urlscan.io logo urlscan.io
SecurityTrails logo

blogs.cor.org Open in urlscan Pro
141.193.213.10  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://groups.blogs.cor.org/
Effective URL: https://blogs.cor.org/wp-signup.php?new=groups
Submission: On July 01 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 19 HTTP transactions. The main IP is 141.193.213.10, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is blogs.cor.org.
TLS certificate: Issued by E1 on May 26th 2024. Valid for: 3 months.
This is the only time blogs.cor.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 141.193.213.11 209242 (CLOUDFLAR...)
12 141.193.213.10 209242 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 52.24.78.187 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
19 6
1    141.193.213.11 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
groups.blogs.cor.org
12    141.193.213.10 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
blogs.cor.org
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    52.24.78.187 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-24-78-187.us-west-2.compute.amazonaws.com
app.truconversion.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
13 cor.org
groups.blogs.cor.org
blogs.cor.org
149 KB
2 gstatic.com
fonts.gstatic.com
52 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81
190 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2355
1 truconversion.com
app.truconversion.com — Cisco Umbrella Rank: 106156
1 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83
1 KB
19 6
Domain Requested by
12 blogs.cor.org blogs.cor.org
2 fonts.gstatic.com fonts.googleapis.com
2 www.googletagmanager.com blogs.cor.org
www.googletagmanager.com
1 region1.google-analytics.com www.googletagmanager.com
1 app.truconversion.com blogs.cor.org
1 fonts.googleapis.com blogs.cor.org
1 groups.blogs.cor.org 1 redirects
19 7

This site contains links to these domains. Also see Links.

Domain
wordpress.org
Subject Issuer Validity Valid
blogs.cor.org
E1		 2024-05-26 -
2024-08-24		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.google-analytics.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
www.truconversion.com
Sectigo RSA Domain Validation Secure Server CA		 2023-10-15 -
2024-11-13		 a year crt.sh

This page contains 1 frames:

Primary Page: https://blogs.cor.org/wp-signup.php?new=groups
Frame ID: 077B519C821DCA5AC4E69075AF332976
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The United Methodist Church of the Resurrection - blogs.cor.orgThe United Methodist Church of the Resurrection - blogs.cor.org

Page URL History Show full URLs

  1. https://groups.blogs.cor.org/ HTTP 302
    https://blogs.cor.org/wp-signup.php?new=groups Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <body class=(?:"|')[^"']*oxygen-body
  • <link [^>]*href=(?:"|')[^>]*wp-content/plugins/oxygen/
  • wp-content/plugins/oxygen
Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

19
Requests

100 %
HTTPS

57 %
IPv6

6
Domains

7
Subdomains

6
IPs

2
Countries

393 kB
Transfer

1694 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://groups.blogs.cor.org/ HTTP 302
    https://blogs.cor.org/wp-signup.php?new=groups Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request wp-signup.php
blogs.cor.org/
Redirect Chain
  • https://groups.blogs.cor.org/
  • https://blogs.cor.org/wp-signup.php?new=groups
15 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://blogs.cor.org/wp-signup.php?new=groups
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
fb7193adc4a88e226d442d90743e2b67237a32164c72621cb7e8afc7119fc697

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, must-revalidate, private
cf-cache-status
DYNAMIC
cf-ray
89c752a889109960-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 01 Jul 2024 15:10:27 GMT
expires
Wed, 11 Jan 1984 05:00:00 GMT
server
cloudflare
vary
Accept-Encoding Accept-Encoding Accept-Encoding
x-cache
MISS
x-cacheable
NO:Passed
x-pass-why
wp-admin
x-powered-by
WP Engine

