Report - ticketguatemala.com/hoja-de-respuestas-kostick-pdf-free/

Report Overview

Visited public
2023-12-01 18:08:12
Tags
URL
ticketguatemala.com/hoja-de-respuestas-kostick-pdf-free/
Finishing URL
ticketguatemala.com/
IP / ASN
69.175.102.130
#32475 SINGLEHOP-LLC
Title
Ticket Guatemala

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

156

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ticketguatemala.com	unknown	2019-01-18	2019-05-03 19:24:14	2023-11-12 18:09:27	41 kB	6.0 MB	69.175.102.130
ajax.googleapis.com	12905	2005-01-25	2013-08-16 11:51:31	2023-12-01 08:07:42	456 B	31 kB	142.250.74.42
maps.gstatic.com	unknown	2008-02-11	2016-01-11 17:55:17	2023-12-01 09:10:48	441 B	62 kB	142.250.74.163
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-12-01 08:02:13	483 B	6.8 kB	142.250.74.106
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-12-01 06:26:25	909 B	150 kB	142.250.74.168
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-12-01 05:29:09	3.3 kB	138 kB	142.250.74.131
www.google.com	7	1997-09-15	2015-05-10 13:11:19	2023-11-19 18:48:38	3.4 kB	104 kB	142.250.74.164
www.gstatic.com	unknown	2008-02-11	2016-07-26 11:37:06	2023-12-01 06:50:24	2.5 kB	603 kB	142.250.74.131
maps.googleapis.com	33876	2005-01-25	2019-10-17 17:56:16	2023-12-01 09:27:56	5.3 kB	312 kB	142.250.74.42
www.bpo361.com	unknown	2016-04-14	2019-07-27 05:09:08	2023-11-12 18:33:32	456 B	263 kB	185.151.30.195

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed
2023-12-01	medium	ticketguatemala.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (64)

	URL	From	Size	First Seen	Last Seen
	ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js?ver=6.4.1	ScriptElement	87 kB	2023-03-07	2025-05-11
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js?ver=6.4.1 IP 142.250.74.42 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 10:59 Times Seen57549 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	ticketguatemala.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/ultimate-params.min.js?ver=3.16.16	ScriptElement	1.1 kB	2023-03-07	2025-05-04
Pretty URL ticketguatemala.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/ultimate-params.min.js?ver=3.16.16 IP 69.175.102.130 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05 Last Seen2025-05-04 13:12 Times Seen132 Hash a24691c4bf1d174a305b5f7ed78b3148 deff525531ecc8c4960768437c64f31f5acf68b3 ab0cdfc06ca24973e56dd55cb9f1742df7a74024031e1f4d9e9e95ffb2c58b48 Loading...

	ticketguatemala.com/wp-content/themes/ticket-guatemala/js/all.js	ScriptElement	1.0 MB	2023-03-07	2024-08-21
Pretty URL ticketguatemala.com/wp-content/themes/ticket-guatemala/js/all.js IP 69.175.102.130 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08 Last Seen2024-08-21 06:15 Times Seen27 Hash a4b28c53f67b8e03ec3df1b4621febba 780a2a78e2d56b931fd23bdae072208d31d1988a 6eef3c5d533d8ff19c43d6da708b03c8ab2631825bf21995a14665d8a8a9d472 Loading...

	ticketguatemala.com/	ScriptElement	3.3 kB	2023-11-11	2024-08-20
Pretty URL ticketguatemala.com/ IP 69.175.102.130 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-11 19:20 Last Seen2024-08-20 19:57 Times Seen5 Hash 5fbc1ba744bf47eafc39826d366cb187 0f9a2ec890420a29ae5d9dcfffcaa6ab1e6a1f59 4ec20978c2fb452404a0e01e645d445925d58c06b5e0c053b72cf1212ba51072 Loading...

	maps.googleapis.com/maps-api-v3/api/js/55/3/map.js	ScriptElement	73 kB	2023-11-30	2023-12-06
Pretty URL maps.googleapis.com/maps-api-v3/api/js/55/3/map.js IP 142.250.74.42 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-30 04:32 Last Seen2023-12-06 19:49 Times Seen317 Hash 243bb45c4744cbda04a2be95db1b16dd 883795e8de2b2c4ee9dabc3193e4a20639306843 8e89cf5feaf942492d02ab197eab24ecae57af44afa54c5a19f32b80e2395740 Loading...

	ticketguatemala.com/	ScriptElement	1.0 kB	2023-03-07	2024-10-13
Pretty URL ticketguatemala.com/ IP 69.175.102.130 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:08 Last Seen2024-10-13 22:37 Times Seen30 Hash 0e5acf52e67188aa2c0790e14a482b0e a1e0faae3a52857714b4fc8e689a1ad299864fdc f3f71c68a1e158d3df1300f3b914a13323ed14b687cab2455ac005a36c6bcec2 Loading...

	www.googletagmanager.com/gtag/js?id=G-R7FC3EL2MJ&l=dataLayer&cx=c	ScriptElement	1.0 kB	2024-08-20	2024-08-20
Pretty URL www.googletagmanager.com/gtag/js?id=G-R7FC3EL2MJ&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 17:09 Last Seen2024-08-20 17:09 Times Seen1 Hash e0d3c9c71a4264cf632a15bc76f4a5e1 9f14fa1259752ad38f252344052525ed0cfbf7b9 eaf16636b49a4e40019c7e7431551fcbcca07bde2bf47b32f4de874e6798f506 Loading...

