 2022 06:42:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1080
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14534
Expires: Fri, 25 Nov 2022 00:01:19 GMT
Date: Thu, 24 Nov 2022 19:59:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14534
Expires: Fri, 25 Nov 2022 00:01:19 GMT
Date: Thu, 24 Nov 2022 19:59:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14534
Expires: Fri, 25 Nov 2022 00:01:19 GMT
Date: Thu, 24 Nov 2022 19:59:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14534
Expires: Fri, 25 Nov 2022 00:01:19 GMT
Date: Thu, 24 Nov 2022 19:59:05 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0856fdb55f19f03a1bec38b3d6e0ac77
89accd230fba95fe0049678070817b36ead015fa
17c6e6f9bb8f4261fff2dc2a43ed994986418761624b8afead768e89927594f2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5070
x-amzn-requestid: d86d95ad-9b78-4047-82e7-04e83a97e330
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwViF1GIAMF_PQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9423-10809ba1634776171cf79cb8;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:44:03 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8rbsN9OVJmneT9ov-Q7V4RB8DP5UWhhn-7cnukHiBpl06zmMM0zJTg==
via: 1.1 0dc4feb22bb4657ce2bb95fd05ec7122.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:57:20 GMT
age: 79305
etag: "89accd230fba95fe0049678070817b36ead015fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92c78302bcce1568eb6a5563100b932c
43d1dec7fc06879988c9c3cadd800cc8145df988
0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7YSXUV-LZpsI7vciFhuqt1EVr6YRkhxcOgMg8z8bxLcOE01_baf6Gg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:47:06 GMT
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
content-type: image/jpeg
age: 79919
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE0hGNioAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:14:07 GMT
age: 45898
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d9d93b2a6875d446c3467eb49767eef5
303c571b13b05fcf27ee1159d8fdf6369aaef0a2
2a2345a925e0187979930a7f2de8548957ad9f2baae77364dcb157286e2b3fcf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6789
x-amzn-requestid: 4d94ce1b-d18f-43b8-bb4d-e7093f9bea42
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvd2G9UIAMFrEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5f2-64a570135be59b83031811da;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:04:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JygkDI7XSvlgurUTot874ZAXlOIqnv4cntMQ55IvHVqw93JBcksZjQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:15:22 GMT
age: 45823
etag: "303c571b13b05fcf27ee1159d8fdf6369aaef0a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 64d79191f005c9876b952c5f948aa0f7
1102dbdcbcabf5c25d17840f8f00d5b55b9b8f0a
00fb36c3d322e8302c5ce202d6d4119d637510cd6f3b63e1347781ec3bb9d7fc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13882
x-amzn-requestid: 9022b0b3-31d5-4149-a969-02514f11b95a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvzNHjMoAMFWMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9347-0e8354a02bef623644714e31;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ve4q5FDkwMGhPK6ZVVVCZtoBTaGaz43r_PwINzwS5Nx5tcZeQkVIfw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:49:47 GMT
age: 79758
etag: "1102dbdcbcabf5c25d17840f8f00d5b55b9b8f0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b4157f2c5c3c77ce699324ecb08f47c7
a7d9135f9d01ba13c3cdaf8b038c70212f159297
2305f7afee95bb34d9e8dbff571c6b146ba7b694be96e9e925c32d1f41785916
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7462
x-amzn-requestid: 1f6fb14d-83e0-43d3-9dab-5bc83af1a7c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwV3HV9oAMFs9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9425-634d43db6308e0be596aa5a0;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:44:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GW5UTfY7-TwPWTno9z1e21a2cA9fmU7GfHFYWdL-zQvMLxeq-S9Trg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 22:03:54 GMT
age: 78911
etag: "a7d9135f9d01ba13c3cdaf8b038c70212f159297"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/cache/wpfc-minified/86mths0t/41kvu.js
198.187.29.109200 OK 34 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/cache/wpfc-minified/86mths0t/41kvu.js
IP 198.187.29.109:0
File type ASCII text, with very long lines (65355)
Hash 9cce7f9a0b0947d811ae7881e41df566
d1384a96d6373b2cc907dad1ee5a996cbb46f53f
a8f1b4d1e14d4d828e50a38cf685372e51622a196eb5be37c47a2dac4ffead90
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/wpfc-minified/86mths0t/41kvu.js HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: application/javascript
last-modified: Thu, 11 Aug 2022 14:44:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 33590
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/cache/wpfc-minified/130m63we/41kvu.css
198.187.29.109200 OK 5.1 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/cache/wpfc-minified/130m63we/41kvu.css
IP 198.187.29.109:0
File type Unicode text, UTF-8 text, with very long lines (48579)
Hash 1455a28a05089d9a6751985dd94c2cfb
0437523688a53c0ada2da4c16bde6137794afaf1
a4df5226ecb5a2f19182bd787a2c534c00599f0bf691ac1950c9aa5d1b034ea1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/wpfc-minified/130m63we/41kvu.css HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: text/css
last-modified: Thu, 11 Aug 2022 14:44:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5073
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/uploads/elementor/thumbs/logo-Shopify-pt2y1lg4yw6bpqq6vplb81dg49gf9ohpjilch8bofc.png
198.187.29.109200 OK 4.3 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/uploads/elementor/thumbs/logo-Shopify-pt2y1lg4yw6bpqq6vplb81dg49gf9ohpjilch8bofc.png
IP 198.187.29.109:0
File type PNG image data, 140 x 36, 8-bit/color RGBA, non-interlaced\012- data
Hash bb0d0772bad9b88c081ba7fca06fb12d
1b7acc88cfd137af21fcb0ff9abbfb768703105c
2b30b52b80fc37cf53eb939f18dcd399b8103c4b20e6166965dc94860201a4b0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/thumbs/logo-Shopify-pt2y1lg4yw6bpqq6vplb81dg49gf9ohpjilch8bofc.png HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: image/png
last-modified: Fri, 12 Aug 2022 09:53:19 GMT
accept-ranges: bytes
content-length: 4282
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/uploads/elementor/thumbs/logo-Wordpress-pt2y1nbtck8wcyngkqekd0wdb175p2p67rwbfs8w2w.png
198.187.29.109200 OK 3.9 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/uploads/elementor/thumbs/logo-Wordpress-pt2y1nbtck8wcyngkqekd0wdb175p2p67rwbfs8w2w.png
IP 198.187.29.109:0
File type PNG image data, 140 x 36, 8-bit/color RGBA, non-interlaced\012- data
Hash 062bb3f100224787c8cac10a5d2c6be9
c3a5853928262f97cccd1b2fb26b4dc2ec186671
bfcb4f63fd7bc27818b902f77c88b46927df345b4eabda9917d2726e8dcbe517
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/thumbs/logo-Wordpress-pt2y1nbtck8wcyngkqekd0wdb175p2p67rwbfs8w2w.png HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: image/png
last-modified: Fri, 12 Aug 2022 09:53:19 GMT
accept-ranges: bytes
content-length: 3901
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/uploads/elementor/thumbs/elementor-pt2y17ck4dn0vlao61hwomxj7hdx27xqhkt2a2wl0o.png
198.187.29.109200 OK 4.0 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/uploads/elementor/thumbs/elementor-pt2y17ck4dn0vlao61hwomxj7hdx27xqhkt2a2wl0o.png
IP 198.187.29.109:0
File type PNG image data, 140 x 36, 8-bit/color RGBA, non-interlaced\012- data
Hash e0d48d94a0a35ba69a314be3fec11d0d
500a7bc35022a71787837ae5ebea5871c327111f
2fa14fbb7bd5461d3af10e4a60658663059a47f33e776bd59322550ffa23380c
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/thumbs/elementor-pt2y17ck4dn0vlao61hwomxj7hdx27xqhkt2a2wl0o.png HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: image/png
last-modified: Fri, 12 Aug 2022 09:53:19 GMT
accept-ranges: bytes
content-length: 3986
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/uploads/elementor/thumbs/logo-HTML5-pt2y1b3wvps66157k34eylzdl0vdx0cnu3f076r0bs.png
198.187.29.109200 OK 2.8 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/uploads/elementor/thumbs/logo-HTML5-pt2y1b3wvps66157k34eylzdl0vdx0cnu3f076r0bs.png
IP 198.187.29.109:0
File type PNG image data, 140 x 36, 8-bit/color RGBA, non-interlaced\012- data
Hash fb7d6a3ac5382e210a60a577eec114b0
ef2f93c62c461e173df98bc219088fe71d6e5844
25058f0da8b2c7977897f1ec0f87849968d74049568eaebe343b2741e0697f5f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/thumbs/logo-HTML5-pt2y1b3wvps66157k34eylzdl0vdx0cnu3f076r0bs.png HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: image/png
last-modified: Fri, 12 Aug 2022 09:53:19 GMT
accept-ranges: bytes
content-length: 2783
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/uploads/elementor/thumbs/logo-CSS3-pt2y1988i1plit7xv2b5tmgge94nhm575u418mtso8.png
198.187.29.109200 OK 2.9 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/uploads/elementor/thumbs/logo-CSS3-pt2y1988i1plit7xv2b5tmgge94nhm575u418mtso8.png
IP 198.187.29.109:0
File type PNG image data, 140 x 36, 8-bit/color RGBA, non-interlaced\012- data
Hash 25bafe78742a2d6acd0ed82a7446fa7d
d45bd52541342b02f243bba3ed622bdcdc422603
19057893cd0d90ad5cd83bf7a4926804b76e315e0ab21e0df4792487c0d0513c
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/thumbs/logo-CSS3-pt2y1988i1plit7xv2b5tmgge94nhm575u418mtso8.png HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: image/png
last-modified: Fri, 12 Aug 2022 09:53:19 GMT
accept-ranges: bytes
content-length: 2897
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/uploads/elementor/thumbs/namecheap-pt2y1s10aqfbz0gmtafp7hpo9yjzrk7twf5qu61x7s.png
198.187.29.109200 OK 3.3 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/uploads/elementor/thumbs/namecheap-pt2y1s10aqfbz0gmtafp7hpo9yjzrk7twf5qu61x7s.png
IP 198.187.29.109:0
File type PNG image data, 140 x 36, 8-bit/color RGBA, non-interlaced\012- data
Hash 1564a44d7e81ddf5227dd4766aa508cb
e7046f47130b781bd3cac4bf2c8cbe298fb8c46f
dbbdd9028c8e464ff576e979c347635b5ff867e138c89cbfb35e01a889dc5c20
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/thumbs/namecheap-pt2y1s10aqfbz0gmtafp7hpo9yjzrk7twf5qu61x7s.png HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: image/png
last-modified: Fri, 12 Aug 2022 09:53:19 GMT
accept-ranges: bytes
content-length: 3333
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/uploads/elementor/thumbs/logo-Photoshop-pt2y1jkgl83r2isx6os231uixhpouaa8v9adioegrs.png
198.187.29.109200 OK 3.8 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/uploads/elementor/thumbs/logo-Photoshop-pt2y1jkgl83r2isx6os231uixhpouaa8v9adioegrs.png
IP 198.187.29.109:0
File type PNG image data, 140 x 36, 8-bit/color RGBA, non-interlaced\012- data
Hash ae4de1fa77573dd7a2ac69896c473065
9f4a6d1b9f8658f901808ecf998eb9b11577f502
205ecd1e43eca1def39d6a6c2075646e19c7d06a1e4976805ec3bb5497b906d8
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/thumbs/logo-Photoshop-pt2y1jkgl83r2isx6os231uixhpouaa8v9adioegrs.png HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: image/png
last-modified: Fri, 12 Aug 2022 09:53:19 GMT
accept-ranges: bytes
content-length: 3768
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/uploads/elementor/thumbs/logo-HostGator-pt2y1a62ovqvuf6kpkpse47wzn00pb8xhyripwsei0.png
198.187.29.109200 OK 4.9 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/uploads/elementor/thumbs/logo-HostGator-pt2y1a62ovqvuf6kpkpse47wzn00pb8xhyripwsei0.png
IP 198.187.29.109:0
File type PNG image data, 140 x 36, 8-bit/color RGBA, non-interlaced\012- data
Hash 9071bcb5a072e810ac270a86196f17fc
66c4075cae05c95075e3bf19f93082fa5646208c
6df6139a2c6985b6bb6973f99056bccf830c81d084c183b9004e277c7b9e7124
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/thumbs/logo-HostGator-pt2y1a62ovqvuf6kpkpse47wzn00pb8xhyripwsei0.png HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: image/png
last-modified: Fri, 12 Aug 2022 09:53:19 GMT
accept-ranges: bytes
content-length: 4910
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/uploads/elementor/thumbs/shopee-pt2y13l7d1hvl5g4rzveenvotxwg7fit5274cz25pk.png
198.187.29.109200 OK 3.3 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/uploads/elementor/thumbs/shopee-pt2y13l7d1hvl5g4rzveenvotxwg7fit5274cz25pk.png
IP 198.187.29.109:0
File type PNG image data, 140 x 36, 8-bit/color RGBA, non-interlaced\012- data
Hash 765fdc719233f33a0cf8a98f3d99011c
c61f8531ad94e63e51a8e114e31b236a31bb26ba
933e91f9c6e053735b422e6d9b3c29480ddc4f4cf71ad4d27600854ed16297a6
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/thumbs/shopee-pt2y13l7d1hvl5g4rzveenvotxwg7fit5274cz25pk.png HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: image/png
last-modified: Fri, 12 Aug 2022 09:53:19 GMT
accept-ranges: bytes
content-length: 3336
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/uploads/elementor/thumbs/logo-WPengine-pt2y1p7hq8bh06kq9r7ti0fahsxw4gwmw17aec63qg.png