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, must-revalidate, private
cf-cache-status
DYNAMIC
cf-ray
89c752a1d86230f9-FRA
content-type
text/html; charset=UTF-8
date
Mon, 01 Jul 2024 15:10:26 GMT
location
https://blogs.cor.org/wp-signup.php?new=groups
server
cloudflare
x-cache
MISS
x-cache-group
normal
x-cacheable
non200
x-powered-by
WP Engine
style.css
blogs.cor.org/wp-content/themes/Divi/ 		805 KB
82 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blogs.cor.org/wp-content/themes/Divi/style.css
Requested by
Host: blogs.cor.org
URL: https://blogs.cor.org/wp-signup.php?new=groups
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be7b683516f00ef5d0d5d085989da98c6a5d2ddb55d83573373b729a70d7ae4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://blogs.cor.org/wp-signup.php?new=groups
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 15:10:28 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 21 Sep 2022 02:49:28 GMT
server
cloudflare
etag
W/"632a7bb8-c958f"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
89c752aedf889960-FRA
alt-svc
h3=":443"; ma=86400
style.min.css
blogs.cor.org/wp-includes/css/dist/block-library/ 		111 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blogs.cor.org/wp-includes/css/dist/block-library/style.min.css?ver=6.5.3
Requested by
Host: blogs.cor.org
URL: https://blogs.cor.org/wp-signup.php?new=groups
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://blogs.cor.org/wp-signup.php?new=groups
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 15:10:28 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 27 Feb 2024 14:48:23 GMT
server
cloudflare
etag
W/"65ddf637-1bae5"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
89c752aedf899960-FRA
alt-svc
h3=":443"; ma=86400
oxygen.css
blogs.cor.org/wp-content/plugins/oxygen/component-framework/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blogs.cor.org/wp-content/plugins/oxygen/component-framework/oxygen.css?ver=4.0.1
Requested by
Host: blogs.cor.org
URL: https://blogs.cor.org/wp-signup.php?new=groups
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4052b8b4603b58652ca621b5783f4c5f58cb31de40866a400ef1b30116a61955

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://blogs.cor.org/wp-signup.php?new=groups
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 15:10:28 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 21 Sep 2022 02:51:16 GMT
server
cloudflare
etag
W/"632a7c24-4f90"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
89c752aedf8a9960-FRA
alt-svc
h3=":443"; ma=86400
style.min.css
blogs.cor.org/wp-content/plugins/divi_cpt_layout_injector/styles/ 		1 KB
551 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blogs.cor.org/wp-content/plugins/divi_cpt_layout_injector/styles/style.min.css?ver=6.5.3
Requested by
Host: blogs.cor.org
URL: https://blogs.cor.org/wp-signup.php?new=groups
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb59b9b1e1f77f201b4cf62e4ab138f66571e64f3714bcb6c5b0a0b2cc10af82

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://blogs.cor.org/wp-signup.php?new=groups
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 15:10:28 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 21 Sep 2022 02:53:52 GMT
server
cloudflare
etag
W/"632a7cc0-4b9"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
89c752aedf8b9960-FRA
alt-svc
h3=":443"; ma=86400
style.css
blogs.cor.org/wp-content/plugins/divi_taxonomy_layout_injector/ 		1 KB
483 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blogs.cor.org/wp-content/plugins/divi_taxonomy_layout_injector/style.css?ver=6.5.3
Requested by
Host: blogs.cor.org
URL: https://blogs.cor.org/wp-signup.php?new=groups
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4a5b2d10a7384d1e2191fdaf12cb51e4ab4f82af5da89a018dc7c358d8c7b2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://blogs.cor.org/wp-signup.php?new=groups
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 15:10:28 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 21 Sep 2022 02:53:52 GMT
server
cloudflare
etag
W/"632a7cc0-453"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
89c752aedf8c9960-FRA
alt-svc
h3=":443"; ma=86400
jquery.min.js
blogs.cor.org/wp-includes/js/jquery/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blogs.cor.org/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: blogs.cor.org
URL: https://blogs.cor.org/wp-signup.php?new=groups
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://blogs.cor.org/wp-signup.php?new=groups
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 15:10:28 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 28 Aug 2023 17:14:23 GMT
server
cloudflare
etag
W/"64ecd5ef-15601"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
89c752aedf8d9960-FRA
alt-svc
h3=":443"; ma=86400
jquery-migrate.min.js
blogs.cor.org/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blogs.cor.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: blogs.cor.org
URL: https://blogs.cor.org/wp-signup.php?new=groups
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://blogs.cor.org/wp-signup.php?new=groups
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 15:10:28 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 09 Jun 2023 05:49:24 GMT
server
cloudflare
etag
W/"6482bd64-3509"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
89c752aedf8e9960-FRA
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/ 		18 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:100,200,300,400,500,600,700,800,900|Oswald:100,200,300,400,500,600,700,800,900|Playfair+Display+SC:100,200,300,400,500,600,700,800,900
Requested by
Host: blogs.cor.org
URL: https://blogs.cor.org/wp-signup.php?new=groups
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ddca827435d5520728b761670a326d8cfd9edb3d95241bc92ad1fff6e871a89f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://blogs.cor.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 01 Jul 2024 15:10:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 01 Jul 2024 15:10:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 01 Jul 2024 15:10:27 GMT
welcome-to-resurrection-1044.css
blogs.cor.org/wp-content/uploads/oxygen/css/ 		2 KB
900 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blogs.cor.org/wp-content/uploads/oxygen/css/welcome-to-resurrection-1044.css?cache=1586986566&ver=6.5.3
Requested by
Host: blogs.cor.org
URL: https://blogs.cor.org/wp-signup.php?new=groups
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e24acb703183205c121324bd00770c3854dc2b19c9b61866a7ac2cda2d6c59f6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://blogs.cor.org/wp-signup.php?new=groups
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 15:10:28 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 21 Sep 2022 02:49:08 GMT
server
cloudflare
etag
W/"632a7ba4-8ae"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
89c752aedf919960-FRA
alt-svc
h3=":443"; ma=86400
universal.css
blogs.cor.org/wp-content/uploads/oxygen/css/ 		23 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blogs.cor.org/wp-content/uploads/oxygen/css/universal.css?cache=1686858694&ver=6.5.3
Requested by
Host: blogs.cor.org
URL: https://blogs.cor.org/wp-signup.php?new=groups
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5007aef2fcf34bd5e174f46f3e076f8feb70ded6dbf27db6cdfd03ad635a485