	unknown	ScriptElement	56 kB	2023-03-07	2023-12-11
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08 Last Seen2023-12-11 20:27 Times Seen26 Hash eb5e186ce29288630ce0716e1036aa93 ff37a6dc29a6c1c74ec67ca0f55fe327d26da278 6b19dbd4a8065d203fbc8f1c6f83bfcfcf181a2e43aeda2599eb70b3d0e050a5 Loading...

	ticketguatemala.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/slick.min.js?ver=3.16.16	ScriptElement	41 kB	2023-03-07	2025-04-07
Pretty URL ticketguatemala.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/slick.min.js?ver=3.16.16 IP 69.175.102.130 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08 Last Seen2025-04-07 14:40 Times Seen40 Hash 4d85c615332d5e23f2a0a3ea3599a79c 39e8ee2f22350d1abff782ec80f3e23aff92b5a5 d8b397b9466a43388937df98e142c322ee70679f8a2d610c462927b3660f362a Loading...

	ticketguatemala.com/wp-content/themes/ticket-guatemala/js/jquery.waypoints.js?a=143	ScriptElement	18 kB	2023-04-07	2025-05-07
Pretty URL ticketguatemala.com/wp-content/themes/ticket-guatemala/js/jquery.waypoints.js?a=143 IP 69.175.102.130 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-07 03:13 Last Seen2025-05-07 10:45 Times Seen175 Hash 30ed3dde3def71daf53e9eb962abd1ab 32080cebe5f848c0e2aafff99986f89d76b2edd3 a9b0e6bbbb73daea003e8a334a022dac19f5b6539cce23bec4addc411b0a6e33 Loading...

	maps.googleapis.com/maps-api-v3/api/js/55/3/onion.js	ScriptElement	27 kB	2023-11-30	2023-12-06
Pretty URL maps.googleapis.com/maps-api-v3/api/js/55/3/onion.js IP 142.250.74.42 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-30 05:08 Last Seen2023-12-06 19:49 Times Seen283 Hash a2d42fe1c670e5f02d792bf944e1908f bf8ddc906459b74128d3484bd64f47eb96b8932e 4b4ccaf9230460e41b89e77a295c73c250a869c7765a509588b013f4feeaa5a2 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf9vuYgAAAAADK-TRm3lkLRHvE9Cly_ywYIFlA8&co=aHR0cHM6Ly90aWNrZXRndWF0ZW1hbGEuY29tOjQ0Mw..&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=6n729f8l13po	ScriptElement	69 B	2023-03-07	2025-05-11
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf9vuYgAAAAADK-TRm3lkLRHvE9Cly_ywYIFlA8&co=aHR0cHM6Ly90aWNrZXRndWF0ZW1hbGEuY29tOjQ0Mw..&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=6n729f8l13po IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 11:00 Times Seen116390 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

	unknown	ScriptElement	8.3 kB	2023-03-07	2023-12-11
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08 Last Seen2023-12-11 20:27 Times Seen26 Hash daa7bcc60dc33841f42b33d1202de9c4 3de6b1b36be9fe36b791ace097e33eab4f621cea a9cfafd7adf794d8c289fc1c84a37edcc93850ca7eea80ed283e4ac8d8ead4b5 Loading...

	ticketguatemala.com/	ScriptElement	169 B	2023-03-07	2024-08-21
Pretty URL ticketguatemala.com/ IP 69.175.102.130 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:08 Last Seen2024-08-21 04:51 Times Seen25 Hash 28d60b437b9e4a2b31268556060b5a2a f2ec54320b40d689f8d45255048d29bb946aa5fd 3d264f87fb1e981565283573d836dc98e7226381bd7172b4ffee2a097ca8440c Loading...

	ticketguatemala.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.5.1	ScriptElement	111 kB	2023-03-07	2024-10-13
Pretty URL ticketguatemala.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.5.1 IP 69.175.102.130 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08 Last Seen2024-10-13 22:37 Times Seen30 Hash a5742574b0618148859d6222ce3cfc3e 9f41b9e5fd4a0ff2c71bbe33b81edd8c35f7fbc7 4e4a1e2eacb294e89e5d65b816f0cbacad823a3c480d90764b7d727112d9ec1a Loading...

	ticketguatemala.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.5.1	ScriptElement	65 kB	2023-03-07	2024-08-21
Pretty URL ticketguatemala.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.5.1 IP 69.175.102.130 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08 Last Seen2024-08-21 04:51 Times Seen27 Hash c67e33f83e885983fa127d661fb75656 c61e7a94b85fd2d17468d63c0a3871a945fc2b31 33e9157f2819e4b59f1d69129361e494f315d863f466ca1c1573aa1f0c4cbbed Loading...

	ticketguatemala.com/	ScriptElement	404 B	2023-03-07	2024-09-19
Pretty URL ticketguatemala.com/ IP 69.175.102.130 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:08 Last Seen2024-09-19 21:09 Times Seen39 Hash e2ebe7f707467788e3908a3c413b534e 806f384e3edf61f8e9d92da1e553525686fdc01c ce247da30ee8d29a6ceb71db3dd483017adbdb97f43aca43a4cb4a6da70e96d8 Loading...

	maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad	ScriptElement	184 kB	2023-12-01	2023-12-01
Pretty URL maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad IP 142.250.74.42 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-01 19:08 Last Seen2023-12-01 23:52 Times Seen4 Hash 0cc976f1c5345348065b0734661a5b19 1212a54039500f629d8c419f27447b2e76c23e45 69fe4deb7c7ad3e4e7add24ab8ecb60452f59768de6a85711f7671fe67338fb4 Loading...

	ticketguatemala.com/	ScriptElement	388 B	2023-03-07	2025-03-18
Pretty URL ticketguatemala.com/ IP 69.175.102.130 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:08 Last Seen2025-03-18 15:53 Times Seen37 Hash edb848904df6da6731adfbe322ddcf93 038a72a9e6c56df145cdebb1e2cfb7dcde6d927d 1e79f5d6c0e0b4476d6bdb347838fac59e7b80255899407e6a6678b93e3a91f6 Loading...

	maps.googleapis.com/maps-api-v3/api/js/55/3/common.js	ScriptElement	261 kB	2023-11-30	2023-12-06
Pretty URL maps.googleapis.com/maps-api-v3/api/js/55/3/common.js IP 142.250.74.42 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-30 01:03 Last Seen2023-12-06 19:49 Times Seen784 Hash 9b44e2e564f70b079e48e73680228d50 21cbe8228939cccbe04d618cc62592abe8168292 862626d7f047d662ba009df71a153f10d6e807f7ef17d0d5127f0bef16e215d7 Loading...

	ticketguatemala.com/wp-content/themes/ticket-guatemala/bootstrap/js/bootstrap.js	ScriptElement	115 kB	2023-03-07	2025-05-10
Pretty URL ticketguatemala.com/wp-content/themes/ticket-guatemala/bootstrap/js/bootstrap.js IP 69.175.102.130 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07 Last Seen2025-05-10 20:58 Times Seen330 Hash d810a38ca2781735a27cba0625a027db 07da27bb41cf623acc959d70b9611d09c01fa5a5 71577fb46a22fa031506bab9c5ddb4640e38ef10a1b4959a11288b41ce4b0757 Loading...

	ticketguatemala.com/	ScriptElement	1.7 kB	2023-03-07	2024-08-21
Pretty URL ticketguatemala.com/ IP 69.175.102.130 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:08 Last Seen2024-08-21 04:51 Times Seen25 Hash 5e39ed79be0845cfc52389f12f35adfa e6af7e12bae87432b146c286b4bb95c4d6b8d2e0 51673ecc4b68ff2bb5215a7e4e3c89acd8c275464f32e1b336a4c9654f791ca8 Loading...

	ticketguatemala.com/	ScriptElement	935 B	2023-03-07	2024-08-21
Pretty URL ticketguatemala.com/ IP 69.175.102.130 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:08 Last Seen2024-08-21 04:51 Times Seen25 Hash 9f8fe3049d5e255d0749f5171c0d5e2f 91ba226145e0fdb3380ead11f916130a5f6b4cdd e6b8dc02ed79e9ed63e15a964a3431fd0c4da8d93222abae912178fd7294ed7f Loading...

	ticketguatemala.com/sandbox%20eval%20code		147 B	2023-04-11	2025-05-11
Pretty URL ticketguatemala.com/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-11 11:00 Times Seen341888 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	maps.googleapis.com/maps-api-v3/api/js/55/3/util.js	ScriptElement	177 kB	2023-11-30	2023-12-06
Pretty URL maps.googleapis.com/maps-api-v3/api/js/55/3/util.js IP 142.250.74.42 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-30 01:03 Last Seen2023-12-06 19:49 Times Seen783 Hash 90e04afddd95ef43014450cadb771307 84382d86cb0b94bebef21276b757402c80a49950 416d94f82831298c634952e55392f6a187d52da70fe49083b99af1755bde4615 Loading...

	ticketguatemala.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2	ScriptElement	8.2 kB	2023-03-13	2025-05-11
Pretty URL ticketguatemala.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2 IP 69.175.102.130 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:32 Last Seen2025-05-11 10:26 Times Seen29751 Hash dda652db133fddb9b80a05c6d1b5c540 60c8514c57a5db2980c4b046b0dd479bd427357b c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4 Loading...

	ticketguatemala.com/wp-content/themes/ticket-guatemala/bootstrap/js/popper.min.js	ScriptElement	20 kB	2023-03-07	2025-05-02
Pretty URL ticketguatemala.com/wp-content/themes/ticket-guatemala/bootstrap/js/popper.min.js IP 69.175.102.130 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07 Last Seen2025-05-02 10:38 Times Seen186 Hash 84910d80281fc6b554f4ae2d14612494 af6f046adaab7e1501adee034fb7c366b8c059fc 106b3d4f5c4c1ddbccd6078cf233e9a28f04675575551b26709cfc381c8434b0 Loading...

	ticketguatemala.com/	ScriptElement	1.3 kB	2024-08-20	2024-08-20
Pretty URL ticketguatemala.com/ IP 69.175.102.130 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 17:09 Last Seen2024-08-20 17:09 Times Seen1 Hash ff7fcb4698104e8e8e9bd4aa7bca4cf2 9512802c4fd4cf104f446e3febfe3f9b27aef16a 6f8bd31b8f5dccb906eb6678ff7daf295be0b0fca1a4a8ba170cc683e9a79f5b Loading...