198.187.29.109200 OK 3.3 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/uploads/elementor/thumbs/logo-WPengine-pt2y1p7hq8bh06kq9r7ti0fahsxw4gwmw17aec63qg.png
IP 198.187.29.109:0
File type PNG image data, 140 x 36, 8-bit/color RGBA, non-interlaced\012- data
Hash fcef63af0518b0d13041502544a3d231
577da15dc9e891c9349f2fe06178dad290808472
748cd20d28be695bafeaae7d1eb85c1cd407e6d88c58faaddadcf3c0d583628a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/thumbs/logo-WPengine-pt2y1p7hq8bh06kq9r7ti0fahsxw4gwmw17aec63qg.png HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: image/png
last-modified: Fri, 12 Aug 2022 09:53:19 GMT
accept-ranges: bytes
content-length: 3271
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/uploads/elementor/thumbs/Untitled-2-pt2y15gvqpkg8ddeh0onjnem0pn6mtq9tbi3bizdd4.png
198.187.29.109200 OK 3.4 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/uploads/elementor/thumbs/Untitled-2-pt2y15gvqpkg8ddeh0onjnem0pn6mtq9tbi3bizdd4.png
IP 198.187.29.109:0
File type PNG image data, 140 x 36, 8-bit/color RGBA, non-interlaced\012- data
Hash 1925d84fe3988cec8251658434b22a6b
066b07e1353baab964a68744b2c89633dd7485c1
b9cbf8fbeb39bf8709c71425a83803cd0b2fa18842fce009eaa9e5171d4424e2
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/thumbs/Untitled-2-pt2y15gvqpkg8ddeh0onjnem0pn6mtq9tbi3bizdd4.png HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: image/png
last-modified: Fri, 12 Aug 2022 09:53:19 GMT
accept-ranges: bytes
content-length: 3375
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/uploads/elementor/thumbs/logo-Illustrator-pt2y1dxfg7w14v143mcao39rd6hhk3nuuhdgn0mtt4.png
198.187.29.109200 OK 3.7 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/uploads/elementor/thumbs/logo-Illustrator-pt2y1dxfg7w14v143mcao39rd6hhk3nuuhdgn0mtt4.png
IP 198.187.29.109:0
File type PNG image data, 140 x 36, 8-bit/color RGBA, non-interlaced\012- data
Hash 747b717b917ab49daae2e7d54e3c7d3e
8827fb28d9254a363724c965086ca8ec14ae641a
497cb2861e9ef3a90f9fa8b2b85ee201f4ee6f9b37fa9b9cdae0fab18de5832f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/thumbs/logo-Illustrator-pt2y1dxfg7w14v143mcao39rd6hhk3nuuhdgn0mtt4.png HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: image/png
last-modified: Fri, 12 Aug 2022 09:53:19 GMT
accept-ranges: bytes
content-length: 3688
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/cache/wpfc-minified/lx9btp4a/41kvu.css
198.187.29.109200 OK 3.3 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/cache/wpfc-minified/lx9btp4a/41kvu.css
IP 198.187.29.109:0
File type ASCII text, with very long lines (36838), with no line terminators
Hash 3053705e86436f1507e5f5e3d9c78611
2cfe3797cb07db8ad1584986004a59755ceef7e5
e9d21ad4e49760e27bf26891ccd4ff0acd7acb7895d7ff234d25604d99ea4e32
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/wpfc-minified/lx9btp4a/41kvu.css HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: text/css
last-modified: Thu, 11 Aug 2022 14:44:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3345
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js?ver=1.0.0
198.187.29.109200 OK 953 B URL HTTP/2 www.glennmarkdizon.com/wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js?ver=1.0.0
IP 198.187.29.109:0
File type ASCII text, with very long lines (3164), with no line terminators
Hash 4a7d773f90facef221a9cfa11bdb2973
5ecb3100b641b2af7f7d56533a14b23fcaf15787
0fe42ed1de09f98dd0cc32f562d016a8d9cc13fcd0a0d407a11a66714c999fca
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js?ver=1.0.0 HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: application/javascript
last-modified: Mon, 08 Aug 2022 13:57:47 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 953
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.4.2
198.187.29.109200 OK 2.7 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.4.2
IP 198.187.29.109:0
File type ASCII text, with very long lines (8185), with no line terminators
Hash ba446cbbeaa0ebc4d483c0af3c8011a9
b3db5d00f7eb45930023bee244092cd0cd38c1a8
54afa453a475042c53f887f928eccc98162050432fecb325caf3df562a484a44
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.4.2 HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: application/javascript
last-modified: Tue, 22 Nov 2022 11:12:20 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2731
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/uploads/essential-addons-elementor/eael-2.js?ver=1668610908
198.187.29.109200 OK 626 B URL HTTP/2 www.glennmarkdizon.com/wp-content/uploads/essential-addons-elementor/eael-2.js?ver=1668610908
IP 198.187.29.109:0
File type ASCII text, with very long lines (1594), with no line terminators
Hash 32774a9240f7180491544bc57c2c34ac
b3c625489a17de8eacdc131a0c58dd0925497edf
646361968934ca7f7459cf22d81bc56f40e446376c49a94bbf22f4691aee7ed1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/essential-addons-elementor/eael-2.js?ver=1668610908 HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: application/javascript
last-modified: Thu, 11 Aug 2022 21:15:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 626
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1
198.187.29.109200 OK 6.9 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1
IP 198.187.29.109:0
File type ASCII text, with very long lines (25115)
Hash e8d8c6e4997a420abc51e5fa8c1caa8b
39ae930f057de725cff8549eed82f31f8d0816c1
730b8265b47a7f9bf014b64fb5c27f9f1cff1051dbf53e60ceb3cc16def732cc
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1 HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: application/javascript
last-modified: Wed, 16 Nov 2022 06:34:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6935
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
198.187.29.109200 OK 1.7 kB URL HTTP/2 www.glennmarkdizon.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP 198.187.29.109:0
File type ASCII text, with very long lines (5477)
Hash fa921f07ecc438baf227765de450e215
1fdd49d8bb681cb118ea8d67d4fc61b0ad46cc95
b2cc68637048b04952a2f33163f64571145dbe0817a14c68fe6f1661bd81091f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: application/javascript
last-modified: Sun, 14 Jun 2020 04:23:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1733
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.8.1
198.187.29.109200 OK 2.2 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.8.1
IP 198.187.29.109:0
File type ASCII text, with very long lines (5191)
Hash e4998c3ccd0be231c124cc8b901c9fb3
48f7574440965c442de02067c8a830fd2ce88533
d7cb3803938f026316dd1ac3056c785c9a56148783a8d8180c1aa0bb0a5e7961
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.8.1 HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: application/javascript
last-modified: Wed, 16 Nov 2022 06:34:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2208
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1
198.187.29.109200 OK 2.3 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1
IP 198.187.29.109:0
File type ASCII text, with very long lines (4918)
Hash 42c158f69cb0e3a2a07a7e4aa108138d
a0887957851c1fb2a575429361e17a75d28f3f70
c97662942502af783f14fca6970a683f62d7d10f112e867c52f34d9b6a272d07
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1 HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: application/javascript
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 2274
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1
198.187.29.109200 OK 10 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1
IP 198.187.29.109:0
File type Unicode text, UTF-8 text, with very long lines (32907)
Hash 72fd7d7a61961996172a081cb3eed6cb
7f6d4dc14ef08153606c57d374fd50b685ba383d
757fe1355fa4c3eed3c286520c6af9d344ab9d15a78d8d54a17e7573f866b9be
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1 HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: application/javascript
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10425
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:59:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:59:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:59:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.glennmarkdizon.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:08 GMT
expires: Thu, 23 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 87897
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:59:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/rubik/v21/iJWEBXyIfDnIV7nEnX661A.woff2
216.58.207.195200 OK 34 kB URL HTTP/2 fonts.gstatic.com/s/rubik/v21/iJWEBXyIfDnIV7nEnX661A.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 34500, version 1.0\012- data
Hash faff0ee016116a366390902ac4445672
f0392ff9fc0b9fd3169662810504bb0108857e4a
7537368c23adecd664ec589e81d5279bbc5ff02c09d52247daf460e2046c4cdc
GET /s/rubik/v21/iJWEBXyIfDnIV7nEnX661A.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.glennmarkdizon.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 34500
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 03:40:18 GMT
expires: Wed, 22 Nov 2023 03:40:18 GMT
cache-control: public, max-age=31536000
age: 231527
last-modified: Mon, 18 Jul 2022 19:24:57 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
216.58.207.195200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 17368, version 1.0\012- data
Hash abe083d96b58eb02ada8b7c30d7b09f2
61447d66d13a8c8f4335696777a85c438c46f749
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
GET /s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.glennmarkdizon.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:56:18 GMT
expires: Thu, 23 Nov 2023 18:56:18 GMT
cache-control: public, max-age=31536000
age: 90167
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/teko/v15/LYjCdG7kmE0gdRhYsCRgqA.woff2
216.58.207.195200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/teko/v15/LYjCdG7kmE0gdRhYsCRgqA.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 12908, version 1.0\012- data
Hash 16665b9f4631861e47e30e227eea4da4
bf293bdca2aea57481dd3055cbfc8ae63e132302
3ac7f47be06ed56cebf7d19f23386fa58144a3fec5dfb68a82edcecc20df444a
GET /s/teko/v15/LYjCdG7kmE0gdRhYsCRgqA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.glennmarkdizon.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 20:06:17 GMT
expires: Tue, 21 Nov 2023 20:06:17 GMT
cache-control: public, max-age=31536000
age: 258768
last-modified: Wed, 27 Apr 2022 16:11:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/teko/v15/LYjCdG7kmE0gdVBesCRgqA.woff2
216.58.207.195200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/teko/v15/LYjCdG7kmE0gdVBesCRgqA.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 13196, version 1.0\012- data
Hash 5b9fce771bd530ab9767e2b5aebd28c1
28ee5935b59df8b2d6876707e1f0f0e6768d2d31
a3bf77e9dea5a047c348fa98ccbeb5d5e07de3541ce0a2dfb243690da964804c
GET /s/teko/v15/LYjCdG7kmE0gdVBesCRgqA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.glennmarkdizon.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13196
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 18 Nov 2022 23:39:55 GMT
expires: Sat, 18 Nov 2023 23:39:55 GMT
cache-control: public, max-age=31536000
age: 505150
last-modified: Wed, 27 Apr 2022 16:17:49 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2
216.58.207.195200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 13324, version 1.0\012- data
Hash b4082c888eefa2dca3fe2c9d46a87180
05aeb6c58175f659fe59eaca5a9d3735dd0530e3
352ad1513eeaeec51060f01d5bed32345862ec4d9c0802b81e0a47885951e4b6
GET /s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.glennmarkdizon.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13324
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 21:50:27 GMT
expires: Thu, 23 Nov 2023 21:50:27 GMT
cache-control: public, max-age=31536000
age: 79718
last-modified: Wed, 27 Apr 2022 17:05:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/teko/v15/LYjCdG7kmE0gdQhfsCRgqA.woff2
216.58.207.195200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/teko/v15/LYjCdG7kmE0gdQhfsCRgqA.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 12920, version 1.0\012- data
Hash 4e9bb95d9d1d1977ad49de19cc440798
f329c5954156fda7ad91aca3f7176825e1deeaa7
7ca4f53e3c51595a3147ed5b6c325af58291810132602f0b2bc9305faeea770b
GET /s/teko/v15/LYjCdG7kmE0gdQhfsCRgqA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.glennmarkdizon.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 23:59:27 GMT
expires: Thu, 23 Nov 2023 23:59:27 GMT
cache-control: public, max-age=31536000
age: 71978
last-modified: Wed, 27 Apr 2022 16:12:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2
216.58.207.195200 OK 34 kB URL HTTP/2 fonts.gstatic.com/s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 33580, version 1.0\012- data
Hash 848cd2ecd011428969dc6b90431bc482
6b1a7b562a56bd54510e0f6f95e26babca331a1b
981307dcbbd348f6fb4e3eab184077392f9ee15097ea868f630debefad9044e9
GET /s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.glennmarkdizon.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Nov 2022 21:38:57 GMT