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://blogs.cor.org/wp-signup.php?new=groups
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 15:10:28 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 15 Jun 2023 19:51:34 GMT
server
cloudflare
etag
W/"648b6bc6-5df3"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
89c752aedf939960-FRA
alt-svc
h3=":443"; ma=86400
comment-reply.min.js
blogs.cor.org/wp-includes/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blogs.cor.org/wp-includes/js/comment-reply.min.js?ver=6.5.3
Requested by
Host: blogs.cor.org
URL: https://blogs.cor.org/wp-signup.php?new=groups
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://blogs.cor.org/wp-signup.php?new=groups
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 15:10:28 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 08 Apr 2022 20:07:18 GMT
server
cloudflare
etag
W/"625095f6-ba5"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
89c752b30c229960-FRA
alt-svc
h3=":443"; ma=86400
gtm.js
www.googletagmanager.com/ 		267 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NMH3R9F
Requested by
Host: blogs.cor.org
URL: https://blogs.cor.org/wp-signup.php?new=groups
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6ef2bcc40c39e5f9134846058045554821405d83faad3b1c480c5cf5c4114ce8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://blogs.cor.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 15:10:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96779
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 01 Jul 2024 15:10:28 GMT
TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v53/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v53/TK3iWkUHHAIjg752GT8G.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,200,300,400,500,600,700,800,900|Oswald:100,200,300,400,500,600,700,800,900|Playfair+Display+SC:100,200,300,400,500,600,700,800,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
241ced7f220982f5679a64cc6db34ed42cd21274508cc5814616d9efe374afde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://blogs.cor.org
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 14:51:06 GMT
x-content-type-options
nosniff
age
519562
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28512
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:44:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Jun 2025 14:51:06 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,200,300,400,500,600,700,800,900|Oswald:100,200,300,400,500,600,700,800,900|Playfair+Display+SC:100,200,300,400,500,600,700,800,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://blogs.cor.org
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 14:56:54 GMT
x-content-type-options
nosniff
age
519214
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Jun 2025 14:56:54 GMT
js
www.googletagmanager.com/gtag/ 		278 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-BVWVNZEM1R&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NMH3R9F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
31d625f5a8610f00e66ccb790f37a4447e55e135bd4b8fadf79b52e9e2158148
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://blogs.cor.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 15:10:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
97155
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 01 Jul 2024 15:10:28 GMT
b3ef5.js
app.truconversion.com/ti-js/22979/ 		267 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.truconversion.com/ti-js/22979/b3ef5.js
Requested by
Host: blogs.cor.org
URL: https://blogs.cor.org/wp-signup.php?new=groups
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.24.78.187 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-24-78-187.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
3ea0ae12147c76e3b4e6ad26bfb580121295c8aa91480dee7b7e579dd00eb23d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' *.truconversion.com http: https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' http: https: data: blob:; style-src 'self' 'unsafe-inline' http: https:; style-src-elem 'self' 'unsafe-inline' http: https: data:; img-src http: https: data: blob:; connect-src wss://*.truconversion.com wss://*.intercom.io wss://*.appcues.net wss://*.wistia.com wss://*.crisp.chat http: https: data: blob:; font-src http: https: data: blob:; object-src http: https:; media-src http: https: data: blob:; form-action 'self' http://*.truconversion.com https://*.truconversion.com;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://blogs.cor.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 15:10:29 GMT
content-security-policy
default-src 'self'; frame-src 'self' *.truconversion.com http: https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' http: https: data: blob:; style-src 'self' 'unsafe-inline' http: https:; style-src-elem 'self' 'unsafe-inline' http: https: data:; img-src http: https: data: blob:; connect-src wss://*.truconversion.com wss://*.intercom.io wss://*.appcues.net wss://*.wistia.com wss://*.crisp.chat http: https: data: blob:; font-src http: https: data: blob:; object-src http: https:; media-src http: https: data: blob:; form-action 'self' http://*.truconversion.com https://*.truconversion.com;
content-length
267
x-xss-protection
1; mode=block
pragma
public
last-modified
Mon, 01 Jul 2024 15:10:26 GMT
server
nginx
etag
"6682c6e2-10b"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
cache-control
max-age=180, public, stale-while-revalidate=10, stale-if-error=10
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Mon, 01 Jul 2024 15:13:29 GMT
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-BVWVNZEM1R&gtm=45je46q0v892980527z8893324876za200zb893324876&_p=1719846628458&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=2067436577.1719846629&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1719846628&sct=1&seg=0&dl=https%3A%2F%2Fblogs.cor.org%2Fwp-signup.php%3Fnew%3Dgroups&dt=The%20United%20Methodist%20Church%20of%20the%20Resurrection%20-%20blogs.cor.org&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3434&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BVWVNZEM1R&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://blogs.cor.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 01 Jul 2024 15:10:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://blogs.cor.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
favicon.ico
blogs.cor.org/ 		0
164 B 		Other
General
Check archive.org
Download Go to
Full URL
https://blogs.cor.org/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://blogs.cor.org/wp-signup.php?new=groups
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 15:10:30 GMT
cf-cache-status
MISS
last-modified
Sat, 29 Jun 2024 06:38:56 GMT
server
cloudflare
etag
"667fac00-0"
vary
Accept-Encoding
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
89c752b9ca639960-FRA
alt-svc
h3=":443"; ma=86400
content-length
0