	unknown	ScriptElement	29 kB	2023-03-07	2023-12-11
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08 Last Seen2023-12-11 20:27 Times Seen26 Hash 64bd86b1ce810d65855c3a109560fd7c 515936eb400c632fc49d975d00c88b9a7b57ae22 de34850653caab875f9e46ee46c3ba707fb6839665d315ea1a90455383d93360 Loading...

	unknown	ScriptElement	26 kB	2023-03-07	2023-12-11
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08 Last Seen2023-12-11 20:27 Times Seen26 Hash 1882b2cf47d04905889dbdb7903ed023 eda2c886e64854263f9072dd07c35a9516c82fe9 d3dfa5802adf9630b7c4bd2f637628f436cffb56eca632b12f7811caa0f8cc76 Loading...

	ticketguatemala.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/slick-custom.min.js?ver=3.16.16	ScriptElement	3.1 kB	2023-03-07	2025-04-07
Pretty URL ticketguatemala.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/slick-custom.min.js?ver=3.16.16 IP 69.175.102.130 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08 Last Seen2025-04-07 14:40 Times Seen37 Hash 338334dd8712e5e5f9f9f14aa3af8254 c28f963a2729697c5e5ca9e943d45e8dd0b18da8 80ba9ff0ae6bed637c7287db558b6fcdaa8f8447aab6e8d041b3c9eae500f7dd Loading...

	ticketguatemala.com/wp-content/themes/ticket-guatemala/js/jquery-ui.js	ScriptElement	521 kB	2023-03-07	2025-05-10
Pretty URL ticketguatemala.com/wp-content/themes/ticket-guatemala/js/jquery-ui.js IP 69.175.102.130 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-10 22:15 Times Seen3504 Hash ab5284de5e3d221e53647fd348e5644b 75c20acdc6cbc6334fe2b918ab7afeec007f969e 4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d Loading...

	ticketguatemala.com/	ScriptElement	1.3 kB	2024-08-20	2024-08-20
Pretty URL ticketguatemala.com/ IP 69.175.102.130 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 17:09 Last Seen2024-08-20 17:09 Times Seen1 Hash 46221063674bb60c17631921a08c0268 2ce012536f6c3dbaf54da0185d259a2399ee2906 b70c6df98730392816510096080099ae61d408ef5bc7ba0ee9c718a31a2dfcaa Loading...

	ticketguatemala.com/	ScriptElement	1.3 kB	2024-08-20	2024-08-20
Pretty URL ticketguatemala.com/ IP 69.175.102.130 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 17:09 Last Seen2024-08-20 17:09 Times Seen1 Hash b0fba9b444553c11be191d5c74a93fcd 61a59f59000115e4366a1499cd7a72c34d397e04 824018060b15482039f361d549cdbf7bf00c45886eddbae81042532c2699a1b7 Loading...

	www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js	ScriptElement	476 kB	2023-11-14	2024-08-20
Pretty URL www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js IP 142.250.74.131 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-14 09:02 Last Seen2024-08-20 19:39 Times Seen12206 Hash 23b9dd721490a4062ba8d01454ef6ba9 efdbb7331585411f7d397dacbf51fd3e95f3031d 4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7 Loading...

	ticketguatemala.com/	ScriptElement	527 B	2023-03-07	2024-08-21
Pretty URL ticketguatemala.com/ IP 69.175.102.130 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:08 Last Seen2024-08-21 04:51 Times Seen26 Hash 5e393a56aea20c178834d5264d190d9f 7c993cdaa0be0f591f0591763975257e535561eb 5ce3d657195dece43bb91ad50cf531819d27b0a3d7c3f7b792431d3fad92cd30 Loading...

	ticketguatemala.com/	ScriptElement	772 B	2023-03-07	2024-08-21
Pretty URL ticketguatemala.com/ IP 69.175.102.130 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:08 Last Seen2024-08-21 04:51 Times Seen29 Hash 88752722ca6f313366fb4ac7a5e47b59 fbaaeaf266e2357736c8644cf1dab978e84b5506 a3cdf3434e408d7cddeaf6e32a8979d4891f06429ebb9634230ff40484fefb8c Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-05-11
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-11 11:00 Times Seen341086 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d15439.856761995972!2d-90.56565376371276!3d14.657973695636485!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x8589a1d7b63c9157%3A0xe0639e408f79cffb!2sZona+4+de+Mixco%2C+Guatemala!5e0!3m2!1ses!2sgt!4v1551282766790	ScriptElement	0 B	0001-01-01	2025-05-11
Pretty URL www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d15439.856761995972!2d-90.56565376371276!3d14.657973695636485!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x8589a1d7b63c9157%3A0xe0639e408f79cffb!2sZona+4+de+Mixco%2C+Guatemala!5e0!3m2!1ses!2sgt!4v1551282766790 IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-11 11:00 Times Seen4653607 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	maps.googleapis.com/maps-api-v3/api/js/55/3/log.js	ScriptElement	33 kB	2023-12-01	2023-12-06
Pretty URL maps.googleapis.com/maps-api-v3/api/js/55/3/log.js IP 142.250.74.42 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-01 19:08 Last Seen2023-12-06 10:50 Times Seen7 Hash cb2b042885604611e30ae0ec6140c9ce 51928801e4bf03ee47fc9a7bbe6f8cd29580291b 2909c7558041cdd5fec60833c2f3b147eb3928785fbe6e9b88400b6c68771620 Loading...