expires: Fri, 17 Nov 2023 21:38:57 GMT
cache-control: public, max-age=31536000
age: 598808
last-modified: Mon, 18 Jul 2022 19:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:59:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.glennmarkdizon.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
198.187.29.109200 OK 2.4 kB URL HTTP/2 www.glennmarkdizon.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 198.187.29.109:0
File type ASCII text, with very long lines (6475), with no line terminators
Hash 4e773d7cec56bacab6d2db420be6f262
c95573d884c1caec0ec9c6f3e2a8c0fbf28d939a
5c8839d0b02f21e8d83d856bbf85a6b87fbedf9ba0b70711b11a1c378d5443e7
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: application/javascript
last-modified: Mon, 11 Apr 2022 21:34:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2354
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/cache/wpfc-minified/6jw9eva4/41kvu.css
198.187.29.109200 OK 876 B URL HTTP/2 www.glennmarkdizon.com/wp-content/cache/wpfc-minified/6jw9eva4/41kvu.css
IP 198.187.29.109:0
File type ASCII text, with very long lines (11736), with no line terminators
Hash 75770153fafe35685a4fd3af6fc83d2d
77bfd1b39a070d3dabfa7d0994e737638871f540
2b85df6dfce745a3560d171f592e0264c9d3d9ac67e28d45da8b3a17f7fdbb17
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/wpfc-minified/6jw9eva4/41kvu.css HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: text/css
last-modified: Thu, 11 Aug 2022 14:44:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 876
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/cache/wpfc-minified/fptr1xbo/41kvu.css
198.187.29.109200 OK 2.4 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/cache/wpfc-minified/fptr1xbo/41kvu.css
IP 198.187.29.109:0
File type ASCII text, with very long lines (10019)
Hash d2db71c82a8f672aea59a3e050cd8cd7
af626566f94b3164e4310288cfb142431e8349a6
bcd2c9c2ba22a48a8fabf9fbe5e947deb6404367e4be24f48326e302aead1180
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/wpfc-minified/fptr1xbo/41kvu.css HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: text/css
last-modified: Thu, 11 Aug 2022 14:44:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2442
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
198.187.29.109200 OK 6.3 kB URL HTTP/2 www.glennmarkdizon.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 198.187.29.109:0
File type Unicode text, UTF-8 text, with very long lines (17819), with no line terminators
Hash fecbc00e8af71d8cfb678cd811c7cb2e
44e5dd77f62cb5c67271442b75cdff10d45f2f8d
d6f03fb4728d0c23251451df8d66b5107d3c87458dc624aacfbad437e99d01f1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 03:43:21 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6335
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
198.187.29.109200 OK 1.6 kB URL HTTP/2 www.glennmarkdizon.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
IP 198.187.29.109:0
File type ASCII text, with very long lines (4875)
Hash 06a8ac0e71976bc143cfa7861a31169d
def6031fe13259bf17752661832d815e37068bf2
e6f42d97e7299522bbb002364128fdf72cd22263ca72c5edc41dcd8f4672cd33
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5 HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: application/javascript
last-modified: Mon, 11 Apr 2022 21:34:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1575
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
198.187.29.109200 OK 3.7 kB URL HTTP/2 www.glennmarkdizon.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
IP 198.187.29.109:0
Hash f7acc55c5b34188d3e66c5f2ecf3ba80
802270f7a221e406af63d622d364b119d912c15b
826c4e13764f5bf1bd0a17f2e693d943f8605df1024815f67f43694f4338b713
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 03:43:21 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3717
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.8.1
198.187.29.109200 OK 5.5 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.8.1
IP 198.187.29.109:0
File type ASCII text, with very long lines (21520)
Hash f0e84537d354c9d7fb417acba75f1653
951a99450e68b70dd4fe96d2e9d78bac403c300e
5583cd2973b67e37163e8bbc5c83e3d0f5b73e0457ec7b3d0d1748b6ea6e5d3a
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.8.1 HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: application/javascript
last-modified: Wed, 16 Nov 2022 06:34:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5541
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
198.187.29.109200 OK 2.9 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP 198.187.29.109:0
File type ASCII text, with very long lines (12198), with no line terminators
Hash 869caa171b68cbec9fee5abbfb944ee8
f237e485e41f88b77384cfdb880f9d5a8f46eac8
25c2896e2790fb0e52f6b6ba1ce97bd87eb40463b4bb65ba16ad434c1d7a36dc
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: application/javascript
last-modified: Wed, 11 Jan 2017 21:35:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2867
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
198.187.29.109200 OK 6.8 kB URL HTTP/2 www.glennmarkdizon.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP 198.187.29.109:0
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 3d0ff0f6731d9cef860af9a5a0e3ce62
13aed444304d782039e261475c8b4450b83e743e
e8d05db77732c71843ced6f386ea82eb32243ac36e7ca3e071cb7f53e2ffbce5
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 03:43:20 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6800
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1
198.187.29.109200 OK 14 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1
IP 198.187.29.109:0
File type ASCII text, with very long lines (40474)
Hash 80ea5e6364819060d3ff0eb352c659b7
f0be9c1c7847452e72308179235c6174c996233b
adb011166bf2c942b960995ea4fc1c74a7981c5d025164ee8935db98ddb07b19
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1 HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: application/javascript
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 14013
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.8.1
198.187.29.109200 OK 6.4 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.8.1
IP 198.187.29.109:0
File type ASCII text, with very long lines (24753)
Hash d96ee6f32f0e67ba70c27a29700c0115
587a4e1c432a35a9c53ba3380b8aa204a176fbd4
86e714e095b0a12d1cbcf4f7bfade2978db9e3010821400709ec154ba343aede
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.8.1 HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: application/javascript
last-modified: Wed, 16 Nov 2022 06:34:13 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 6449
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.8.1
198.187.29.109200 OK 1.4 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.8.1
IP 198.187.29.109:0
File type ASCII text, with very long lines (3720)
Hash 28591e063f51afa032f2605cfb94e626
abdf45f59842867e3e07a79b902b59b53cdb02c7
a9801cf7c307371a05e3353dcf3da66ae32588136a92732a88d0745b8e08d100
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.8.1 HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: application/javascript
last-modified: Wed, 16 Nov 2022 06:34:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1442
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/uploads/2022/08/glow.jpg
198.187.29.109200 OK 153 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/uploads/2022/08/glow.jpg
IP 198.187.29.109:0
File type JPEG image data, progressive, precision 8, 600x1765, components 3\012- data
Size 153 kB (153099 bytes)
Hash c209af520cd47ed4f20470621981b2e4
0a02fc1ebdaefdde41c2c7ffadf5202a64252900
27c9a0749205167838c52ff9de0422fc39698683af1c72875f1ebf2c2772e871
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/glow.jpg HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: image/jpeg
last-modified: Thu, 11 Aug 2022 00:58:48 GMT
accept-ranges: bytes
content-length: 153099
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/uploads/2022/08/go.jpg
198.187.29.109200 OK 185 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/uploads/2022/08/go.jpg
IP 198.187.29.109:0
File type JPEG image data, progressive, precision 8, 600x1897, components 3\012- data
Size 185 kB (185417 bytes)
Hash b84f3f0c427735cba8b8a0fe78557a7b
2766dd223c34865ea7696b6d24c5a78f948182c9
017a5a0a0f0343549f728d37b827f94748feaeceddfcf97746b9fdfbd4f1af56
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/go.jpg HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: image/jpeg
last-modified: Fri, 12 Aug 2022 09:32:32 GMT
accept-ranges: bytes
content-length: 185417
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/uploads/2022/08/bg.webp
198.187.29.109200 OK 50 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/uploads/2022/08/bg.webp
IP 198.187.29.109:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 9fcf1463c71292f02f3c204f637e05b1
e8399d14c60f329c97c0cc2700a9d545aac4bf51
eb385a1d07c938205381ddba2642b44b06c1089e5478ff9c8106d6e61281457a
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/bg.webp HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/wp-content/uploads/elementor/css/post-2.css?ver=1668582133
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: image/webp
last-modified: Wed, 10 Aug 2022 21:49:14 GMT
accept-ranges: bytes
content-length: 50346
date: Thu, 24 Nov 2022 19:59:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/uploads/2022/08/dmp.jpg
198.187.29.109200 OK 238 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/uploads/2022/08/dmp.jpg
IP 198.187.29.109:0
File type JPEG image data, progressive, precision 8, 600x1853, components 3\012- data
Size 238 kB (238029 bytes)
Hash 5c3e5995264dcff7048d5172bc8d6fca
9be54a3966d9e986fbda64ff9dd4b41c983afcc7
40bc3f4431bf873d953b805d84d15db8187f6a96b2b0bcb12709346868beae71
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/dmp.jpg HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: image/jpeg
last-modified: Thu, 11 Aug 2022 00:58:37 GMT
accept-ranges: bytes
content-length: 238029
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/uploads/2022/08/web-design.png
198.187.29.109200 OK 17 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/uploads/2022/08/web-design.png
IP 198.187.29.109:0
File type PNG image data, 256 x 256, 16-bit/color RGBA, non-interlaced\012- data
Hash 3e3db35e684d78168abce6cb1524b3b3
9c0afc30bdf6f5e31ec1bee7727ba228795d8681
0d6efa5c1b5bb5c2047bb05d6978e1310e14edc330da92a3bcab0af93ffd47c4
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/web-design.png HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: image/png
last-modified: Wed, 10 Aug 2022 18:10:51 GMT
accept-ranges: bytes
content-length: 17423
date: Thu, 24 Nov 2022 19:59:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/uploads/2022/08/Industry-Bold.woff
198.187.29.109200 OK 22 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/uploads/2022/08/Industry-Bold.woff
IP 198.187.29.109:0
File type Web Open Font Format, TrueType, length 21988, version 0.0\012- data
Hash 7625d0cbac06b1c7f639d3e5b19dbd2e
222614bc82fff15ecdc843927e0707d97eb7261e
3a9054fdd24aea91754ac01e4ca2bab64622c02900c4dec131be8789aedbf367
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/Industry-Bold.woff HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://www.glennmarkdizon.com/wp-content/uploads/elementor/css/post-31.css?ver=1668580952
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: max-age=A10368000, public
content-type: font/woff
last-modified: Wed, 10 Aug 2022 14:47:54 GMT
accept-ranges: bytes
content-length: 21988
date: Thu, 24 Nov 2022 19:59:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e82bac439b4e05b63bd8049769218cb8
fe8c2994c00b1d8c6212d9a7006ff58498375575
5b905305e33eb7e21beb21216242ed0af8a4288b3a36c6aa278755244e57c373
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5519
Cache-Control: max-age=111138
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:59:07 GMT
Etag: "637ec69e-1d7"
Expires: Sat, 26 Nov 2022 02:51:25 GMT
Last-Modified: Thu, 24 Nov 2022 01:19:26 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
www.glennmarkdizon.com/wp-content/uploads/2022/08/ui.png
198.187.29.109200 OK 27 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/uploads/2022/08/ui.png
IP 198.187.29.109:0
File type PNG image data, 256 x 256, 16-bit/color RGBA, non-interlaced\012- data
Hash a1775be50c6146a33e111eb99e4c0748
a87376ac5da476b9107e35160651efaa4f97a646
6289975037106e189a89cafeff127d0cfdb34db504df3d16bba0c35a6bbcac0d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/ui.png HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: image/png
last-modified: Wed, 10 Aug 2022 18:10:50 GMT
accept-ranges: bytes
content-length: 27319
date: Thu, 24 Nov 2022 19:59:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/uploads/2022/08/2.jpg
198.187.29.109200 OK 213 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/uploads/2022/08/2.jpg
IP 198.187.29.109:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1894x972, components 3\012- data
