update.marval.us.to Open in urlscan Pro
65.109.110.204 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://update.marval.us.to/
Submission: On June 10 via api (June 10th 2023, 3:35:00 am UTC) from US — Scanned from US

Summary HTTP 19 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 9 domains to perform 19 HTTP transactions. The main IP is 65.109.110.204, located in Helsinki, Finland and belongs to HETZNER-AS, DE. The main domain is update.marval.us.to.
TLS certificate: Issued by ZeroSSL ECC Domain Secure Site CA on June 10th 2023. Valid for: 3 months.

This is the only time update.marval.us.to was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	65.109.110.204 65.109.110.204	24940 (HETZNER-AS) (HETZNER-AS)
6 14	162.159.135.42 162.159.135.42	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:81c::200a	15169 (GOOGLE) (GOOGLE)
1	192.243.61.227 192.243.61.227	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2 2	35.232.130.91 35.232.130.91	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:820::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6814:41d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3033::ac43:b0d6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	149.56.240.31 149.56.240.31	16276 (OVH) (OVH)
1	2606:4700:21:... 2606:4700:21::8d65:780b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	9

1 65.109.110.204 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.204.110.109.65.clients.your-server.de

update.marval.us.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 162.159.135.42 (None, ) 6 redirects

ASN13335 (CLOUDFLARENET, US)

careersherpa.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81c::200a (Flushing, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.243.61.227 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

diningsovereign.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.232.130.91 (Council Bluffs, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 91.130.232.35.bc.googleusercontent.com

mk0careersherpaikjlb.kinstacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:820::2003 (Flushing, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:41d (United States)

ASN13335 (CLOUDFLARENET, US)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:b0d6 (United States)

ASN13335 (CLOUDFLARENET, US)

dash.nextagc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.56.240.31 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534110.ip-149-56-240.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:21::8d65:780b (United States)

ASN13335 (CLOUDFLARENET, US)

e.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	careersherpa.net 6 redirects careersherpa.net	12 KB
4	gstatic.com fonts.gstatic.com	64 KB
2	histats.com s10.histats.com — Cisco Umbrella Rank: 12771 s4.histats.com — Cisco Umbrella Rank: 12325	5 KB
2	kinstacdn.com 2 redirects mk0careersherpaikjlb.kinstacdn.com	307 B
1	dtscout.com e.dtscout.com — Cisco Umbrella Rank: 14780
1	nextagc.com dash.nextagc.com	729 B
1	diningsovereign.com diningsovereign.com — Cisco Umbrella Rank: 785930
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	1 KB
1	us.to update.marval.us.to	23 KB
19	9

	Domain	Requested by
14	careersherpa.net	6 redirects update.marval.us.to
4	fonts.gstatic.com	fonts.googleapis.com
2	mk0careersherpaikjlb.kinstacdn.com	2 redirects
1	e.dtscout.com	s4.histats.com
1	s4.histats.com	s10.histats.com
1	dash.nextagc.com	update.marval.us.to
1	s10.histats.com	update.marval.us.to
1	diningsovereign.com	update.marval.us.to
1	fonts.googleapis.com	update.marval.us.to
1	update.marval.us.to
19	10

This site contains links to these domains. Also see Links.

Domain
careersherpa.net

Subject Issuer	Validity	Valid
update.marval.us.to ZeroSSL ECC Domain Secure Site CA	`2023-06-10` - `2023-09-08`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
diningsovereign.com R3	`2023-05-15` - `2023-08-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-13` - `2024-05-11`	a year	crt.sh
nextagc.com GTS CA 1P5	`2023-05-21` - `2023-08-19`	3 months	crt.sh
histats.com R3	`2023-06-06` - `2023-09-04`	3 months	crt.sh
dtscout.com GTS CA 1P5	`2023-05-27` - `2023-08-25`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://update.marval.us.to/
Frame ID: 25F706EA9E614ADDA0563B34D9EE143A
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hannah Morgan | Job Search, Career and Social Media StrategistHannah Morgan | Job Search, Career and Social Media StrategistHannah Morgan | Job Search, Career and Social Media StrategistHannah Morgan | Job Search, Career and Social Media StrategistHannah Morgan | Job Search, Career and Social Media Strategist