	ticketguatemala.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/jquery-appear.min.js?ver=3.16.16	ScriptElement	1.4 kB	2023-03-07	2025-05-04
Pretty URL ticketguatemala.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/jquery-appear.min.js?ver=3.16.16 IP 69.175.102.130 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05 Last Seen2025-05-04 13:12 Times Seen127 Hash 82ecd80a230f5845e8a1859e606ff600 9e3298b409824a8c1031ca2fabba5b1973cd8384 ed5b0f10d76535a66cf69210fb0656ada3621dc0eaad98f13dc37eed471cb728 Loading...

	ticketguatemala.com/wp-content/themes/ticket-guatemala/js/scripts.js?a=143	ScriptElement	1.9 kB	2023-03-07	2023-12-11
Pretty URL ticketguatemala.com/wp-content/themes/ticket-guatemala/js/scripts.js?a=143 IP 69.175.102.130 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08 Last Seen2023-12-11 20:27 Times Seen25 Hash db158fad3382915ab0a5b6264e4c645a 755072692c664f5a1e48e0fd2f17c670615dfb8a e4eada69f44135cb117e78237d257085e709fddee7ab90b842cc6fddc860cee0 Loading...

	ticketguatemala.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.7	ScriptElement	13 kB	2023-03-29	2025-05-10
Pretty URL ticketguatemala.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.7 IP 69.175.102.130 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:17 Last Seen2025-05-10 22:52 Times Seen12562 Hash 5bc2b1fa970f9cecb3c30c0c92c98271 7c6bb87aaa24714b7b3b3c86dd932736a80270a9 1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e Loading...

	www.google.com/recaptcha/api.js?render=6Lf9vuYgAAAAADK-TRm3lkLRHvE9Cly_ywYIFlA8&ver=3.0	ScriptElement	884 B	2023-11-23	2024-08-20
Pretty URL www.google.com/recaptcha/api.js?render=6Lf9vuYgAAAAADK-TRm3lkLRHvE9Cly_ywYIFlA8&ver=3.0 IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-23 09:40 Last Seen2024-08-20 18:11 Times Seen6 Hash a194131ce4afad73fe0478d01604ad89 7c0077e73bbc4d6ff45d4b9a1f02f6c1bd341390 247ad406f7835e0362116a81be21424684af976a3d2adcd9501d45b349c45286 Loading...

	ticketguatemala.com/	ScriptElement	133 B	2023-07-14	2024-08-21
Pretty URL ticketguatemala.com/ IP 69.175.102.130 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-14 08:19 Last Seen2024-08-21 04:51 Times Seen25 Hash b688f10bc05b7f4c536d4bed34c5c7f5 3dcb27870e9d2b6b51d2f942370e1bfecd86f9e6 1cd701efe418bcc1a2ef7c5c040e727a38781703456ac27a8674fd5b30eda406 Loading...

	ticketguatemala.com/	ScriptElement	167 B	2023-03-07	2024-08-21
Pretty URL ticketguatemala.com/ IP 69.175.102.130 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:08 Last Seen2024-08-21 04:51 Times Seen25 Hash 9b660ac4075f15b0572eefce0cc4e27b 9f7cac3c9385657d916ac66e029609143fe4defc b3d103c53ba783e658758befd2fd54fd7604a9a09248548785b6949a00b1c132 Loading...

	www.googletagmanager.com/gtag/js?id=UA-117943913-1	ScriptElement	192 kB	2023-12-01	2023-12-01
Pretty URL www.googletagmanager.com/gtag/js?id=UA-117943913-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-01 19:08 Last Seen2023-12-01 19:08 Times Seen1 Hash 5562f412888bc5972747243b7fa489fe 4d76041de4a1f0408abf21b718b682880fd45015 72a6c6d07e004c1c9d60e02522631d9621d5f4e0787942c5c9b07e09ded2507c Loading...

	ticketguatemala.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0	ScriptElement	115 kB	2023-11-03	2025-05-10
Pretty URL ticketguatemala.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 IP 69.175.102.130 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-03 09:26 Last Seen2025-05-10 18:00 Times Seen9665 Hash 9a98016751e498c06d434cc022ca1a44 6aa9af5fe436eab9c313de9f0bea072c04637624 da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8 Loading...

	ticketguatemala.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0	ScriptElement	6.6 kB	2023-11-03	2025-05-10
Pretty URL ticketguatemala.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0 IP 69.175.102.130 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-03 09:26 Last Seen2025-05-10 18:00 Times Seen16994 Hash fd7ef2e4737acd74fd0dcdc3b515e304 0d792b33f12a48ee8aaaf2560a63a5682470645b 1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c Loading...

	ticketguatemala.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/content-box.min.js?ver=3.16.16	ScriptElement	1.8 kB	2023-03-07	2025-01-10
Pretty URL ticketguatemala.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/content-box.min.js?ver=3.16.16 IP 69.175.102.130 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08 Last Seen2025-01-10 20:36 Times Seen40 Hash d27c232074bc4cb0163435b9304e4355 188f37c32fde29c1de5436441648c40e4ca3d872 7acfbf7a478c51dd873d4479570a8717bf08b03153b457a74939c337d4541219 Loading...