Size 213 kB (213053 bytes)
Hash 217c9ab0419a92e5faca541e47d46596
c64ada491942b98c079a1a488e805f93b1ae503d
74fd72bcd233e7ccb122f9b4b8cff9b90cc7c9c44a3d1ac22e99fc8a0c0a26eb
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/2.jpg HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: image/jpeg
last-modified: Thu, 11 Aug 2022 00:14:37 GMT
accept-ranges: bytes
content-length: 213053
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
assets.calendly.com/assets/booking/js/locales/en-5ce89ddb.chunk.js
172.66.43.26200 OK 9.0 kB URL HTTP/2 assets.calendly.com/assets/booking/js/locales/en-5ce89ddb.chunk.js
IP 172.66.43.26:0
File type Unicode text, UTF-8 text, with very long lines (25489), with no line terminators
Hash 35b3bf3e63c7324c2d2267fa3745b993
da0386c29eb21020fa5574ccdbf7c3e53ca0a271
9f61ed30601ef521806c5fa50e186a798631ab1ce258016ff49425903d155f85
GET /assets/booking/js/locales/en-5ce89ddb.chunk.js HTTP/1.1
Host: assets.calendly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Cookie: __cf_bm=37hwnrPCUu_OBWTr3Teh2yzEu8KSP5HTYXLCq54PPXU-1669319944-0-AVS0QNd/eSpmx5A+DOin9r5niJlyQXxy/jT41UvwvEDEz/4MXl3/68t0rAhxjDjncM6bd/CD5uWVKf+L6/ifMII=; __cfruid=690fc1972f5ae59fbd36ba522948ffd4515b8537-1669319946
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 19:59:07 GMT
content-type: application/javascript
cf-ray: 76f4b926ff2bb529-OSL
age: 284553
cache-control: public, max-age=31536000
etag: W/"5777d56f8757afb041bd71777ba2c269"
expires: Fri, 25 Nov 2022 19:59:07 GMT
last-modified: Mon, 21 Nov 2022 12:51:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
cf-bgj: minify
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/js/nav-menu.3de49ba5ef86f9a22ff5.bundle.min.js
198.187.29.109200 OK 1.2 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/js/nav-menu.3de49ba5ef86f9a22ff5.bundle.min.js
IP 198.187.29.109:0
File type ASCII text, with very long lines (3262)
Hash 1f95630d4f2fb8bf9de5439bbcbd90e7
b54331bd36ece8ecce75a79317cf580ec4db55c8
956f6c7592a93b3b069f9a1958cb992ff789a6e9c40aae30f68e0a858d9dd02a
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/js/nav-menu.3de49ba5ef86f9a22ff5.bundle.min.js HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: application/javascript
last-modified: Wed, 16 Nov 2022 06:34:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1172
date: Thu, 24 Nov 2022 19:59:06 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/js/animated-headline.ffb4bb4ce1b16b11446d.bundle.min.js
198.187.29.109200 OK 2.6 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/js/animated-headline.ffb4bb4ce1b16b11446d.bundle.min.js
IP 198.187.29.109:0
File type ASCII text, with very long lines (7828)
Hash 84d2b938cc5d8f6afe1819a456eca7cf
19c881484ea45407eed28135f284448d1ae26388
c6eece1ddff8d9c24132eba8970829a3b029777806da856193b11639f9229bce
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/js/animated-headline.ffb4bb4ce1b16b11446d.bundle.min.js HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: application/javascript
last-modified: Wed, 16 Nov 2022 06:34:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2613
date: Thu, 24 Nov 2022 19:59:06 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
198.187.29.109200 OK 599 B URL HTTP/2 www.glennmarkdizon.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
IP 198.187.29.109:0
File type ASCII text, with very long lines (1320)
Hash b59e163b50b8e62a7e08b4ce88241b48
4f45b1e9e0270133c35c43a1a33d5b2d292b8693
73ba293d6c6c5c89f37eb310eead199d2a7268ada96c881f41ec8ca5b7f693bb
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: application/javascript
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 599
date: Thu, 24 Nov 2022 19:59:06 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/plugins/elementor/assets/js/image-carousel.e02695895b33b77d89de.bundle.min.js
198.187.29.109200 OK 1.1 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/plugins/elementor/assets/js/image-carousel.e02695895b33b77d89de.bundle.min.js
IP 198.187.29.109:0
File type ASCII text, with very long lines (2738)
Hash 342e83f267626b6f21cf7991fec9cf80
c05d9303d2d4e452fbbea9b3f9f95971619e81ce
83ccf5a8047707030e4ee4d08611ec393a84a8ff9ebc24e1798e54716af23076
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/image-carousel.e02695895b33b77d89de.bundle.min.js HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: application/javascript
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1106
date: Thu, 24 Nov 2022 19:59:06 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/uploads/2022/08/gmd-logo-with-white.png
198.187.29.109200 OK 56 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/uploads/2022/08/gmd-logo-with-white.png
IP 198.187.29.109:0
File type PNG image data, 494 x 348, 8-bit/color RGBA, non-interlaced\012- data
Hash a44ca03f27dda10a0eece2ccb8bfe4db
2da349e8768d68b51ecdfa95cc671a7468edbc7f
8c949245ee63715a22e03bade20eefabafb3ee3712b16994bcecb6ba54d767f5
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/gmd-logo-with-white.png HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: image/png
last-modified: Wed, 10 Aug 2022 16:02:04 GMT
accept-ranges: bytes
content-length: 55618
date: Thu, 24 Nov 2022 19:59:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
198.187.29.109200 OK 77 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
IP 198.187.29.109:0
File type Web Open Font Format (Version 2), TrueType, length 76764, version 331.-31261\012- data
Hash f7307680c7fe85959f3ecf122493ea7d
fce0da592a3e536d6d5df5b50cb513398d8c5161
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://www.glennmarkdizon.com/wp-content/cache/wpfc-minified/ehs6yavo/41kvu.css
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: application/font-woff2
last-modified: Thu, 17 Jun 2021 14:07:24 GMT
accept-ranges: bytes
content-length: 76764
date: Thu, 24 Nov 2022 19:59:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/uploads/2022/08/kelly.jpg
198.187.29.109200 OK 235 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/uploads/2022/08/kelly.jpg
IP 198.187.29.109:0
File type JPEG image data, progressive, precision 8, 600x1868, components 3\012- data
Size 235 kB (235216 bytes)
Hash cef725b86a14fea4b1e869390979a3c7
37088d3800f3141fd86ee1ff3b7ab091532dcb7e
da8115dd5f79ca2bac681b421296720cb16aac71f7e3ed41b92b3c6f6a1dbb0e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/kelly.jpg HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: image/jpeg
last-modified: Thu, 11 Aug 2022 00:58:13 GMT
accept-ranges: bytes
content-length: 235216
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.16.0
198.187.29.109200 OK 93 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.16.0
IP 198.187.29.109:0
File type Web Open Font Format (Version 2), TrueType, length 93372, version 1.0\012- data
Hash aab0bb3379e0eb7ebc26071db61fbd57
711c8d350c4192c2f1aa7f73551445b89fb4b161
691fa7d17effc7d303eda0ad7e4a1d91b2f375506cfc8a774480cc2b55f156ea
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.16.0 HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://www.glennmarkdizon.com/wp-content/cache/wpfc-minified/2qbsyya5/ab39e.css
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: application/font-woff2
last-modified: Mon, 01 Aug 2022 04:11:38 GMT
accept-ranges: bytes
content-length: 93372
date: Thu, 24 Nov 2022 19:59:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
198.187.29.109200 OK 78 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
IP 198.187.29.109:0
File type Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Hash e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://www.glennmarkdizon.com/wp-content/cache/wpfc-minified/ehs6yavo/41kvu.css
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: application/font-woff2
last-modified: Thu, 17 Jun 2021 14:07:24 GMT
accept-ranges: bytes
content-length: 78196
date: Thu, 24 Nov 2022 19:59:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/uploads/2022/08/sty.jpg
198.187.29.109200 OK 277 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/uploads/2022/08/sty.jpg
IP 198.187.29.109:0
File type JPEG image data, progressive, precision 8, 600x2179, components 3\012- data
Size 277 kB (276920 bytes)
Hash bd8118714e71b5e819e9db8402ad52d4
9d80dd44e264059d6e79d6f5635f2a66d2b8a6aa
3be8eb8965b5c3e6207819066e7efc15357a2fad5d1d700c0732dd7506db0681
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/sty.jpg HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: image/jpeg
last-modified: Fri, 12 Aug 2022 09:32:35 GMT
accept-ranges: bytes
content-length: 276920
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/js/carousel.9b02b45d7826c1c48f33.bundle.min.js
198.187.29.109200 OK 1.6 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/plugins/elementor-pro/assets/js/carousel.9b02b45d7826c1c48f33.bundle.min.js
IP 198.187.29.109:0
File type ASCII text, with very long lines (4970)
Hash 97e2cedd69ff056c2bf91d5a9d73021a
b1e0fde13d2eb1fa820481cdc33ce04d25798212
077370b64847099a0ed7ea5c82e7f4f55291d360451210877a2374fe26e16f25
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/js/carousel.9b02b45d7826c1c48f33.bundle.min.js HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: application/javascript
last-modified: Wed, 16 Nov 2022 06:34:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1593
date: Thu, 24 Nov 2022 19:59:06 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/uploads/2022/08/dark-grey-black-slate-texture-with-high-resolution-background-natural-black-stone-wall-e1622754926233.jpg
198.187.29.109200 OK 168 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/uploads/2022/08/dark-grey-black-slate-texture-with-high-resolution-background-natural-black-stone-wall-e1622754926233.jpg
IP 198.187.29.109:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, baseline, precision 8, 1300x866, components 3\012- data
Size 168 kB (167936 bytes)
Hash d78b950a8091a65a540d3461b42dbebc
b8af228b22ebc617c4d3fface4758f408f0644d1
5d88015b2627fadb11ab53779cf0c45b79ae90ccc169dfa01927ce8b23b718de
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/dark-grey-black-slate-texture-with-high-resolution-background-natural-black-stone-wall-e1622754926233.jpg HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/wp-content/uploads/elementor/css/post-2.css?ver=1668582133
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: image/jpeg
last-modified: Wed, 10 Aug 2022 17:14:45 GMT
accept-ranges: bytes
content-length: 167936
date: Thu, 24 Nov 2022 19:59:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/otSDKStub.js
104.16.148.64200 OK 7.2 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/otSDKStub.js
IP 104.16.148.64:0
File type ASCII text, with very long lines (21747)
Hash 7b4564ae957eef3a8302343f44c5cfb3
296c38b2ae23a31d80201b32a38c02e75de27c91
15155c8652fe9654c2d2813743ae09ff93a469d790d3424a6b090f876b3d9bb2
GET /scripttemplates/otSDKStub.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 19:59:07 GMT
content-type: application/javascript
content-length: 7151
content-encoding: gzip
content-md5: e0VkrpV+7zqDAjQ/RMXPsw==
last-modified: Tue, 22 Nov 2022 16:39:23 GMT
etag: 0x8DACCA81CF94662
x-ms-request-id: 612b53d7-501e-0067-08d0-fe6b41000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 65382
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76f4b9295ba2b50f-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b9d9f8ed6c8abffda48365f6bc32b84b
33ad802992d04ae77047e05a68120cb4e42a00e6
7009ce6ea1f0023531d8fd70bcf73a0091b663ad7b0f5a9d1785a0f1d2334583
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:59:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.segment.io/analytics.js/v1/rfvnxd6wnn/analytics.min.js
54.230.111.79200 OK 27 kB URL HTTP/1.1 cdn.segment.io/analytics.js/v1/rfvnxd6wnn/analytics.min.js
IP 54.230.111.79:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash ee95babc0355098f897fa1f255f8f792
8465690a970b1c8b2633ae047a981fcf81b39412
395c44a432d4d983f5731e2905f503a2020742a43e52b41b23c6e7afb6d6d85b
GET /analytics.js/v1/rfvnxd6wnn/analytics.min.js HTTP/1.1
Host: cdn.segment.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Max-Age: 3000
x-amz-replication-status: COMPLETED
Last-Modified: Wed, 23 Nov 2022 02:37:15 GMT
x-amz-version-id: mRFzy5lg.Mdn5xPxPbasxX8N.ivxAIuX
Server: AmazonS3
Content-Encoding: br
Date: Thu, 24 Nov 2022 19:59:07 GMT
Cache-Control: public, max-age=120
ETag: W/"bcf6e40a47c7245c7cc594ffdfdc8766"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: b_yWOaehf0gy552G933wy3Jb5jf9X_mOBeVbEmMeCTTjShHTrbXDTA==
Age: 21
www.recaptcha.net/recaptcha/enterprise.js?render=6LeAb4QUAAAAAOM9CNYSsvbnzWTByRAgm3GA5D4n
142.250.74.131200 OK 616 B URL HTTP/2 www.recaptcha.net/recaptcha/enterprise.js?render=6LeAb4QUAAAAAOM9CNYSsvbnzWTByRAgm3GA5D4n
IP 142.250.74.131:0
File type ASCII text, with very long lines (977), with no line terminators
Hash b3263bd0dc85f12157aaa26f96a859c0
df6b8b8e21bd4710f71745807022ae385d2357b3
f0d7a906206e04ab3457a2196be1a25cb72af9b86c622deacda44aed925e5276