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

19
Requests

58 %
HTTPS

50 %
IPv6

9
Domains

10
Subdomains

9
IPs

4
Countries

104 kB
Transfer

194 kB
Size

7
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://careersherpa.net/wp-content/uploads/2019/10/As-seen-in.png
Title: <img width="1200" height="200" src="https://careersherpa.net/wp-content/uploads/2019/10/As-seen-in.png" class="image wp-image-28084 attachment-full size-full" alt="" decoding="async" style="max-width: 100%; height: auto;" srcset="https://careersherpa.net/wp-content/uploads/2019/10/As-seen-in.png 1200w, https://careersherpa.net/wp-content/uploads/2019/10/As-seen-in-500x83.png 500w, https://careersherpa.net/wp-content/uploads/2019/10/As-seen-in-768x128.png 768w, https://careersherpa.net/wp-content/uploads/2019/10/As-seen-in-700x117.png 700w" sizes="(max-width: 1200px) 100vw, 1200px">

Search URL Search Domain Scan URL

URL: https://careersherpa.net/wp-content/uploads/2020/04/Career-Sherpa-200-X-200-1.png
Title: <img width="150" height="150" src="https://careersherpa.net/wp-content/uploads/2020/04/Career-Sherpa-200-X-200-1-150x150.png" class="image wp-image-29770 attachment-thumbnail size-thumbnail" alt="" decoding="async" style="max-width: 100%; height: auto;" srcset="https://careersherpa.net/wp-content/uploads/2020/04/Career-Sherpa-200-X-200-1-150x150.png 150w, https://careersherpa.net/wp-content/uploads/2020/04/Career-Sherpa-200-X-200-1.png 200w" sizes="(max-width: 150px) 100vw, 150px">

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://careersherpa.net/data:image/svg+xml,%3Csvg%20xmlns='http://www.w3.org/2000/svg'%20viewBox='0%200%2025%2024'%3E%3C/svg%3E HTTP 301
https://careersherpa.net/data:image/svg+xml,%3Csvg%20xmlns=http:/www.w3.org/2000/svg%20viewBox=0%200%2025%2024%3E%3C/svg%3E

Request Chain 1

https://careersherpa.net/data:image/svg+xml,%3Csvg%20xmlns='http://www.w3.org/2000/svg'%20viewBox='0%200%201616%20480'%3E%3C/svg%3E HTTP 301
https://careersherpa.net/data:image/svg+xml,%3Csvg%20xmlns=http:/www.w3.org/2000/svg%20viewBox=0%200%201616%20480%3E%3C/svg%3E

Request Chain 2

https://careersherpa.net/data:image/svg+xml,%3Csvg%20xmlns='http://www.w3.org/2000/svg'%20viewBox='0%200%2086%2085'%3E%3C/svg%3E HTTP 301
https://careersherpa.net/data:image/svg+xml,%3Csvg%20xmlns=http:/www.w3.org/2000/svg%20viewBox=0%200%2086%2085%3E%3C/svg%3E

Request Chain 3

https://careersherpa.net/data:image/svg+xml,%3Csvg%20xmlns='http://www.w3.org/2000/svg'%20viewBox='0%200%201200%20200'%3E%3C/svg%3E HTTP 301
https://careersherpa.net/data:image/svg+xml,%3Csvg%20xmlns=http:/www.w3.org/2000/svg%20viewBox=0%200%201200%20200%3E%3C/svg%3E

Request Chain 4

https://careersherpa.net/data:image/svg+xml,%3Csvg%20xmlns='http://www.w3.org/2000/svg'%20viewBox='0%200%20300%20150'%3E%3C/svg%3E HTTP 301
https://careersherpa.net/data:image/svg+xml,%3Csvg%20xmlns=http:/www.w3.org/2000/svg%20viewBox=0%200%20300%20150%3E%3C/svg%3E

Request Chain 5

https://careersherpa.net/data:image/svg+xml,%3Csvg%20xmlns='http://www.w3.org/2000/svg'%20viewBox='0%200%20150%20150'%3E%3C/svg%3E HTTP 301
https://careersherpa.net/data:image/svg+xml,%3Csvg%20xmlns=http:/www.w3.org/2000/svg%20viewBox=0%200%20150%20150%3E%3C/svg%3E

Request Chain 8

https://mk0careersherpaikjlb.kinstacdn.com/wp-content/themes/sherpa/images/logo.png HTTP 301
https://careersherpa.net/wp-content/themes/sherpa/images/logo.png