	ticketguatemala.com/wp-content/plugins/js_composer/assets/lib/bower/skrollr/dist/skrollr.min.js?ver=5.7	ScriptElement	13 kB	2023-03-07	2025-05-10
Pretty URL ticketguatemala.com/wp-content/plugins/js_composer/assets/lib/bower/skrollr/dist/skrollr.min.js?ver=5.7 IP 69.175.102.130 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:42 Last Seen2025-05-10 20:58 Times Seen242 Hash c8bdfc99c3ad3718bbe2e93ee25f2db5 722bc6b1a4fdeae2440d71072d1499cfb0583c34 ad44888e6834dd14372d63691245513cda17cad9bb7f5ac9df10163ba83108f7 Loading...

	maps.gstatic.com/maps-api-v3/embed/js/55/3/init_embed.js	ScriptElement	232 kB	2023-11-30	2023-12-06
Pretty URL maps.gstatic.com/maps-api-v3/embed/js/55/3/init_embed.js IP 142.250.74.163 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-30 05:08 Last Seen2023-12-06 19:49 Times Seen268 Hash 0f250ad3a2691ddbd832b75bca4a44be 23e54c1b4cb0c03b4f17d1f56ea74ae74925d60e 40c4591ccf3a569b4db8a939842cefcff28dd8b74d2a1fab68591d7e0c7bbc7e Loading...

	ticketguatemala.com/	ScriptElement	87 B	2023-03-07	2025-05-11
Pretty URL ticketguatemala.com/ IP 69.175.102.130 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:06 Last Seen2025-05-11 11:00 Times Seen6997 Hash bd5f648f4fa75f28b17faffe66049687 c9c2791b295684a919a2bfd7b7e2ef5aab3c178a 1a4ba4a340b3f30596d32c1b272ddcfdbf3ccb8e89c2fa917ea60469017aeee4 Loading...

	ticketguatemala.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.7.7	ScriptElement	999 B	2023-03-07	2025-05-11
Pretty URL ticketguatemala.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.7.7 IP 69.175.102.130 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11 Last Seen2025-05-11 09:54 Times Seen2687 Hash 6a0e8318d42803736d2fafcc12238026 c955314a7e0a9a9871329b0f042c8f0b5df49a78 2648a1333fa24d383fd73a6beaac17156ae78f4267ff7407ad60e05a788df44c Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf9vuYgAAAAADK-TRm3lkLRHvE9Cly_ywYIFlA8&co=aHR0cHM6Ly90aWNrZXRndWF0ZW1hbGEuY29tOjQ0Mw..&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=6n729f8l13po	ScriptElement	52 kB	2024-08-20	2024-08-20
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf9vuYgAAAAADK-TRm3lkLRHvE9Cly_ywYIFlA8&co=aHR0cHM6Ly90aWNrZXRndWF0ZW1hbGEuY29tOjQ0Mw..&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=6n729f8l13po IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 17:09 Last Seen2024-08-20 17:09 Times Seen1 Hash b37584fa34f49263268dc91d79e1f2f0 68e7acc2323bf3b6f5036085d5ce5089989f7f57 f93fabacabfbaf2361af7efd1947e09cb1d438a6b12de862684b4ab35202c4cd Loading...

	maps.googleapis.com/maps-api-v3/api/js/55/3/search_impl.js	ScriptElement	3.1 kB	2023-11-30	2023-12-06
Pretty URL maps.googleapis.com/maps-api-v3/api/js/55/3/search_impl.js IP 142.250.74.42 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-30 05:08 Last Seen2023-12-06 19:49 Times Seen244 Hash 8a50e9517370067b769dfec46e31ae66 55d249979875100ad3d8bbb6b7b0f7b02d280346 0e8c45740f76c7936f760b7ac176a2517c8b6d176231f3d541d67321f9eeea45 Loading...

	ticketguatemala.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.7	ScriptElement	10 kB	2023-03-29	2025-05-10
Pretty URL ticketguatemala.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.7 IP 69.175.102.130 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:17 Last Seen2025-05-10 22:52 Times Seen5617 Hash 7be65ac27024c7b5686f9d7c49690799 241ada4a86443adc5623d1a3a8018a96d9de6d5a 52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84 Loading...

	ticketguatemala.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.7	ScriptElement	20 kB	2023-03-07	2025-05-10
Pretty URL ticketguatemala.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.7 IP 69.175.102.130 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-10 17:59 Times Seen595 Hash 9d22f9409c43e4abec30c88531a5c5df 277c5fa5e6412254b72c12d4cdbc8a8063c2f854 2c0bcb73a9ca9483f3d74255ce1a77f5fbc491f09a5516929e55b4c38c2e9ecd Loading...

	maps.googleapis.com/maps-api-v3/api/js/55/3/overlay.js	ScriptElement	3.4 kB	2023-11-30	2023-12-06
Pretty URL maps.googleapis.com/maps-api-v3/api/js/55/3/overlay.js IP 142.250.74.42 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-30 05:08 Last Seen2023-12-06 19:49 Times Seen268 Hash 59f3386eebf333dba7982e068e01b797 1f2099e6adddee067e3f2349f27b059d5dd38537 57b27ca34a0a4f104113f302a891f3b0c37fd849b34512e9e52e0084d0523516 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 69a9f847ba010701693104aba685c21d	23 kB	2024-08-20 17:09	2024-08-20 17:09
Pretty Observations First Seen2024-08-20 17:09 Last Seen2024-08-20 17:09 Times Seen1 Hash 69a9f847ba010701693104aba685c21d a294c9258dc8f98f83a4b896d4655c7c007ea008 e3066c8eff95ca9d595c7911eebcc2726d66799e44db5012356e2dd10ad065c7 Loading...