GET /recaptcha/enterprise.js?render=6LeAb4QUAAAAAOM9CNYSsvbnzWTByRAgm3GA5D4n HTTP/1.1
Host: www.recaptcha.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Thu, 24 Nov 2022 19:59:07 GMT
date: Thu, 24 Nov 2022 19:59:07 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 616
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/uploads/2022/08/816.jpg
198.187.29.109200 OK 327 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/uploads/2022/08/816.jpg
IP 198.187.29.109:0
File type JPEG image data, progressive, precision 8, 600x1999, components 3\012- data
Size 327 kB (326832 bytes)
Hash bdaf57ace22465a60f4ac5b067a3f6ca
86da152b1666f57603b5f4abce7aa11c064becd1
23272d33b7ddbe3c034fdad9c19c764d3ab4982bdc4fc4fc0f1ae04253faaec8
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/816.jpg HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: image/jpeg
last-modified: Thu, 11 Aug 2022 00:58:34 GMT
accept-ranges: bytes
content-length: 326832
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/uploads/2022/08/miss.jpg
198.187.29.109200 OK 398 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/uploads/2022/08/miss.jpg
IP 198.187.29.109:0
File type JPEG image data, progressive, precision 8, 600x2402, components 3\012- data
Size 398 kB (397753 bytes)
Hash 6118a0498f8a6aeae35b09a7f0619b8c
79f02403e76a0e7b36d25732a8f521f8f6bc10a9
a89aaabde960baae6b75f7181175097172821aa0909e09583775b3b0bff3c60a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/miss.jpg HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: image/jpeg
last-modified: Thu, 11 Aug 2022 00:58:25 GMT
accept-ranges: bytes
content-length: 397753
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b9d9f8ed6c8abffda48365f6bc32b84b
33ad802992d04ae77047e05a68120cb4e42a00e6
7009ce6ea1f0023531d8fd70bcf73a0091b663ad7b0f5a9d1785a0f1d2334583
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:59:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
js.stripe.com/v3
143.204.55.68200 OK 100 kB IP 143.204.55.68:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 100 kB (100111 bytes)
Hash f26b30a01526e9ff2d25b75998afc060
03a25b8b2516b7b0cd176443c02a707928c2f169
584f44062fc51e5e462ff4f0f63955a72cd97420d7f97d0612a8715e2fcde9e0
GET /v3 HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
last-modified: Tue, 22 Nov 2022 04:35:52 GMT
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-encoding: br
date: Thu, 24 Nov 2022 19:59:08 GMT
cache-control: max-age=60
etag: W/"0811280c436e51c657484d591864732e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: X9ewMyJEgwPHCRxUyB_fAI_znXgHIju-pS2DwAQIV37U09NSJIRymA==
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 64bacbb678651eb2188087ef97a8d3ba
b60612b4347f06f6252787c9818d0abf23142a8c
52da706502df2f837bf52848fe06737bb2c3d2bfd5f099650a6c7491164c5b2d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6268
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:59:08 GMT
Last-Modified: Thu, 24 Nov 2022 18:14:40 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 278
geolocation.onetrust.com/cookieconsentpub/v1/geo/location
104.18.27.85200 OK 87 kB URL HTTP/2 geolocation.onetrust.com/cookieconsentpub/v1/geo/location
IP 104.18.27.85:0
File type JSON data\012- , ASCII text, with very long lines (65383)
Hash 1261714cb9b0baf8f8b2d836fa0e8f16
b6ed581ab182395b3e97fb3b3a3fe3500cc4073a
e54bf5a9997c2d8d029df7967f99df7d85cbbe069b76e590f8e42bde6bfa0fb4
GET /cookieconsentpub/v1/geo/location HTTP/1.1
Host: geolocation.onetrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Origin: https://calendly.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 19:59:08 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 76f4b92b2a861c0e-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.cookielaw.org/consent/a838c8e4-e3ce-442e-8f96-c88d0af98990/5951f320-20c6-4a8b-af0f-fd8407279735/en.json
104.16.148.64200 OK 21 kB URL HTTP/2 cdn.cookielaw.org/consent/a838c8e4-e3ce-442e-8f96-c88d0af98990/5951f320-20c6-4a8b-af0f-fd8407279735/en.json
IP 104.16.148.64:0
File type JSON data\012- HTML document, Unicode text, UTF-8 text, with very long lines (65528), with no line terminators
Hash 53c569621461f0386d693c493281e2a1
5c689aca672259108d4e6d3346973f229f308f38
99e7bf0855166fa1881fee477c05906fe832677584a62507e57d7a774f76fe4b
GET /consent/a838c8e4-e3ce-442e-8f96-c88d0af98990/5951f320-20c6-4a8b-af0f-fd8407279735/en.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Origin: https://calendly.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 19:59:08 GMT
content-type: application/x-javascript
content-length: 20906
cache-control: public, max-age=86400
content-encoding: gzip
content-md5: U8VpYhRh8DhtaTxJMoHioQ==
last-modified: Fri, 23 Sep 2022 14:23:26 GMT
etag: 0x8DA9D6F2E2A99CC
x-ms-request-id: 1008f8a9-201e-0128-685f-cfe90c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 76357
expires: Fri, 25 Nov 2022 19:59:08 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76f4b92bfb76b511-OSL
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/6.35.0/assets/otFlat.json
104.16.148.64200 OK 3.0 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/6.35.0/assets/otFlat.json
IP 104.16.148.64:0
File type JSON data\012- , ASCII text, with very long lines (10856)
Hash cc948eb637569cf77ed166fd88c3725f
1f4a0b0572bec956b6cf690649a2d02b84bb57e2
33dfefa3180070c5a5006930180d07fd4248aa69b6b82d81e246db42ce82bb26
GET /scripttemplates/6.35.0/assets/otFlat.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Origin: https://calendly.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 19:59:08 GMT
content-type: application/json
content-length: 2959
content-encoding: gzip
content-md5: zJSOtjdWnPd+0Wb9iMNyXw==
last-modified: Mon, 06 Jun 2022 06:20:56 GMT
etag: 0x8DA4784B7908BBB
x-ms-request-id: 76124876-a01e-0176-5b81-791a0f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 76357
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76f4b92c4c4db511-OSL
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/uploads/2022/08/hero-image.jpg
198.187.29.109200 OK 13 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/uploads/2022/08/hero-image.jpg
IP 198.187.29.109:0
File type gzip compressed data, was "otPcPanel.json", last modified: Mon Apr 25 18:47:33 2022, from Unix\012- data
Hash 9246cb73c01d3b10b1067a8b4e7010a6
5565240d8384405f853a078aa9c436d33748caa0
5aca462cb4e9f0fd04a42f030a23531e9a8f937d0aaa697b25af883e92a94841
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/hero-image.jpg HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/wp-content/uploads/elementor/css/post-2.css?ver=1668582133
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: image/jpeg
last-modified: Wed, 10 Aug 2022 16:22:55 GMT
accept-ranges: bytes
content-length: 507784
date: Thu, 24 Nov 2022 19:59:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
198.187.29.109200 OK 34 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
IP 198.187.29.109:0
File type ASCII text, with very long lines (65280)
Hash 83a90323ac82b98062b4b2c8ac8c5051
d7d376677e3546b756b4fec6219be72b85c4f8f5
7fd68e9ea0ebd35958da46d7373113d1a3646a671217cf2cf471c65c3d710613
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6 HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: application/javascript
last-modified: Mon, 01 Jun 2020 20:47:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 34004
date: Thu, 24 Nov 2022 19:59:07 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg
104.16.148.64200 OK 4.8 kB URL HTTP/2 cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg
IP 104.16.148.64:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (20550), with no line terminators
Hash 2707a5bc273fae34697e5fc4f0fbccd0
e286f1402ca0fcb300426479deb9f98c2aaccc5d
87869b9d7343e8c3f925baabb5f396aeb1ee940710c0eec6eace4a39a9d7a329
GET /logos/static/poweredBy_ot_logo.svg HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 19:59:08 GMT
content-type: image/svg+xml
content-md5: LpuayL42jB78xRllx0vkOw==
last-modified: Tue, 22 Nov 2022 16:39:33 GMT
x-ms-request-id: 96b32c63-f01e-000c-6fd7-fe3617000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 65385
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76f4b92cca22b50f-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
d3v0px0pttie1i.cloudfront.net/uploads/user/logo/734293/c6cf98c8.png
143.204.42.220200 OK 36 kB URL HTTP/1.1 d3v0px0pttie1i.cloudfront.net/uploads/user/logo/734293/c6cf98c8.png
IP 143.204.42.220:0
File type PNG image data, 345 x 240, 8-bit/color RGBA, non-interlaced\012- data
Hash 8b3009082b340ab48d5150568ca107e4
ec34b346c51c4a6bd88938cc591b84e0476c8a8b
6d4a2ecfccda2e52de0eeeab44b96183b41f02e3c1a678df0f03cb954bfdcb70
GET /uploads/user/logo/734293/c6cf98c8.png HTTP/1.1
Host: d3v0px0pttie1i.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 36044
Connection: keep-alive
Date: Thu, 24 Nov 2022 19:59:09 GMT
Last-Modified: Thu, 11 Aug 2022 02:15:06 GMT
ETag: "8b3009082b340ab48d5150568ca107e4"
Cache-Control: max-age=315576000
x-amz-version-id: tnADKw9y2VC2QRPVHdFS0XZartmyATUJ
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Miss from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Vpy9qTLQnPu_poXnRtWRwFODoS14evhj5lVPTArGBgWgR2gFFomKqA==
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.163200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Origin: https://calendly.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 09:43:42 GMT
expires: Fri, 24 Nov 2023 09:43:42 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 36926
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
d3v0px0pttie1i.cloudfront.net/uploads/user/avatar/734293/18d48b11.png
143.204.42.220200 OK 71 kB URL HTTP/1.1 d3v0px0pttie1i.cloudfront.net/uploads/user/avatar/734293/18d48b11.png
IP 143.204.42.220:0
File type PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash 7e6b45d0a2e44112417afa20953afcf8
eadf3609c7ecdb1e0ccdba411ab520aad8707150
188ef70124c556c63f58bd4d748384958331d0cea81a18f8ddd130fbfd64ff92
GET /uploads/user/avatar/734293/18d48b11.png HTTP/1.1
Host: d3v0px0pttie1i.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 70579
Connection: keep-alive
Date: Thu, 24 Nov 2022 19:59:09 GMT
Last-Modified: Thu, 26 Nov 2020 19:42:29 GMT
ETag: "7e6b45d0a2e44112417afa20953afcf8"
Cache-Control: max-age=315576000
x-amz-version-id: WW6ZFP9OnhePw_DwmuzGQycS0ucADPrI
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Miss from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: q-iF7q52Zyrw2zubo9Qzb1vjJMxchlbIYzJHXifwsuM_YFsz_O_wVQ==
www.glennmarkdizon.com/wp-content/uploads/2022/08/genesis.jpg
198.187.29.109200 OK 1.4 MB URL HTTP/2 www.glennmarkdizon.com/wp-content/uploads/2022/08/genesis.jpg
IP 198.187.29.109:0
File type JPEG image data, progressive, precision 8, 600x2539, components 3\012- data
Size 1.4 MB (1445764 bytes)
Hash 92c763f8a690570c3a3dbec0d04ee344
1d20f0542adad35f1ae68935e6bc8df393383615
e420f894994f026270d4984c0a65722ec31ce90baa60e08da53cb825e02f6247
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/genesis.jpg HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: image/jpeg
last-modified: Thu, 11 Aug 2022 00:58:45 GMT
accept-ranges: bytes
content-length: 1445764
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/uploads/2022/08/cropped-fav-32x32.png
198.187.29.109200 OK 1.3 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/uploads/2022/08/cropped-fav-32x32.png
IP 198.187.29.109:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 5b9b7b8537cfdf2f467e9df7b9600b20
1211fc909f1a2b1df2ef6e46924c0d7f1dfd6830
157fe729b2ce5fff2197f8f623d587ada1974da1ec1a9938da2c6ac2ad53f849
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/cropped-fav-32x32.png HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: image/png
last-modified: Thu, 11 Aug 2022 14:42:21 GMT
accept-ranges: bytes
content-length: 1260
date: Thu, 24 Nov 2022 19:59:08 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
calendly.com/api/booking/event_types/BDGHPFPV3N67WYM5/calendar/range?timezone=UTC&diagnostics=false&range_start=2022-11-24&range_end=2022-11-30&embed_domain=www.glennmarkdizon.com&embed_type=Inline
172.66.43.26200 OK 10 kB URL HTTP/2 calendly.com/api/booking/event_types/BDGHPFPV3N67WYM5/calendar/range?timezone=UTC&diagnostics=false&range_start=2022-11-24&range_end=2022-11-30&embed_domain=www.glennmarkdizon.com&embed_type=Inline
IP 172.66.43.26:0
File type JSON data\012- , ASCII text, with very long lines (9051), with no line terminators
Hash 3c5e067b4c60b6ad1f89bb8237fd6c4a
7120fbdc4363a58961d3932f56c7ebbcdfd44624
5b2a9943ce4903350a7357d17368a0a8c932e8444ee40f3538d4151ac4c9f5fb
GET /api/booking/event_types/BDGHPFPV3N67WYM5/calendar/range?timezone=UTC&diagnostics=false&range_start=2022-11-24&range_end=2022-11-30&embed_domain=www.glennmarkdizon.com&embed_type=Inline HTTP/1.1
Host: calendly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/glennmark/consult?embed_domain=www.glennmarkdizon.com&embed_type=Inline&month=2022-11
X-CSRF-Token: eDjMnBFTPGepi5aLt1JeomKVnWVval7VN3GUABwzjlKPiKXPspOmbx93VCjXcK4PIVz7Utgkl87YSuo0MW7LLg