Request Chain 9

https://mk0careersherpaikjlb.kinstacdn.com/wp-content/themes/sherpa/images/socialGreen.png HTTP 301
https://careersherpa.net/wp-content/themes/sherpa/images/socialGreen.png

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
update.marval.us.to/ 99 KB
23 KB 907ms
369ms Document
text/html 65.109.110.204
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://update.marval.us.to/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 65.109.110.204 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.204.110.109.65.clients.your-server.de
Software: nginx/1.14.2 /
Resource Hash: c47ebcf93801d1df012eaf5e9a3b15556c0d942a79fca4fe096cec1711fb1919

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-store, no-cache
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Sat, 10 Jun 2023 03:34:53 GMT
Last-Modified: Saturday, 10-Jun-2023 03:34:53 GMT
Server: nginx/1.14.2
Transfer-Encoding: chunked

GET
H2

404

svg%3E
careersherpa.net/data:image/svg+xml,%3Csvg%20xmlns=http:/www.w3.org/2000/svg%20viewBox=0%200%2025%2024%3E%3C/
Redirect Chain

https://careersherpa.net/data:image/svg+xml,%3Csvg%20xmlns='http://www.w3.org/2000/svg'%20viewBox='0%200%2025%2024'%3E%3C/svg%3E
https://careersherpa.net/data:image/svg+xml,%3Csvg%20xmlns=http:/www.w3.org/2000/svg%20viewBox=0%200%2025%2024%3E%3C/svg%3E

0
0

380ms
380ms

Image
text/html

162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://careersherpa.net/data:image/svg+xml,%3Csvg%20xmlns=http:/www.w3.org/2000/svg%20viewBox=0%200%2025%2024%3E%3C/svg%3E
Requested by: Host: update.marval.us.to
URL: https://update.marval.us.to/
Protocol: H2
Server: 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://update.marval.us.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Redirect headers

date: Sat, 10 Jun 2023 03:34:54 GMT
content-security-policy: block-all-mixed-content;
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=19.0.6;mv=1.1.3
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-redirect-by: WordPress
x-kinsta-cache: EXPIRED
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FaTayOIf6HGJsYQvVE%2Fb7swOmxWbXAuHA3rX70njyJ0UI2KjRdHGfR37x%2Bh%2FBbdk66pNrLRraLkS0wy5t9r9kvCHEoo7AEGm2scLjGsS6AtsY0%2F6yqVlslcYkRam83CQc0w%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://careersherpa.net/data:image/svg+xml,%3Csvg%20xmlns=http:/www.w3.org/2000/svg%20viewBox=0%200%2025%2024%3E%3C/svg%3E
access-control-allow-origin: *
cache-control: no-cache, must-revalidate, max-age=0
ki-cache-type: None
cf-ray: 7d4e8faced77da87-MIA
ki-cf-cache-status: BYPASS
x-edge-location-klb: 1
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3

404

svg%3E
careersherpa.net/data:image/svg+xml,%3Csvg%20xmlns=http:/www.w3.org/2000/svg%20viewBox=0%200%201616%20480%3E%3C/
Redirect Chain

https://careersherpa.net/data:image/svg+xml,%3Csvg%20xmlns='http://www.w3.org/2000/svg'%20viewBox='0%200%201616%20480'%3E%3C/svg%3E
https://careersherpa.net/data:image/svg+xml,%3Csvg%20xmlns=http:/www.w3.org/2000/svg%20viewBox=0%200%201616%20480%3E%3C/svg%3E

0
0

505ms
505ms

Image
text/html

162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://careersherpa.net/data:image/svg+xml,%3Csvg%20xmlns=http:/www.w3.org/2000/svg%20viewBox=0%200%201616%20480%3E%3C/svg%3E
Requested by: Host: update.marval.us.to
URL: https://update.marval.us.to/
Protocol: H3
Server: 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://update.marval.us.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Redirect headers

date: Sat, 10 Jun 2023 03:34:54 GMT
content-security-policy: block-all-mixed-content;
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=19.0.6;mv=1.1.3
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-redirect-by: WordPress
x-kinsta-cache: EXPIRED
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TtocQ8hbmipINVpaVdECWtyOV4k1H3LrhM6VkMCFPXgzaN5Q6ty871OyG%2BLrfGWk09BRNOSJM8iQtVSs8fbB53roRdfQnrpgKLUpLokVRFRFghrl5thMZX3JVw16RAHQimg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://careersherpa.net/data:image/svg+xml,%3Csvg%20xmlns=http:/www.w3.org/2000/svg%20viewBox=0%200%201616%20480%3E%3C/svg%3E
access-control-allow-origin: *
cache-control: no-cache, must-revalidate, max-age=0
ki-cache-type: None
cf-ray: 7d4e8faced7ada87-MIA
ki-cf-cache-status: BYPASS
x-edge-location-klb: 1
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3