	#2 Eval - a6e63655cf53028fde49ad2dea63ba8c	22 B	2023-11-18 09:03	2024-08-20 18:57
Pretty Observations First Seen2023-11-18 09:03 Last Seen2024-08-20 18:57 Times Seen2434 Hash a6e63655cf53028fde49ad2dea63ba8c 15f5f5baa58633fca42ff77e3a1c4a4970263ce4 5ff8f2431dc587e0315fb8ee39864fce7b5302f97fa95dcea284f181051e1b0b Loading...

	#3 Eval - 86fb57c70ef7d70326609c71cd43927c	17 kB	2023-11-18 09:03	2024-08-20 18:57
Pretty Observations First Seen2023-11-18 09:03 Last Seen2024-08-20 18:57 Times Seen2433 Hash 86fb57c70ef7d70326609c71cd43927c aec6755b7f02d203affa5a6d3c9f2f8cc02e771a cebccfc98253a8fd5ee42a5467a15577f96302c6218f13ef74e5feeda9131e20 Loading...

	#4 Eval - b8ef0c626a3799d61c2f5dfb72c83026	22 B	2023-11-18 09:03	2024-08-20 18:57
Pretty Observations First Seen2023-11-18 09:03 Last Seen2024-08-20 18:57 Times Seen2429 Hash b8ef0c626a3799d61c2f5dfb72c83026 998bdbd8494bcca0c83c7908943f57fe73d997c7 abf66c99bd5fc27402a011915567ef30148f986e622d8cf7d1e7151353ddc8de Loading...

	#5 Eval - 628db24acc009d86f2438167bb5313dc	64 B	2023-11-18 09:03	2024-08-20 18:57
Pretty Observations First Seen2023-11-18 09:03 Last Seen2024-08-20 18:57 Times Seen2436 Hash 628db24acc009d86f2438167bb5313dc 8fbaee6a7b0d206711008ff0fbe43f120c5e109a a507aca4961371f71975d2a64e3897947cd0f0e86beefeb863e486192d0c7b62 Loading...

HTTP Transactions (111)

URL IP Response Size

ticketguatemala.com/hoja-de-respuestas-kostick-pdf-free/

69.175.102.130

302 Found

0 B

URL User Request GET HTTP/2
ticketguatemala.com/hoja-de-respuestas-kostick-pdf-free/
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /hoja-de-respuestas-kostick-pdf-free/ HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
x-powered-by: PHP/7.4.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
x-redirect-by: WordPress
location: https://ticketguatemala.com
content-length: 0
date: Fri, 01 Dec 2023 18:07:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

ticketguatemala.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.7

69.175.102.130

200 OK

878 B

URL GET HTTP/3
ticketguatemala.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.7
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
ASCII text
Size
878 B (878 bytes)
Hash
0e4a098f3f6e3faede64db8b9da80ba2
65b9b3c849f3fbdd783ddbfb183616ff55c7ee53
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.7 HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: max-age=1333600, public
expires: Fri, 08 Dec 2023 18:07:48 GMT
content-type: text/css
last-modified: Tue, 11 Jul 2023 21:05:40 GMT
etag: "064adc424-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 878
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-content/themes/ticket-guatemala/bootstrap/css/bootstrap.css

69.175.102.130

200 OK

20 kB

URL GET HTTP/3
ticketguatemala.com/wp-content/themes/ticket-guatemala/bootstrap/css/bootstrap.css
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
ASCII text
Size
20 kB (20425 bytes)
Hash
d59729439a203fc474f5677b8d18d8bb
2ce613073db4961ad118ac063421eb62cefc426e
8c1a4c25634d5841924aab1848acc9dcbc3d5672183053c8b71ff2139b65d7c3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ticket-guatemala/bootstrap/css/bootstrap.css HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: max-age=1333600, public
expires: Fri, 08 Dec 2023 18:07:48 GMT
content-type: text/css
last-modified: Tue, 19 Feb 2019 14:34:52 GMT
etag: "05c6c140c-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 20425
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-content/themes/ticket-guatemala/style.css?v=800

69.175.102.130

200 OK

4.7 kB

URL GET HTTP/3
ticketguatemala.com/wp-content/themes/ticket-guatemala/style.css?v=800
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
ASCII text
Size
4.7 kB (4665 bytes)
Hash
776e550c09a3ec23a6306fcd0f371b40
53bc390b0bdc4e1999b37a6fcc69fa2eec6070dc
ce565125a8407c1dfac285f178d899ccaea341df61c051ac12c34e17852b23a1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ticket-guatemala/style.css?v=800 HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: max-age=1333600, public
expires: Fri, 08 Dec 2023 18:07:48 GMT
content-type: text/css
last-modified: Fri, 15 Mar 2019 14:19:19 GMT
etag: "05c8bb467-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4665
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.7