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Cookie: __cf_bm=37hwnrPCUu_OBWTr3Teh2yzEu8KSP5HTYXLCq54PPXU-1669319944-0-AVS0QNd/eSpmx5A+DOin9r5niJlyQXxy/jT41UvwvEDEz/4MXl3/68t0rAhxjDjncM6bd/CD5uWVKf+L6/ifMII=; __cfruid=690fc1972f5ae59fbd36ba522948ffd4515b8537-1669319946
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 19:59:08 GMT
content-type: application/json; charset=utf-8
cf-ray: 76f4b92a2d0db529-OSL
cache-control: max-age=0, private, must-revalidate
etag: W/"b9391f318a3e464089c19baf88e246f4"
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-request-id: 8f6c44ca54db5a24ba228bb7ccb1ea01
x-runtime: 0.318562
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
cdn.segment.io/analytics-next/bundles/ajs-destination.bundle.f10d3096539d72f6123e.js
54.230.111.79200 OK 2.7 kB URL HTTP/1.1 cdn.segment.io/analytics-next/bundles/ajs-destination.bundle.f10d3096539d72f6123e.js
IP 54.230.111.79:0
File type ASCII text, with very long lines (8508)
Hash 1f4dc513a43a6127d9c445f7c51e3d1a
fa22a5ff67815833a1ba78ccf14fbf845163b5e7
5597751e6f24ee5c5ce738d676eaf9ee2c206f5b685a83c266db9e415bf77ac0
GET /analytics-next/bundles/ajs-destination.bundle.f10d3096539d72f6123e.js HTTP/1.1
Host: cdn.segment.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sun, 20 Nov 2022 06:42:31 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Max-Age: 3000
x-amz-replication-status: COMPLETED
Last-Modified: Sun, 20 Nov 2022 04:05:11 GMT
ETag: W/"3fe4d92339c7d21c57f0044fcdcf5274"
Cache-Control: public,max-age=31536000,immutable
x-amz-version-id: BhXw106yreYvIp1G4_0Aby1fMn2RRwDM
Server: AmazonS3
Content-Encoding: br
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: xSb6pchGM9L9J096zSZAEhOvpiOLA_L7dnQiZqmoDUyHXVXIVBL7Ug==
Age: 393398
cdn.segment.io/analytics-next/bundles/schemaFilter.bundle.debb169c1abb431faaa6.js
54.230.111.79200 OK 759 B URL HTTP/1.1 cdn.segment.io/analytics-next/bundles/schemaFilter.bundle.debb169c1abb431faaa6.js
IP 54.230.111.79:0
File type ASCII text, with very long lines (1508)
Hash 3d4b031e451f32f4995c5636eb2e9a2c
81da1ed66c50ed669f55223d0d25ff4ca70ef2de
129829afb5f8e69b51d6e4bc36b984f5f75a4db3a68f516090fd24632fbb334d
GET /analytics-next/bundles/schemaFilter.bundle.debb169c1abb431faaa6.js HTTP/1.1
Host: cdn.segment.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Date: Wed, 29 Jun 2022 22:58:24 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Max-Age: 3000
x-amz-replication-status: COMPLETED
Last-Modified: Wed, 29 Jun 2022 22:36:31 GMT
ETag: W/"3e448afdfea355c0f19700d04431ce7d"
Cache-Control: public,max-age=31536000,immutable
x-amz-version-id: 8IDMvv7_EUs2Qtk.QHOxLzoE3aR.o_xp
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Jb2IoNCgX2lknzpUZ1lMLpBAbucNmyWRtI2Ef35FtX4M1ZPAk8Oszg==
Age: 12776445
cdn.segment.io/next-integrations/integrations/pendo/1.1.3/pendo.dynamic.js.gz
54.230.111.79200 OK 1.3 kB URL HTTP/1.1 cdn.segment.io/next-integrations/integrations/pendo/1.1.3/pendo.dynamic.js.gz
IP 54.230.111.79:0
File type HTML document, ASCII text, with very long lines (2755)
Hash 5749d02af60dbfc1f75ad8995c26282b
45ab2a3bb35cfe92ed113fd5127d6f87dab90285
39868881163d6156e67642dcae7bd345c2294d5d834ca11462c5209be68c5d72
GET /next-integrations/integrations/pendo/1.1.3/pendo.dynamic.js.gz HTTP/1.1
Host: cdn.segment.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 1295
Connection: keep-alive
Date: Mon, 24 Oct 2022 06:06:15 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Max-Age: 3000
Last-Modified: Mon, 19 Sep 2022 21:38:20 GMT
ETag: "5749d02af60dbfc1f75ad8995c26282b"
Cache-Control: public,max-age=31536000,immutable
Content-Encoding: gzip
x-amz-version-id: YGzypEO4YcfB5iLv40HrvB7qFMLMEWuT
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: IKNexlRdHKdBWvnksUW48L7sDpQwr3sEvwzMet9bovwkVvYJVGRBHQ==
Age: 2728374
cdn.segment.io/next-integrations/integrations/heap/2.1.2/heap.dynamic.js.gz
54.230.111.79200 OK 1.7 kB URL HTTP/1.1 cdn.segment.io/next-integrations/integrations/heap/2.1.2/heap.dynamic.js.gz
IP 54.230.111.79:0
File type HTML document, ASCII text, with very long lines (3723)
Hash aa7430c79694e6aab503a222c1b8cf22
09cd72fc1d557ee98ed04150cc6b75918e331211
7a66306bea19aa57277a29ae51e3452aba6f4f3c102f013076a6b01966f88604
GET /next-integrations/integrations/heap/2.1.2/heap.dynamic.js.gz HTTP/1.1
Host: cdn.segment.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 1671
Connection: keep-alive
Date: Sat, 07 May 2022 03:04:55 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Max-Age: 3000
Last-Modified: Thu, 21 Apr 2022 20:31:57 GMT
ETag: "aa7430c79694e6aab503a222c1b8cf22"
Cache-Control: public,max-age=31536000,immutable
Content-Encoding: gzip
x-amz-version-id: IEr5b0YMf8gXJe8_msNsrr6tlk_T2o2g
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: dDcY0IoxSyzXzIZiyE3gnhTDEMnbIeRb9m-uAKg8dOHZDw7GvDgsbg==
Age: 17427254
cdn.segment.io/next-integrations/integrations/optimizely/3.5.1/optimizely.dynamic.js.gz
54.230.111.79200 OK 2.6 kB URL HTTP/1.1 cdn.segment.io/next-integrations/integrations/optimizely/3.5.1/optimizely.dynamic.js.gz
IP 54.230.111.79:0
File type ASCII text, with very long lines (7007)
Hash 6ac19b71da72b08483644c17ed6a4986
882ae07fffd74a49df8c5a1fa57b67667fd4a47f
29db086ab143b305f4c9de9fce4b11259b1897d01e0b7dcb6e68ba13fa972ffc
GET /next-integrations/integrations/optimizely/3.5.1/optimizely.dynamic.js.gz HTTP/1.1
Host: cdn.segment.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 2586
Connection: keep-alive
Date: Mon, 03 Oct 2022 19:04:32 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Max-Age: 3000
Last-Modified: Mon, 19 Sep 2022 21:38:20 GMT
ETag: "6ac19b71da72b08483644c17ed6a4986"
Cache-Control: public,max-age=31536000,immutable
Content-Encoding: gzip
x-amz-version-id: LWiuuaOh3MJMcM_mbmFM_xQOt6bARUXq
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: NvDJRqBUltBT3z1lb9frJHGR5P162-FyRH9YCxyOnqzm50OSKybuNg==
Age: 4496077
cdn.segment.io/next-integrations/integrations/appboy/1.16.1/appboy.dynamic.js.gz
54.230.111.79200 OK 4.7 kB URL HTTP/1.1 cdn.segment.io/next-integrations/integrations/appboy/1.16.1/appboy.dynamic.js.gz
IP 54.230.111.79:0
File type ASCII text, with very long lines (18430)
Hash baefe3076be23f00dcbc1db02d893b65
ebad0d70656d189335183d0efccd5ce1fd64a52b
54a7c0e7f637f6c76557fa7729e9d731a450b83b02acec8d5ed849ed259821e1
GET /next-integrations/integrations/appboy/1.16.1/appboy.dynamic.js.gz HTTP/1.1
Host: cdn.segment.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 4666
Connection: keep-alive
Date: Mon, 29 Aug 2022 12:25:11 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Max-Age: 3000
Last-Modified: Mon, 08 Aug 2022 17:49:04 GMT
ETag: "baefe3076be23f00dcbc1db02d893b65"
Cache-Control: public,max-age=31536000,immutable
Content-Encoding: gzip
x-amz-version-id: 5Ji0XTprX36hP1z8XxzwyA3DMZ.GWCip
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: PVw8zGEfUMlH3OSvzxluLKwig19DF5g6IxJCu0oJFPN5ZVIP7-1xCg==
Age: 7544037
www.clarity.ms/eus2/s/0.6.43/clarity.js
13.107.227.53200 OK 55 kB URL HTTP/2 www.clarity.ms/eus2/s/0.6.43/clarity.js
IP 13.107.227.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (55029)
Hash 441723b72633b1ac9757ad7c63168005
806166ca9ebb5839dd90a5e5c9335e3e0b18c169
cc8a16ce849d72f106bd67187e4b60c20da3093375202bf0b53f23e8f40a8b11
GET /eus2/s/0.6.43/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.glennmarkdizon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=86400
content-length: 55116
content-type: application/javascript;charset=utf-8
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d8fceb15c2864c"
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-cache: CONFIG_NOCACHE
x-azure-ref: 0DM1/YwAAAACWlURDe6ldRLp8me6UdNBbT1NMMjMxMDUwMjA0MDE3ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
date: Thu, 24 Nov 2022 19:59:08 GMT
X-Firefox-Spdy: h2
cdn.segment.io/next-integrations/integrations/vendor/commons.54701049fd6fb8497e9e.js.gz
54.230.111.79200 OK 22 kB URL HTTP/1.1 cdn.segment.io/next-integrations/integrations/vendor/commons.54701049fd6fb8497e9e.js.gz
IP 54.230.111.79:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 7741fd16ad2418cd17ab981f8207b106
13d45dddf2bc6331a72ea781098dafdf715a13e7
c66490dc7f609c24fb66b5aeea8b7142f0d183d2075381daa817002b3c25b375
GET /next-integrations/integrations/vendor/commons.54701049fd6fb8497e9e.js.gz HTTP/1.1
Host: cdn.segment.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 22174
Connection: keep-alive
Date: Sat, 14 May 2022 05:34:48 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Max-Age: 3000
Last-Modified: Thu, 21 Apr 2022 20:31:55 GMT
ETag: "7741fd16ad2418cd17ab981f8207b106"
Cache-Control: public,max-age=31536000,immutable
Content-Encoding: gzip
x-amz-version-id: Oj6u2z19LDY4aY4JvHDnjoL7UTBjFuHg
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 1rdpZH7GcvGKRkapZ3ZyYF969WWwsd_JlATTCxrXTj9BoJDS8RCLSw==
Age: 16813461
cdn.segment.io/analytics-next/bundles/remoteMiddleware.bundle.6e91ab7aa7b9f5c2b127.js
54.230.111.79200 OK 600 B URL HTTP/1.1 cdn.segment.io/analytics-next/bundles/remoteMiddleware.bundle.6e91ab7aa7b9f5c2b127.js
IP 54.230.111.79:0
File type ASCII text, with very long lines (1141)
Hash 5760af7d8073353cc4076612fbbbeecb
e703a1601c03f4c86bce79684892f07a305abc03
6079b014d79b381b329a8618d0ed0eb01583645457e180c13a68ed87b91b3fd7
GET /analytics-next/bundles/remoteMiddleware.bundle.6e91ab7aa7b9f5c2b127.js HTTP/1.1
Host: cdn.segment.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Date: Thu, 30 Jun 2022 05:34:28 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Max-Age: 3000
x-amz-replication-status: COMPLETED
Last-Modified: Thu, 30 Jun 2022 00:39:24 GMT
ETag: W/"c1cb8e289adb2c1ec05b08a6ef25cfaf"
Cache-Control: public,max-age=31536000,immutable
x-amz-version-id: 4uJPXFGNAqMZ3w.PoxWEpPGFTaCNeK4f
Server: AmazonS3
Content-Encoding: br
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 7iqn-5vNqDso55BlWcrrFWmRZiidDqsbvsfLKqEBEJEZdPAoxH4YvQ==
Age: 12752681
cdn.segment.io/next-integrations/middleware/analytics.js-middleware-braze-deduplicate/latest/analytics.js-middleware-braze-deduplicate.js.gz
54.230.111.79200 OK 778 B URL HTTP/1.1 cdn.segment.io/next-integrations/middleware/analytics.js-middleware-braze-deduplicate/latest/analytics.js-middleware-braze-deduplicate.js.gz
IP 54.230.111.79:0
File type ASCII text, with very long lines (1751)
Hash 3f0dbc48d4537cdf84414eec13b0164c
daa31dc393ac79c71c464e392dc13a8c4cfff84e
9161f093e2632d08483aba9b8e0b4dab30032316a3c29278e767d69760d11236
GET /next-integrations/middleware/analytics.js-middleware-braze-deduplicate/latest/analytics.js-middleware-braze-deduplicate.js.gz HTTP/1.1
Host: cdn.segment.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 778
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Max-Age: 3000
Last-Modified: Mon, 24 Oct 2022 18:47:59 GMT
Content-Encoding: gzip
x-amz-version-id: zvuUQsgnPozOyEKaxRb.XwF.TmEL8OXS
Accept-Ranges: bytes
Server: AmazonS3
Date: Thu, 24 Nov 2022 05:34:59 GMT
ETag: "3f0dbc48d4537cdf84414eec13b0164c"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: tZzu6A56GS4p-ebdgycywG0Obn6ji30dDDBMjbSbnbTcIaHQoKJt2w==
Age: 51952
js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
143.204.55.68200 OK 200 B URL HTTP/2 js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
IP 143.204.55.68:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 93afeeb17bc37e711759584dbfc50d47
bbbc9e5d68854172c90b993064df560996a2a433
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
GET /v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
content-length: 200
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
accept-ranges: bytes
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
timing-allow-origin: *
date: Thu, 24 Nov 2022 19:06:14 GMT
cache-control: max-age=31536000
etag: "93afeeb17bc37e711759584dbfc50d47"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: d8zg0FMvwPAiZ_TOPN2hE9JEnhFLsYIwVh5AuWf8ocLwhRXe_ZMnAQ==
age: 3187
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/uploads/2022/08/GMD-Logo.png
198.187.29.109404 Not Found 11 kB URL HTTP/2 www.glennmarkdizon.com/wp-content/uploads/2022/08/GMD-Logo.png
IP 198.187.29.109:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381)
Hash 39114d191218ef1bc706146e32820db1
586b76c423d1b2a99a429c7fcc6d47bfb3eb3752
eddd426ecf98d00293a037b174e50817d3f02881919fd91499aa9f756babb365
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/GMD-Logo.png HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://www.glennmarkdizon.com/wp-json/>; rel="https://api.w.org/"
content-encoding: br
vary: Accept-Encoding
date: Thu, 24 Nov 2022 19:59:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash cd52f719a72e37b766da52df057908c3
be0ffacfc97a26c6f98170bdaa9003f8bfc9b8f5
ed590bcbe0029e9be7d1166c3ae570461d97d5f14b6291c50cd2c725442e79ec
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1268
Cache-Control: max-age=154349
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:59:08 GMT
Etag: "637f8005-118"
Expires: Sat, 26 Nov 2022 14:51:37 GMT