404

svg%3E
careersherpa.net/data:image/svg+xml,%3Csvg%20xmlns=http:/www.w3.org/2000/svg%20viewBox=0%200%2086%2085%3E%3C/
Redirect Chain

https://careersherpa.net/data:image/svg+xml,%3Csvg%20xmlns='http://www.w3.org/2000/svg'%20viewBox='0%200%2086%2085'%3E%3C/svg%3E
https://careersherpa.net/data:image/svg+xml,%3Csvg%20xmlns=http:/www.w3.org/2000/svg%20viewBox=0%200%2086%2085%3E%3C/svg%3E

0
0

448ms
447ms

Image
text/html

162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://careersherpa.net/data:image/svg+xml,%3Csvg%20xmlns=http:/www.w3.org/2000/svg%20viewBox=0%200%2086%2085%3E%3C/svg%3E
Requested by: Host: update.marval.us.to
URL: https://update.marval.us.to/
Protocol: H3
Server: 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://update.marval.us.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Redirect headers

date: Sat, 10 Jun 2023 03:34:54 GMT
content-security-policy: block-all-mixed-content;
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=19.0.6;mv=1.1.3
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-redirect-by: WordPress
x-kinsta-cache: EXPIRED
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dw1o3NDO9T0zcFnnMGAnPlkUAg9n6QsmlOpL00xHejOMWvyWDgqUITCfBK%2FQFOTKmLCRGNUW3Fema%2BM1yqfNXjuOVQNKHWuB9LfQZ4tc%2BJw46H%2BjMcFGjcq0ubPsZOtknXI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://careersherpa.net/data:image/svg+xml,%3Csvg%20xmlns=http:/www.w3.org/2000/svg%20viewBox=0%200%2086%2085%3E%3C/svg%3E
access-control-allow-origin: *
cache-control: no-cache, must-revalidate, max-age=0
ki-cache-type: None
cf-ray: 7d4e8faced7dda87-MIA
ki-cf-cache-status: BYPASS
x-edge-location-klb: 1
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3

404

svg%3E
careersherpa.net/data:image/svg+xml,%3Csvg%20xmlns=http:/www.w3.org/2000/svg%20viewBox=0%200%201200%20200%3E%3C/
Redirect Chain

https://careersherpa.net/data:image/svg+xml,%3Csvg%20xmlns='http://www.w3.org/2000/svg'%20viewBox='0%200%201200%20200'%3E%3C/svg%3E
https://careersherpa.net/data:image/svg+xml,%3Csvg%20xmlns=http:/www.w3.org/2000/svg%20viewBox=0%200%201200%20200%3E%3C/svg%3E

0
0

479ms
479ms

Image
text/html

162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://careersherpa.net/data:image/svg+xml,%3Csvg%20xmlns=http:/www.w3.org/2000/svg%20viewBox=0%200%201200%20200%3E%3C/svg%3E
Requested by: Host: update.marval.us.to
URL: https://update.marval.us.to/
Protocol: H3
Server: 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://update.marval.us.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Redirect headers

date: Sat, 10 Jun 2023 03:34:54 GMT
content-security-policy: block-all-mixed-content;
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=19.0.6;mv=1.1.3
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-redirect-by: WordPress
x-kinsta-cache: EXPIRED
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L0wP4yG%2F%2B10AeOvnUnTX0X5pViCjMQVLGxX1g6q5DpD21Bdq5UrDnGa8yxBNJXv7NPj9qWU0DdnlTArwuqfYKeGmUBp81HIFFpdFfBOlzwjNdbyu2e5261xson7FkeIOSZU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://careersherpa.net/data:image/svg+xml,%3Csvg%20xmlns=http:/www.w3.org/2000/svg%20viewBox=0%200%201200%20200%3E%3C/svg%3E
access-control-allow-origin: *
cache-control: no-cache, must-revalidate, max-age=0
ki-cache-type: None
cf-ray: 7d4e8faced81da87-MIA
ki-cf-cache-status: BYPASS
x-edge-location-klb: 1
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3