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage undefined| $ function| jQuery object| dataLayer object| google_tag_manager object| google_tag_data object| _tip function| onYouTubeIframeAPIReady object| gaGlobal object| addComment function| tcjs

3 Cookies

Domain/Path Name / Value
.cor.org/ Name: _gcl_au
Value: 1.1.721495965.1719846629
.cor.org/ Name: _ga
Value: GA1.1.2067436577.1719846629
.cor.org/ Name: _ga_BVWVNZEM1R
Value: GS1.1.1719846628.1.0.1719846628.0.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.truconversion.com
blogs.cor.org
fonts.googleapis.com
fonts.gstatic.com
groups.blogs.cor.org
region1.google-analytics.com
www.googletagmanager.com
141.193.213.10
141.193.213.11
2001:4860:4802:32::36
2a00:1450:4001:800::200a
2a00:1450:4001:80b::2003
2a00:1450:4001:827::2008
52.24.78.187
1be7b683516f00ef5d0d5d085989da98c6a5d2ddb55d83573373b729a70d7ae4
241ced7f220982f5679a64cc6db34ed42cd21274508cc5814616d9efe374afde
31d625f5a8610f00e66ccb790f37a4447e55e135bd4b8fadf79b52e9e2158148
3ea0ae12147c76e3b4e6ad26bfb580121295c8aa91480dee7b7e579dd00eb23d
4052b8b4603b58652ca621b5783f4c5f58cb31de40866a400ef1b30116a61955
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
6ef2bcc40c39e5f9134846058045554821405d83faad3b1c480c5cf5c4114ce8
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
b5007aef2fcf34bd5e174f46f3e076f8feb70ded6dbf27db6cdfd03ad635a485
bb59b9b1e1f77f201b4cf62e4ab138f66571e64f3714bcb6c5b0a0b2cc10af82
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ddca827435d5520728b761670a326d8cfd9edb3d95241bc92ad1fff6e871a89f
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e24acb703183205c121324bd00770c3854dc2b19c9b61866a7ac2cda2d6c59f6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb4a5b2d10a7384d1e2191fdaf12cb51e4ab4f82af5da89a018dc7c358d8c7b2
fb7193adc4a88e226d442d90743e2b67237a32164c72621cb7e8afc7119fc697