Last-Modified: Thu, 24 Nov 2022 14:30:29 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280
js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
143.204.55.68200 OK 631 B URL HTTP/2 js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
IP 143.204.55.68:0
File type ASCII text, with very long lines (526)
Hash f8f6a4584135f737b26927596ce6e0a7
609ea9e9c46563fb1dc78a7967c926394e73ffab
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
GET /v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 631
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
accept-ranges: bytes
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
date: Thu, 24 Nov 2022 19:33:10 GMT
cache-control: max-age=31536000
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: xhpOvTC9eU_QTyyPapeOenouZBda38h0JftPLhSRcNzymdjWbS_shA==
age: 1563
X-Firefox-Spdy: h2
cdn.heapanalytics.com/js/heap-3509290134.js
54.230.111.52200 OK 120 kB URL HTTP/2 cdn.heapanalytics.com/js/heap-3509290134.js
IP 54.230.111.52:0
File type ASCII text, with very long lines (65502)
Size 120 kB (119819 bytes)
Hash 6588b87191c48a8a06e308c9ac51a560
9c739524102af7368efea3cafd135b90879c2138
75136dc0a4ccf1a3b1f384408e37247c49dfcf760fb77c679107800eeb265a67
GET /js/heap-3509290134.js HTTP/1.1
Host: cdn.heapanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 119819
date: Thu, 24 Nov 2022 19:57:45 GMT
server: nginx
etag: W/"1d40b-ZYi4cZHEiooG4wjJrFGlYA"
cache-control: public, max-age=120
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: ejqbbcdpzEXiZhq-pZhul8DBbL_nMI15vbOgvHDsRZlunaPMXH2GLA==
age: 84
X-Firefox-Spdy: h2
www.glennmarkdizon.com/wp-content/uploads/2022/08/mac.jpg
198.187.29.109200 OK 0 B URL HTTP/2 www.glennmarkdizon.com/wp-content/uploads/2022/08/mac.jpg
IP 198.187.29.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/mac.jpg HTTP/1.1
Host: www.glennmarkdizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
content-type: image/jpeg
last-modified: Thu, 11 Aug 2022 00:58:21 GMT
accept-ranges: bytes
content-length: 293116
date: Thu, 24 Nov 2022 19:59:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
m.stripe.network/inner.html
151.101.84.176200 OK 527 B URL HTTP/2 m.stripe.network/inner.html
IP 151.101.84.176:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (930), with no line terminators
Hash e02352ef72e8a9563463c07174b0e50f
7a41613f7eae0819d1a4785eae3617fdbb33b9b3
2275fff71f8cbf1f25a1af7f7bbe5ecbc868ed0b16d345a8ce31770f66fc8ea5
GET /inner.html HTTP/1.1
Host: m.stripe.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=300, public
content-type: text/html; charset=utf-8
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: Fastly
content-encoding: gzip
accept-ranges: bytes
date: Thu, 24 Nov 2022 19:59:09 GMT
via: 1.1 varnish
age: 194
x-request-id: 79e7725f-4bd4-42f9-9b54-b5fc10f2f851
x-served-by: cache-bma1620-BMA
x-cache: HIT
x-cache-hits: 102
x-timer: S1669319949.102156,VS0,VE0
vary: Accept-Encoding, Origin
content-length: 527
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 5ad06fea748cc3dd7b2e4b397e9fb7f1
09f14748afe789048ff85b56afdc7906c8f123b9
efa2d8daf4153edfa2d4008223e8c4f83153bc1e4ad0c6c72070467b772beb53
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=167163
Date: Thu, 24 Nov 2022 19:59:09 GMT
Etag: "637fa344-1d7"
Expires: Sat, 26 Nov 2022 18:25:12 GMT
Last-Modified: Thu, 24 Nov 2022 17:00:52 GMT
Server: ECS (bsa/EB21)
X-Cache: Miss from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: omZlIB_U-xf-NtJfD7m1TsR7JtiaJKeYPrUvaNPc2EIxCADNUmrO3Q==
Age: 5060
m.stripe.network/out-4.5.42.js
151.101.84.176200 OK 16 kB URL HTTP/2 m.stripe.network/out-4.5.42.js
IP 151.101.84.176:0
File type Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Hash 0b880c6e7a381ef1f81263cf34c54e79
af46e0111cb22576b07084f4b49be7b41b5fc3ca
115ea79f002c0c2e3405178f66ce92ecb5173e7678f692ab65d6bbf526880b7b
GET /out-4.5.42.js HTTP/1.1
Host: m.stripe.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.stripe.network/inner.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=300, public
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: Fastly
content-encoding: gzip
accept-ranges: bytes
date: Thu, 24 Nov 2022 19:59:09 GMT
via: 1.1 varnish
age: 279
x-request-id: 417cd36f-da55-4622-b821-25cbd61cde7c
x-served-by: cache-bma1620-BMA
x-cache: HIT
x-cache-hits: 140
x-timer: S1669319949.171121,VS0,VE0
vary: Accept-Encoding, Origin
content-length: 16031
X-Firefox-Spdy: h2
c.bing.com/c.gif?CtsSyncId=6ADCF264B4794E78B7EC9DB70E45D6FF&RedC=c.clarity.ms&MXFR=385FFB12CD2F69B5030AE974C92F676D
13.107.21.200302 Found 0 B URL HTTP/2 c.bing.com/c.gif?CtsSyncId=6ADCF264B4794E78B7EC9DB70E45D6FF&RedC=c.clarity.ms&MXFR=385FFB12CD2F69B5030AE974C92F676D
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=6ADCF264B4794E78B7EC9DB70E45D6FF&RedC=c.clarity.ms&MXFR=385FFB12CD2F69B5030AE974C92F676D HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=6ADCF264B4794E78B7EC9DB70E45D6FF&MUID=0F47DA933D576F8B1D84C8F53CA26E1E
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=0F47DA933D576F8B1D84C8F53CA26E1E; domain=c.bing.com; expires=Tue, 19-Dec-2023 19:59:09 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 09D1B8B8FA044893A33AF935B4A8F70D Ref B: OSL30EDGE0114 Ref C: 2022-11-24T19:59:09Z
date: Thu, 24 Nov 2022 19:59:09 GMT
content-length: 0
X-Firefox-Spdy: h2
c.clarity.ms/c.gif?CtsSyncId=6ADCF264B4794E78B7EC9DB70E45D6FF&MUID=0F47DA933D576F8B1D84C8F53CA26E1E
20.234.93.27200 OK 42 B URL HTTP/2 c.clarity.ms/c.gif?CtsSyncId=6ADCF264B4794E78B7EC9DB70E45D6FF&MUID=0F47DA933D576F8B1D84C8F53CA26E1E
IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?CtsSyncId=6ADCF264B4794E78B7EC9DB70E45D6FF&MUID=0F47DA933D576F8B1D84C8F53CA26E1E HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.glennmarkdizon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Thu, 13 Oct 2022 20:07:05 GMT
accept-ranges: bytes
etag: "40db785d3fdfd81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Thu, 24-Nov-2022 20:09:09 GMT; path=/; SameSite=None; Secure;
date: Thu, 24 Nov 2022 19:59:08 GMT
content-length: 42
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/S_oXU3H4Jpc
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/S_oXU3H4Jpc
IP 142.250.74.3:0
Hash cbf18dd789b59c4bca8ae8b3f0b63f86
ba8b8e3231ad130eb946666872c2141daf5faa43
534fb17b949ae8ac979e302a84bf4a7f2b88a8d41e431b6698ce96859fa6b0fa
POST /s/gts1d4/S_oXU3H4Jpc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:59:09 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/S_oXU3H4Jpc
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/S_oXU3H4Jpc
IP 142.250.74.3:0
Hash cbf18dd789b59c4bca8ae8b3f0b63f86
ba8b8e3231ad130eb946666872c2141daf5faa43
534fb17b949ae8ac979e302a84bf4a7f2b88a8d41e431b6698ce96859fa6b0fa
POST /s/gts1d4/S_oXU3H4Jpc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:59:09 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/S_oXU3H4Jpc
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/S_oXU3H4Jpc
IP 142.250.74.3:0
Hash cbf18dd789b59c4bca8ae8b3f0b63f86
ba8b8e3231ad130eb946666872c2141daf5faa43
534fb17b949ae8ac979e302a84bf4a7f2b88a8d41e431b6698ce96859fa6b0fa
POST /s/gts1d4/S_oXU3H4Jpc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:59:09 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 95d5d1cfc046e6f7709847614e5111ff
efd834419ef1e3fe8d4e6029abb4a05fdf5c9ea7
8eae014841c35399d434148c5ed0ebfcbb8ae88cc9ff573ebdf48b120f97f56a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=141786
Date: Thu, 24 Nov 2022 19:59:09 GMT
Etag: "637f47fb-1d7"
Expires: Sat, 26 Nov 2022 11:22:15 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:23 GMT
Server: ECS (dcb/7EC7)
X-Cache: Miss from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1Lp5lCjT8acrQp7U81cqAsp-ujOfK_J17Czb_llBf2xaNCulzF8xhg==
Age: 3052
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 629
Origin: https://www.glennmarkdizon.com
Connection: keep-alive
Referer: https://www.glennmarkdizon.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://www.glennmarkdizon.com
access-control-allow-credentials: true
date: Thu, 24 Nov 2022 19:59:09 GMT
X-Firefox-Spdy: h2
data.pendo.io/data/guide.gif/4cfbcefc-fcf9-4b66-5dc6-9b0d81bb07a9?jzb=eJwFwIEIAAAAwDDQd3-N1QABFQC5&ct=1669319948839&v=2.161.1_prod
34.107.204.85200 OK 42 B URL HTTP/2 data.pendo.io/data/guide.gif/4cfbcefc-fcf9-4b66-5dc6-9b0d81bb07a9?jzb=eJwFwIEIAAAAwDDQd3-N1QABFQC5&ct=1669319948839&v=2.161.1_prod
IP 34.107.204.85:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /data/guide.gif/4cfbcefc-fcf9-4b66-5dc6-9b0d81bb07a9?jzb=eJwFwIEIAAAAwDDQd3-N1QABFQC5&ct=1669319948839&v=2.161.1_prod HTTP/1.1
Host: data.pendo.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 19:59:09 GMT
content-type: image/gif
content-length: 42
access-control-allow-credentials: false
access-control-allow-headers: Origin,Accept,Content-Type,Authorization
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-max-age: 600
x-content-type-options: nosniff
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/S_oXU3H4Jpc
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/S_oXU3H4Jpc
IP 142.250.74.3:0
Hash cbf18dd789b59c4bca8ae8b3f0b63f86
ba8b8e3231ad130eb946666872c2141daf5faa43
534fb17b949ae8ac979e302a84bf4a7f2b88a8d41e431b6698ce96859fa6b0fa
POST /s/gts1d4/S_oXU3H4Jpc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:59:09 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
heapanalytics.com/h?a=3509290134&u=4262557727015674&v=7342447697066191&s=7249849657276902&b=web&tv=4.0&z=0&h=%2Fglennmark%2Fconsult&q=%3Fembed_domain%3Dwww.glennmarkdizon.com%26embed_type%3DInline%26month%3D2022-11&d=calendly.com&t=Select%20a%20Date%20%26%20Time%20-%20Calendly&r=https%3A%2F%2Fwww.glennmarkdizon.com%2F&ts=1669319948690&st=1669319948693
54.159.51.104200 OK 37 B URL HTTP/2 heapanalytics.com/h?a=3509290134&u=4262557727015674&v=7342447697066191&s=7249849657276902&b=web&tv=4.0&z=0&h=%2Fglennmark%2Fconsult&q=%3Fembed_domain%3Dwww.glennmarkdizon.com%26embed_type%3DInline%26month%3D2022-11&d=calendly.com&t=Select%20a%20Date%20%26%20Time%20-%20Calendly&r=https%3A%2F%2Fwww.glennmarkdizon.com%2F&ts=1669319948690&st=1669319948693
IP 54.159.51.104:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /h?a=3509290134&u=4262557727015674&v=7342447697066191&s=7249849657276902&b=web&tv=4.0&z=0&h=%2Fglennmark%2Fconsult&q=%3Fembed_domain%3Dwww.glennmarkdizon.com%26embed_type%3DInline%26month%3D2022-11&d=calendly.com&t=Select%20a%20Date%20%26%20Time%20-%20Calendly&r=https%3A%2F%2Fwww.glennmarkdizon.com%2F&ts=1669319948690&st=1669319948693 HTTP/1.1
Host: heapanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 19:59:09 GMT
content-type: image/gif
content-length: 37
server: nginx
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
pragma: no-cache
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
data.pendo.io/data/ptm.gif/4cfbcefc-fcf9-4b66-5dc6-9b0d81bb07a9?v=2.161.1_prod&ct=1669319948833&jzb=eJw9kF9rwjAUxb9LHnzqrGmLGEHGmEJ92F9kwsYIsclsML0pya1dJ3530zp8y7n5nZtz8nUi2NWKzImxQpKI7JxtvXIcdRWmdDplKWUsm81oFpGj9hqt41oGA39dPS9f-IZ37E2zybs3hzwsEEVhG8CBgcaYiDTOBLxErP08jgthFEjTjQtbxftwhkq4Q1xY8I3Be1XtlOTSVkLDom3b8Q2R-s9C7xpdmT73Yg1GgxpVFrBcJJMkuaM0hKidrT2Zn4ZW_12SWZpGRHv-40Sv0TXqHFDhFOBG7Na3wHgVhPnsMz8-PW6T8rj6-N2HxYN3uCy19znNs4clsL2Bbf93HarwaprS8_cFJKl0Vw
34.107.204.85200 OK 42 B URL HTTP/2 data.pendo.io/data/ptm.gif/4cfbcefc-fcf9-4b66-5dc6-9b0d81bb07a9?v=2.161.1_prod&ct=1669319948833&jzb=eJw9kF9rwjAUxb9LHnzqrGmLGEHGmEJ92F9kwsYIsclsML0pya1dJ3530zp8y7n5nZtz8nUi2NWKzImxQpKI7JxtvXIcdRWmdDplKWUsm81oFpGj9hqt41oGA39dPS9f-IZ37E2zybs3hzwsEEVhG8CBgcaYiDTOBLxErP08jgthFEjTjQtbxftwhkq4Q1xY8I3Be1XtlOTSVkLDom3b8Q2R-s9C7xpdmT73Yg1GgxpVFrBcJJMkuaM0hKidrT2Zn4ZW_12SWZpGRHv-40Sv0TXqHFDhFOBG7Na3wHgVhPnsMz8-PW6T8rj6-N2HxYN3uCy19znNs4clsL2Bbf93HarwaprS8_cFJKl0Vw
IP 34.107.204.85:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /data/ptm.gif/4cfbcefc-fcf9-4b66-5dc6-9b0d81bb07a9?v=2.161.1_prod&ct=1669319948833&jzb=eJw9kF9rwjAUxb9LHnzqrGmLGEHGmEJ92F9kwsYIsclsML0pya1dJ3530zp8y7n5nZtz8nUi2NWKzImxQpKI7JxtvXIcdRWmdDplKWUsm81oFpGj9hqt41oGA39dPS9f-IZ37E2zybs3hzwsEEVhG8CBgcaYiDTOBLxErP08jgthFEjTjQtbxftwhkq4Q1xY8I3Be1XtlOTSVkLDom3b8Q2R-s9C7xpdmT73Yg1GgxpVFrBcJJMkuaM0hKidrT2Zn4ZW_12SWZpGRHv-40Sv0TXqHFDhFOBG7Na3wHgVhPnsMz8-PW6T8rj6-N2HxYN3uCy19znNs4clsL2Bbf93HarwaprS8_cFJKl0Vw HTTP/1.1
Host: data.pendo.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 19:59:09 GMT
content-type: image/gif
content-length: 42
access-control-allow-credentials: false
access-control-allow-headers: Origin,Accept,Content-Type,Authorization
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-max-age: 600
x-content-type-options: nosniff
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 426133ba6dfc4d15e0cb4c7b2dabd3fe
17cddc28ede33c87d7dcb9700f39b70c19c644dd
4fcae487b293113493e2fc379ccc680a9189a7dc34165f25ed26f9e05d3a4c20
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3134
Cache-Control: max-age=92163
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:59:09 GMT