404

svg%3E
careersherpa.net/data:image/svg+xml,%3Csvg%20xmlns=http:/www.w3.org/2000/svg%20viewBox=0%200%20300%20150%3E%3C/
Redirect Chain

https://careersherpa.net/data:image/svg+xml,%3Csvg%20xmlns='http://www.w3.org/2000/svg'%20viewBox='0%200%20300%20150'%3E%3C/svg%3E
https://careersherpa.net/data:image/svg+xml,%3Csvg%20xmlns=http:/www.w3.org/2000/svg%20viewBox=0%200%20300%20150%3E%3C/svg%3E

0
0

499ms
499ms

Image
text/html

162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://careersherpa.net/data:image/svg+xml,%3Csvg%20xmlns=http:/www.w3.org/2000/svg%20viewBox=0%200%20300%20150%3E%3C/svg%3E
Requested by: Host: update.marval.us.to
URL: https://update.marval.us.to/
Protocol: H3
Server: 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://update.marval.us.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Redirect headers

date: Sat, 10 Jun 2023 03:34:54 GMT
content-security-policy: block-all-mixed-content;
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=19.0.6;mv=1.1.3
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-redirect-by: WordPress
x-kinsta-cache: EXPIRED
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1QfceOZRxkIWHS4jhitDH1W5vINs%2F%2FWi9NcvuEXIoPDKydbRXu6Um7iXpQKl7zZeXoCutx4%2FXwNry3y0jfrGI8vt3NK3E9bn2MYTRH8rDqsMQNb0fpMSgv1cVB8Xp3dJHEo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://careersherpa.net/data:image/svg+xml,%3Csvg%20xmlns=http:/www.w3.org/2000/svg%20viewBox=0%200%20300%20150%3E%3C/svg%3E
access-control-allow-origin: *
cache-control: no-cache, must-revalidate, max-age=0
ki-cache-type: None
cf-ray: 7d4e8faced82da87-MIA
ki-cf-cache-status: BYPASS
x-edge-location-klb: 1
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2

404

svg%3E
careersherpa.net/data:image/svg+xml,%3Csvg%20xmlns=http:/www.w3.org/2000/svg%20viewBox=0%200%20150%20150%3E%3C/
Redirect Chain

https://careersherpa.net/data:image/svg+xml,%3Csvg%20xmlns='http://www.w3.org/2000/svg'%20viewBox='0%200%20150%20150'%3E%3C/svg%3E
https://careersherpa.net/data:image/svg+xml,%3Csvg%20xmlns=http:/www.w3.org/2000/svg%20viewBox=0%200%20150%20150%3E%3C/svg%3E

0
0

379ms
378ms

Image
text/html

162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://careersherpa.net/data:image/svg+xml,%3Csvg%20xmlns=http:/www.w3.org/2000/svg%20viewBox=0%200%20150%20150%3E%3C/svg%3E
Requested by: Host: update.marval.us.to
URL: https://update.marval.us.to/
Protocol: H2
Server: 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://update.marval.us.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Redirect headers

date: Sat, 10 Jun 2023 03:34:54 GMT
content-security-policy: block-all-mixed-content;
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=19.0.6;mv=1.1.3
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-redirect-by: WordPress
x-kinsta-cache: EXPIRED
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cTt07bpgOlE8cxwyuQmfHeuKyJLPz4JRzQaDdJ1AATqVaSPMSN%2BBaHzkx84Imvau2C1CxSD4u%2Bfoixcg%2Fin1m554EnrdzDqtRYmsDJuoU9vH0cpA0v%2FwyrmznxGp%2FaJTVMQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://careersherpa.net/data:image/svg+xml,%3Csvg%20xmlns=http:/www.w3.org/2000/svg%20viewBox=0%200%20150%20150%3E%3C/svg%3E
access-control-allow-origin: *
cache-control: no-cache, must-revalidate, max-age=0
ki-cache-type: None
cf-ray: 7d4e8faced84da87-MIA
ki-cf-cache-status: BYPASS
x-edge-location-klb: 1
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 224ms
83ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%20Condensed%3A300%2C400%2C700%7COswald%3A400%2C700&display=swap

Requested by

Host: update.marval.us.to
URL: https://update.marval.us.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98ca467b2f542cfbb24ce6c883e03282729d3a3414cab5ac41c11d16867ffffb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://update.marval.us.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 10 Jun 2023 03:34:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 10 Jun 2023 03:34:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 10 Jun 2023 03:34:54 GMT

GET
H/1.1 403
Forbidden invoke.js
diningsovereign.com/7011774e58c13ec62eb2c3bd86c274f2/ 0
0 216ms
68ms Script
application/javascript 192.243.61.227
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://diningsovereign.com/7011774e58c13ec62eb2c3bd86c274f2/invoke.js
Requested by: Host: update.marval.us.to
URL: https://update.marval.us.to/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

Referer: https://update.marval.us.to/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Sat, 10 Jun 2023 03:34:54 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2

200

logo.png
careersherpa.net/wp-content/themes/sherpa/images/
Redirect Chain

https://mk0careersherpaikjlb.kinstacdn.com/wp-content/themes/sherpa/images/logo.png
https://careersherpa.net/wp-content/themes/sherpa/images/logo.png

5 KB
5 KB

67ms
66ms

Image
image/png

162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://careersherpa.net/wp-content/themes/sherpa/images/logo.png

Requested by

Host: update.marval.us.to
URL: https://update.marval.us.to/

Protocol

Server

162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20bb8e65b348650033a71d8e0a5777a8b8887000f9d1ae0911c16056595489ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://update.marval.us.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 03:34:54 GMT
ki-cache-tag: 95a92d66-9c9a-4606-a0d3-05e567f9777e,d937610668161a101384ceb0efefd62128e342065cafd304f2d14e837432726b
cf-cache-status: HIT
ki-edge: v=19.0.6;mv=1.1.3
x-content-type-options: nosniff
age: 1198049
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 5034
last-modified: Sat, 20 Jul 2019 04:14:14 GMT
server: cloudflare
etag: "5d329516-13aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AwWWL4fPQ2%2BkU4U7VAWvpEE%2Fn3H%2B9ZD7hWxUjbIO1uG8FpKxoO9Ajd6bgN2YLKO9oYW3%2FMTgJLE%2Fmm5siHwT4DiWj0DB%2FO96YZ6l%2B2PdglVAWpCPpfS%2FmyHzLj4HhdCjELA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=2592000
ki-cache-type: CDN
accept-ranges: bytes
cf-ray: 7d4e8fafdadada87-MIA
ki-cf-cache-status: HIT
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

location: https://careersherpa.net/wp-content/themes/sherpa/images/logo.png
date: Sat, 10 Jun 2023 03:34:54 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
server: nginx
content-length: 162
content-type: text/html

GET
H2

200

socialGreen.png
careersherpa.net/wp-content/themes/sherpa/images/
Redirect Chain

https://mk0careersherpaikjlb.kinstacdn.com/wp-content/themes/sherpa/images/socialGreen.png
https://careersherpa.net/wp-content/themes/sherpa/images/socialGreen.png

4 KB
4 KB

69ms
68ms

Image
image/png

162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://careersherpa.net/wp-content/themes/sherpa/images/socialGreen.png

Requested by

Host: update.marval.us.to
URL: https://update.marval.us.to/

Protocol

Server

162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a03dc7eebc0a25266aea30ecb70e6593d7b652bb230848bbebd2e6faf45a745c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://update.marval.us.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 03:34:54 GMT
ki-cache-tag: 95a92d66-9c9a-4606-a0d3-05e567f9777e,67845ae87cfc52a970939801ec73b6e0a5519239424e7890384310ab17b69add
cf-cache-status: HIT
ki-edge: v=19.0.6;mv=1.1.3
x-content-type-options: nosniff
age: 139113
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 3859
last-modified: Sat, 20 Jul 2019 05:46:50 GMT
server: cloudflare
etag: "5d32aaca-f13"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BOuhnR%2BwNBgM6NGOPbLzSX59cCcCOYj3yL%2B2LPlNCnZy1Mbg927q4%2B0glzoSHav0mDiShWaqUIkQ9KSALXjDxzqolmEh%2BJg6PFU8Hu0MnwoqOXGqB8jreRIdwn%2BLdfREw6g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=2592000
ki-cache-type: CDN
accept-ranges: bytes
cf-ray: 7d4e8fafdadcda87-MIA
ki-cf-cache-status: HIT
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

location: https://careersherpa.net/wp-content/themes/sherpa/images/socialGreen.png
date: Sat, 10 Jun 2023 03:34:54 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
server: nginx
content-length: 162
content-type: text/html