Etag: "637e85d2-1d7"
Expires: Fri, 25 Nov 2022 21:35:12 GMT
Last-Modified: Wed, 23 Nov 2022 20:42:58 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
m.stripe.com/6
52.39.215.30200 OK 156 B IP 52.39.215.30:0
File type JSON data\012- , ASCII text, with no line terminators
Hash c0df34424a5bde16ffa12ce427e6c2d4
47706aba22b59afde3ff7e951e33ac4d66ba0ea6
4b4f018d89d8c81f9545c34d7d18780e3fd81b0216755afd5af32bcb9249e66a
POST /6 HTTP/1.1
Host: m.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2984
Origin: https://m.stripe.network
Connection: keep-alive
Referer: https://m.stripe.network/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 19:59:09 GMT
content-length: 156
set-cookie: m=5584b4a0-5e14-4d27-9b1e-83ee213f14c0d3a7d8;Expires=Sat, 23-Nov-2024 19:59:09 GMT;Secure;HttpOnly; SameSite=None
x-content-type-options: nosniff
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
X-Firefox-Spdy: h2
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 155260
Origin: https://www.glennmarkdizon.com
Connection: keep-alive
Referer: https://www.glennmarkdizon.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://www.glennmarkdizon.com
access-control-allow-credentials: true
date: Thu, 24 Nov 2022 19:59:09 GMT
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bda37a1-533d-48a6-bc76-7ecc9fe2dfc8.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bda37a1-533d-48a6-bc76-7ecc9fe2dfc8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eeac5ead5ce62f0d9e2d4bcefa946208
c2430d901f2b4e4a463e90c540294f334553a246
850a89160f840d7509806c5becd6b074a92613920474195f63d7e7a9cf18d908
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bda37a1-533d-48a6-bc76-7ecc9fe2dfc8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6426
x-amzn-requestid: 6f27f360-dd76-4aee-a9bc-cbd52cd80def
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvx8GtpIAMFvQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e933f-69fa8ba571cc62036406e6bf;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:40:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ow9srZWasko5f0TMk632PH2_NgfxBEwGPCXoRTp7gVxfDrP9st2opw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 22:03:45 GMT
age: 78927
etag: "c2430d901f2b4e4a463e90c540294f334553a246"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 57aea79f7fde962d9e03337166e292b5
138243191c50f91fdb5172e32c751f504cb39f67
f7c5d0ab857c4d77f89a676c1066b29912be8902c01b5d84bae7d9727d96de5d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5832
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:59:12 GMT
Last-Modified: Thu, 24 Nov 2022 18:22:00 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 278
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CTeko%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRubik%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CTeko%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRubik%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
IP 142.250.74.10:0
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CTeko%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRubik%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.glennmarkdizon.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 24 Nov 2022 19:59:04 GMT
date: Thu, 24 Nov 2022 19:59:04 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
calendly.com/glennmark/consult?embed_domain=www.glennmarkdizon.com&embed_type=Inline
172.66.43.26200 OK 0 B URL HTTP/2 calendly.com/glennmark/consult?embed_domain=www.glennmarkdizon.com&embed_type=Inline
IP 172.66.43.26:0
GET /glennmark/consult?embed_domain=www.glennmarkdizon.com&embed_type=Inline HTTP/1.1
Host: calendly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.glennmarkdizon.com/
Cookie: __cf_bm=37hwnrPCUu_OBWTr3Teh2yzEu8KSP5HTYXLCq54PPXU-1669319944-0-AVS0QNd/eSpmx5A+DOin9r5niJlyQXxy/jT41UvwvEDEz/4MXl3/68t0rAhxjDjncM6bd/CD5uWVKf+L6/ifMII=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 19:59:06 GMT
content-type: text/html; charset=utf-8
cf-ray: 76f4b91f2fe4b529-OSL
cache-control: max-age=0, private, must-revalidate
link: <https://assets.calendly.com/assets/booking/css/booking-474ab179.css>; rel=preload; as=style; nopush
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-request-id: bb576556ff5ee9207db960ded5221dda
x-runtime: 0.155375
vary: Accept-Encoding
set-cookie: _calendly_session=DwslqMNjYl7zG3gGGQGRcq0SkDFybGFUIjljELnB50cSPF2umh0amDiRL9P7RlIlPYA8nvtZ0T1BPYDYRFPJtjFEG6ysDM1AE%2FxYA%2B1gt0T%2BGhP6Zdj2cofWlMm30018c7rCbfwym1R53XBGVlPUaROIZhuLtZvE1pqFas1rrxlULoAR8CTaP2e5%2B4XGf%2BAcloYai7QjaHMhIzMh81MqZDcX22u5TivqAgRXovP4nuaYw7%2B6HMA80CwYMATUT%2BNFfEdPUe13R7Xy%2Bg%2F%2FjW52QSihD6Y7kKmIJ%2F5yqvwjtciI4Q%2BGAdTft%2BbzsCZNDO0nBaMbefNYh51svjxBp%2BLVOkt5AqHDqJsyjuj44ViouCIZXE4QWdtBJiXZiOASbLvqaUXL8hQKWgK4tb1A5tuxifbPpvFc%2FSg5DT3gOgpqH3xMqbb%2F14Iw7uYomF%2FBnV%2FGIElp13VOi3EWdBNhGNJlG%2BD7BF86XntqHSaID7ruIKoU%2F1EfTQ0NaXqdECvOxRzIPlR3rxERXKokk8jUWFN%2BNCXd40cXMJACSQkqAF2kea7%2FXpGze5Gp6B4uHDg4BgojUcjQVjRtyApV6IWLzYgfBJr488jN4XixouDN4KNfJdCGSoK109JUasuVxuRsyR1YprtQqW0NF9A8Zg22OatniWsvV45uHJ1nw%2FOaYIMjuAzwho%2BJy3rW522RWtLnl6VyQuLzGcITcHfn1Hk51hReuXEVNg%3D%3D--0R%2B8jg9SUhSO7Q50--def8JxnjOUSxm6z6VvE9Mw%3D%3D; path=/; expires=Thu, 15 Dec 2022 19:59:06 GMT; secure; HttpOnly; SameSite=Lax
__cfruid=690fc1972f5ae59fbd36ba522948ffd4515b8537-1669319946; path=/; domain=.calendly.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
data.pendo.io/data/guide.js/4cfbcefc-fcf9-4b66-5dc6-9b0d81bb07a9?id=4&jzb=eJxNj09rwzAMxb-LDz11TZtbA2EMNmgv-8fuQbPV1VSWgi03ZCPfvS6lYbf3xO_BT3_m7JNXiXtnGtO9v7w-v3Vf3bj98Nv1Z6LTziwNWCuZ9YpwJlqaHKnQR9U-NVVlgZAdjSsrofopmQPEU2WFUyZ9xPCNrnMSwHM7DMNqRpz_Fb6uFjdGxx7bPZNnXARhPbb1uq4fNpviEFDBgYJpZuUSp1nuVnqIyPr0_1RGePc-Y0xe-F4T0mEnSbE8dgBKOE0XZrxhFw&v=2.161.1_prod&ct=1669319948838
34.107.204.85200 OK 0 B URL HTTP/2 data.pendo.io/data/guide.js/4cfbcefc-fcf9-4b66-5dc6-9b0d81bb07a9?id=4&jzb=eJxNj09rwzAMxb-LDz11TZtbA2EMNmgv-8fuQbPV1VSWgi03ZCPfvS6lYbf3xO_BT3_m7JNXiXtnGtO9v7w-v3Vf3bj98Nv1Z6LTziwNWCuZ9YpwJlqaHKnQR9U-NVVlgZAdjSsrofopmQPEU2WFUyZ9xPCNrnMSwHM7DMNqRpz_Fb6uFjdGxx7bPZNnXARhPbb1uq4fNpviEFDBgYJpZuUSp1nuVnqIyPr0_1RGePc-Y0xe-F4T0mEnSbE8dgBKOE0XZrxhFw&v=2.161.1_prod&ct=1669319948838
IP 34.107.204.85:0
GET /data/guide.js/4cfbcefc-fcf9-4b66-5dc6-9b0d81bb07a9?id=4&jzb=eJxNj09rwzAMxb-LDz11TZtbA2EMNmgv-8fuQbPV1VSWgi03ZCPfvS6lYbf3xO_BT3_m7JNXiXtnGtO9v7w-v3Vf3bj98Nv1Z6LTziwNWCuZ9YpwJlqaHKnQR9U-NVVlgZAdjSsrofopmQPEU2WFUyZ9xPCNrnMSwHM7DMNqRpz_Fb6uFjdGxx7bPZNnXARhPbb1uq4fNpviEFDBgYJpZuUSp1nuVnqIyPr0_1RGePc-Y0xe-F4T0mEnSbE8dgBKOE0XZrxhFw&v=2.161.1_prod&ct=1669319948838 HTTP/1.1
Host: data.pendo.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 19:59:09 GMT
content-type: application/javascript
vary: Accept-Encoding
access-control-allow-credentials: false
access-control-allow-headers: Origin,Accept,Content-Type,Authorization
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-max-age: 600
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
assets.calendly.com/assets/external/widget.js
172.66.43.26200 OK 0 B URL HTTP/2 assets.calendly.com/assets/external/widget.js
IP 172.66.43.26:0
GET /assets/external/widget.js HTTP/1.1
Host: assets.calendly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.glennmarkdizon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 19:59:04 GMT
content-type: application/javascript
cf-ray: 76f4b916afe0b529-OSL
age: 169
cache-control: public, max-age=300
etag: W/"d55a502aec51c2d81fe7d6b5b166ddcf"
expires: Fri, 25 Nov 2022 19:59:04 GMT
last-modified: Thu, 17 Nov 2022 18:21:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
cf-bgj: minify
x-content-type-options: nosniff
set-cookie: __cf_bm=37hwnrPCUu_OBWTr3Teh2yzEu8KSP5HTYXLCq54PPXU-1669319944-0-AVS0QNd/eSpmx5A+DOin9r5niJlyQXxy/jT41UvwvEDEz/4MXl3/68t0rAhxjDjncM6bd/CD5uWVKf+L6/ifMII=; path=/; expires=Thu, 24-Nov-22 20:29:04 GMT; domain=.calendly.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/6.35.0/assets/otCommonStyles.css
104.16.148.64200 OK 0 B URL HTTP/2 cdn.cookielaw.org/scripttemplates/6.35.0/assets/otCommonStyles.css
IP 104.16.148.64:0
GET /scripttemplates/6.35.0/assets/otCommonStyles.css HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Origin: https://calendly.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 19:59:08 GMT
content-type: text/css
content-md5: /wtHD+oYY7dZRzCx50GZrQ==
last-modified: Mon, 06 Jun 2022 06:21:12 GMT
x-ms-request-id: 56bfbd6c-f01e-00c0-7082-7952a2000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 76357
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76f4b92c4c55b511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
assets.calendly.com/assets/booking/js/booking-runtime-591ea883.js
172.66.43.26200 OK 0 B URL HTTP/2 assets.calendly.com/assets/booking/js/booking-runtime-591ea883.js
IP 172.66.43.26:0
GET /assets/booking/js/booking-runtime-591ea883.js HTTP/1.1
Host: assets.calendly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Cookie: __cf_bm=37hwnrPCUu_OBWTr3Teh2yzEu8KSP5HTYXLCq54PPXU-1669319944-0-AVS0QNd/eSpmx5A+DOin9r5niJlyQXxy/jT41UvwvEDEz/4MXl3/68t0rAhxjDjncM6bd/CD5uWVKf+L6/ifMII=; __cfruid=690fc1972f5ae59fbd36ba522948ffd4515b8537-1669319946
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 19:59:06 GMT
content-type: application/javascript
cf-ray: 76f4b9227e89b529-OSL
age: 284554
cache-control: public, max-age=31536000
etag: W/"70fad10a770cc9f6d19b67c18736dc5f"
expires: Fri, 25 Nov 2022 19:59:06 GMT
last-modified: Mon, 21 Nov 2022 12:51:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
cf-bgj: minify
cf-polished: origSize=19548
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.clarity.ms/tag/d8idw26pe6?ref=bwt
13.107.227.53200 OK 0 B URL HTTP/2 www.clarity.ms/tag/d8idw26pe6?ref=bwt
IP 13.107.227.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /tag/d8idw26pe6?ref=bwt HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.glennmarkdizon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=e12e6580e5754e91ae1231c10d65bf5e.20221124.20231124; expires=Fri, 24 Nov 2023 19:59:08 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
x-cache: CONFIG_NOCACHE
x-azure-ref: 0DM1/YwAAAAD3wylatPZ0R4r2P4E18PzFT1NMMjMxMDUwMjA0MDE3ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
date: Thu, 24 Nov 2022 19:59:08 GMT
X-Firefox-Spdy: h2
cdn.pendo.io/agent/static/4cfbcefc-fcf9-4b66-5dc6-9b0d81bb07a9/pendo.js
54.230.111.15200 OK 0 B URL HTTP/2 cdn.pendo.io/agent/static/4cfbcefc-fcf9-4b66-5dc6-9b0d81bb07a9/pendo.js
IP 54.230.111.15:0
GET /agent/static/4cfbcefc-fcf9-4b66-5dc6-9b0d81bb07a9/pendo.js HTTP/1.1
Host: cdn.pendo.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 132103
x-guploader-uploadid: ADPycdvX4J4LF5Yjy2eGolNEO2pITQOHLcbT0hgr3xlvx826Wx5vP2qNcnrjj72WRrSBecqJ9_JSBwjTTXMsIxxw3xrMdQ
last-modified: Thu, 17 Nov 2022 19:16:48 GMT
x-goog-generation: 1668712608872610
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 132103
content-encoding: gzip
x-goog-hash: crc32c=fhFFHQ==, md5=p5vf38u/Z6kvzkW47LwULA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: *
server: UploadServer
date: Thu, 24 Nov 2022 19:57:07 GMT
expires: Thu, 24 Nov 2022 20:04:15 GMT
cache-control: max-age=450
etag: "a79bdfdfcbbf67a92fce45b8ecbc142c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: R2DLqT3NFCmFrTxvekPmh70NCZrPmhsnYrxWUPl0jpCWRP0UwgONgA==
age: 144
X-Firefox-Spdy: h2
js.appboycdn.com/web-sdk/3.1/appboy.min.js
104.17.218.31200 OK 0 B URL HTTP/2 js.appboycdn.com/web-sdk/3.1/appboy.min.js
IP 104.17.218.31:0
GET /web-sdk/3.1/appboy.min.js HTTP/1.1
Host: js.appboycdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 19:59:09 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: fWaUAy85I3OGfp5Yat3q2YpqLSFkKavxj9T9nlVUzQChU97gFu1zDcKS8fs/SxePpI3qSbZVzME=
x-amz-request-id: 4HN36FEXFZ9BZE1J
last-modified: Tue, 02 Feb 2021 00:22:35 GMT
etag: W/"1c3631b60e0fed888d7a4fcedb3e0448"
cf-cache-status: HIT
age: 2080
expires: Thu, 24 Nov 2022 23:59:09 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f4b9315c4db4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
assets.calendly.com/assets/booking/js/booking-270c1e77.js
172.66.43.26200 OK 0 B URL HTTP/2 assets.calendly.com/assets/booking/js/booking-270c1e77.js
IP 172.66.43.26:0
GET /assets/booking/js/booking-270c1e77.js HTTP/1.1
Host: assets.calendly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Cookie: __cf_bm=37hwnrPCUu_OBWTr3Teh2yzEu8KSP5HTYXLCq54PPXU-1669319944-0-AVS0QNd/eSpmx5A+DOin9r5niJlyQXxy/jT41UvwvEDEz/4MXl3/68t0rAhxjDjncM6bd/CD5uWVKf+L6/ifMII=; __cfruid=690fc1972f5ae59fbd36ba522948ffd4515b8537-1669319946
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 19:59:06 GMT
content-type: application/javascript
cf-ray: 76f4b9227e8cb529-OSL
age: 84717
cache-control: public, max-age=31536000
etag: W/"e75b0b3312fd60d990b8173bcb8ac4af"
expires: Fri, 25 Nov 2022 19:59:06 GMT
last-modified: Wed, 23 Nov 2022 20:21:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
cf-bgj: minify
cf-polished: origSize=1691087
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2