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
15 KB 348ms
83ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%20Condensed%3A300%2C400%2C700%7COswald%3A400%2C700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://update.marval.us.to
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 23:33:55 GMT
x-content-type-options: nosniff
age: 14459
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15700
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Jun 2024 23:33:55 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
15 KB 429ms
167ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%20Condensed%3A300%2C400%2C700%7COswald%3A400%2C700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

747d5a0865fe76129cc17fe70097fd5b1db733ed3bbfa0210a8505d80c14ab5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://update.marval.us.to
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 18:08:42 GMT
x-content-type-options: nosniff
age: 33972
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15528
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:53:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Jun 2024 18:08:42 GMT

GET
H2 200 TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v49/ 17 KB
18 KB 399ms
139ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%20Condensed%3A300%2C400%2C700%7COswald%3A400%2C700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://update.marval.us.to
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 02:11:51 GMT
x-content-type-options: nosniff
age: 91383
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17908
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Jun 2024 02:11:51 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
16 KB 316ms
67ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%20Condensed%3A300%2C400%2C700%7COswald%3A400%2C700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://update.marval.us.to
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 11:15:28 GMT
x-content-type-options: nosniff
age: 577166
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15660
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Jun 2024 11:15:28 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 288ms
57ms Script
text/javascript 2606:4700:10::6814:41d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: update.marval.us.to
URL: https://update.marval.us.to/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:41d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://update.marval.us.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 03:34:54 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 41823
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 7d4e8faf5b1a8da3-MIA
content-length: 4547

POST
H2 200 process.php Show response
dash.nextagc.com/sync/ 0
729 B 395ms
167ms XHR
text/html 2606:4700:3033::ac43:b0d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dash.nextagc.com/sync/process.php
Requested by: Host: update.marval.us.to
URL: https://update.marval.us.to/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b0d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://update.marval.us.to/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 10 Jun 2023 03:34:54 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.4.33
alt-svc: h3=":443"; ma=86400
pragma: no-cache
server: cloudflare
access-control-allow-methods: POST,GET,OPTIONS, GET,POST,OPTIONS,DELETE,PUT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FbJgwiduclQPaV9FVESu%2FcbvSUfHSAmls0%2BqQXWy8rV1fiuuXedm4cADb61WGArs6OP6OF41zOvFLeOHyAo3693HNTp1KAprjkPFwMX8ArU31qM2nUHIXoljSGw9vPBM%2F%2Fn9eWjBLtujYHcgBefg"}],"group":"cf-nel","max_age":604800}
cache-control: no-store, no-cache, must-revalidate
x-turbo-charged-by: LiteSpeed
cf-ray: 7d4e8faf5e6d31fb-MIA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 380 B
515 B 274ms
88ms Script
text/html 149.56.240.31
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4756004&@f16&@g1&@h1&@i1&@j1686368094662&@k0&@l1&@mHannah%20Morgan%20%7C%20Job%20Search%2C%20Career%20and%20Social%20Media%20Strategist&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-96943339&@b3:1686368095&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fupdate.marval.us.to%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.31 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534110.ip-149-56-240.net
Software: /
Resource Hash: 25f141ade107243ae04680844a1159a5a3b80a425a93203ee99b370e9266ab6e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://update.marval.us.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Sat, 10 Jun 2023 03:34:55 GMT
Connection: close
Content-Length: 380
Content-Type: text/html;charset=UTF-8

GET
H2 500 /
e.dtscout.com/e/ 0
0 375ms
134ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fupdate.marval.us.to%2F&j=
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/0.php?4756004&@f16&@g1&@h1&@i1&@j1686368094662&@k0&@l1&@mHannah%20Morgan%20%7C%20Job%20Search%2C%20Career%20and%20Social%20Media%20Strategist&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-96943339&@b3:1686368095&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fupdate.marval.us.to%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://update.marval.us.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 03:34:55 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nyy4i6wdG5QuUqQNy1WyuFph1aocZ1IPmGN5rQiJCUfYCX6ikjsiJnYPVGnl7XN6sb2P%2Fq9LCjs2WbHG%2FfNJXtHuvTelD2mNhoPDTxPrfWzF4JgkvkWixFwXXLixnX%2Fh65CMFXxsfnYtbGQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-s: mtl1
cf-ray: 7d4e8fb30d5331f6-MIA

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
update.marval.us.to/	1970-01-20 21:11:44	Name: HstCfa4756004 Value: 1686368094662
update.marval.us.to/	1970-01-20 21:11:44	Name: HstCla4756004 Value: 1686368094662
update.marval.us.to/	1970-01-20 21:11:44	Name: HstCmu4756004 Value: 1686368094662
update.marval.us.to/	1970-01-20 21:11:44	Name: HstPn4756004 Value: 1
update.marval.us.to/	1970-01-20 21:11:44	Name: HstPt4756004 Value: 1
update.marval.us.to/	1970-01-20 21:11:44	Name: HstCnv4756004 Value: 1
update.marval.us.to/	1970-01-20 21:11:44	Name: HstCns4756004 Value: 1

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://update.marval.us.to/(Line 18) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://diningsovereign.com/7011774e58c13ec62eb2c3bd86c274f2/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://update.marval.us.to/(Line 18) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://diningsovereign.com/7011774e58c13ec62eb2c3bd86c274f2/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://diningsovereign.com/7011774e58c13ec62eb2c3bd86c274f2/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://careersherpa.net/data:image/svg+xml,%3Csvg%20xmlns=http:/www.w3.org/2000/svg%20viewBox=0%200%20150%20150%3E%3C/svg%3E Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://careersherpa.net/data:image/svg+xml,%3Csvg%20xmlns=http:/www.w3.org/2000/svg%20viewBox=0%200%2025%2024%3E%3C/svg%3E Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://careersherpa.net/data:image/svg+xml,%3Csvg%20xmlns=http:/www.w3.org/2000/svg%20viewBox=0%200%201200%20200%3E%3C/svg%3E Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://careersherpa.net/data:image/svg+xml,%3Csvg%20xmlns=http:/www.w3.org/2000/svg%20viewBox=0%200%20300%20150%3E%3C/svg%3E Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://careersherpa.net/data:image/svg+xml,%3Csvg%20xmlns=http:/www.w3.org/2000/svg%20viewBox=0%200%2086%2085%3E%3C/svg%3E Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fupdate.marval.us.to%2F&j= Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://careersherpa.net/data:image/svg+xml,%3Csvg%20xmlns=http:/www.w3.org/2000/svg%20viewBox=0%200%201616%20480%3E%3C/svg%3E Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

careersherpa.net
dash.nextagc.com
diningsovereign.com
e.dtscout.com
fonts.googleapis.com
fonts.gstatic.com
mk0careersherpaikjlb.kinstacdn.com
s10.histats.com
s4.histats.com
update.marval.us.to
149.56.240.31
162.159.135.42
192.243.61.227
2606:4700:10::6814:41d
2606:4700:21::8d65:780b
2606:4700:3033::ac43:b0d6
2607:f8b0:4006:81c::200a
2607:f8b0:4006:820::2003
35.232.130.91
65.109.110.204
20bb8e65b348650033a71d8e0a5777a8b8887000f9d1ae0911c16056595489ad
25f141ade107243ae04680844a1159a5a3b80a425a93203ee99b370e9266ab6e
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
747d5a0865fe76129cc17fe70097fd5b1db733ed3bbfa0210a8505d80c14ab5a
98ca467b2f542cfbb24ce6c883e03282729d3a3414cab5ac41c11d16867ffffb
a03dc7eebc0a25266aea30ecb70e6593d7b652bb230848bbebd2e6faf45a745c
c47ebcf93801d1df012eaf5e9a3b15556c0d942a79fca4fe096cec1711fb1919
d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516

update.marval.us.to Open in urlscan Pro 65.109.110.204 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

19 Requests

58 %HTTPS

50 %IPv6

9 Domains

10 Subdomains

9 IPs

4 Countries

104 kBTransfer

194 kBSize

7 Cookies

2 Outgoing links

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

7 Cookies

10 Console Messages

Indicators

update.marval.us.to Open in urlscan Pro
65.109.110.204 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

58 %
HTTPS

50 %
IPv6

9
Domains

10
Subdomains

9
IPs

4
Countries

104 kB
Transfer

194 kB
Size

7
Cookies

19 HTTP transactions
0 data transactions