69.175.102.130

200 OK

2.9 kB

URL GET HTTP/3
ticketguatemala.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.7
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
ASCII text, with very long lines (10241), with no line terminators
Size
2.9 kB (2894 bytes)
Hash
7be65ac27024c7b5686f9d7c49690799
241ada4a86443adc5623d1a3a8018a96d9de6d5a
52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.7 HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: max-age=1333600, public
expires: Fri, 08 Dec 2023 18:07:48 GMT
content-type: application/javascript
last-modified: Tue, 11 Jul 2023 21:05:40 GMT
etag: "064adc424-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2894
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.1

69.175.102.130

200 OK

14 kB

URL GET HTTP/3
ticketguatemala.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.1
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
ASCII text, with very long lines (57084)
Size
14 kB (13607 bytes)
Hash
99ab466e0866c823ae5db517d59cebd1
5595a586cbd42b31377681b9d35293278d75d336
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.4.1 HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: max-age=1333600, public
expires: Fri, 08 Dec 2023 18:07:48 GMT
content-type: text/css
last-modified: Wed, 08 Nov 2023 07:19:01 GMT
etag: "0654b3665-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 13607
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js?ver=6.4.1

142.250.74.42

200 OK

30 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js?ver=6.4.1
IP
142.250.74.42:443
ASN
#15169 GOOGLE

Requested by
https://ticketguatemala.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (65451)
Size
30 kB (30399 bytes)
Hash
a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

HTTP Headers

GET /ajax/libs/jquery/3.3.1/jquery.min.js?ver=6.4.1 HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:59:20 GMT
expires: Fri, 29 Nov 2024 05:59:20 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 130108
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ticketguatemala.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.5.1

69.175.102.130

200 OK

6.9 kB

URL GET HTTP/3
ticketguatemala.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.5.1
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
ASCII text, with very long lines (29701), with CRLF, CR line terminators
Size
6.9 kB (6870 bytes)
Hash
7185f3e60081413853223cf98b516849
0fd5a03b8d3af0bf1689da079d5081baf5a863fd
205bc92483f9fad148adf5dfd3171cf713614f10738dc71d018cb4fbc5de3b18

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.5.1 HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: max-age=1333600, public
expires: Fri, 08 Dec 2023 18:07:48 GMT
content-type: text/css
last-modified: Thu, 19 Oct 2017 23:18:18 GMT
etag: "059e932ba-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6870
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

www.googletagmanager.com/gtag/js?id=UA-117943913-1

142.250.74.168

200 OK

69 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-117943913-1
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://ticketguatemala.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (4179)
Size
69 kB (69100 bytes)
Hash
5562f412888bc5972747243b7fa489fe
4d76041de4a1f0408abf21b718b682880fd45015
72a6c6d07e004c1c9d60e02522631d9621d5f4e0787942c5c9b07e09ded2507c

HTTP Headers

GET /gtag/js?id=UA-117943913-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 01 Dec 2023 18:07:48 GMT
expires: Fri, 01 Dec 2023 18:07:48 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 69100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ticketguatemala.com/wp-content/themes/ticket-guatemala/css/animate.css

69.175.102.130

302 Found

0 B

URL GET HTTP/3
ticketguatemala.com/wp-content/themes/ticket-guatemala/css/animate.css
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ticket-guatemala/css/animate.css HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
x-powered-by: PHP/7.4.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
x-redirect-by: WordPress
location: https://ticketguatemala.com
content-length: 0
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-content/themes/ticket-guatemala/css/icons.css?v=1062

69.175.102.130

302 Found

0 B

URL GET HTTP/3
ticketguatemala.com/wp-content/themes/ticket-guatemala/css/icons.css?v=1062
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ticket-guatemala/css/icons.css?v=1062 HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
x-powered-by: PHP/7.4.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
x-redirect-by: WordPress
location: https://ticketguatemala.com
content-length: 0
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

ticketguatemala.com/wp-content/themes/ticket-guatemala/css/jquery-ui.css

69.175.102.130

302 Found

0 B

URL GET HTTP/3
ticketguatemala.com/wp-content/themes/ticket-guatemala/css/jquery-ui.css
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ticket-guatemala/css/jquery-ui.css HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
x-powered-by: PHP/7.4.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
x-redirect-by: WordPress
location: https://ticketguatemala.com
content-length: 0
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.7

69.175.102.130

200 OK

42 kB

URL GET HTTP/3
ticketguatemala.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.7
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
42 kB (41860 bytes)
Hash
1d631ff6e5e0c48d06c17e294924c762
94d01897df7c13fd9d5eef562dca4873488cc9d4
18fd322583b992be8df5cc0713fee5fc2ec1f43004f1d838cfe1a76d49cb8f4a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.7 HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: max-age=1333600, public
expires: Fri, 08 Dec 2023 18:07:48 GMT
content-type: text/css
last-modified: Wed, 20 Feb 2019 21:06:12 GMT
etag: "05c6dc144-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 41860
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-content/plugins/Ultimate_VC_Addons/assets/css/icons.css?ver=3.16.16

69.175.102.130

200 OK

399 B

URL GET HTTP/3
ticketguatemala.com/wp-content/plugins/Ultimate_VC_Addons/assets/css/icons.css?ver=3.16.16
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
ASCII text, with CRLF line terminators
Size
399 B (399 bytes)
Hash
d1bf2259b160993796fa278c4a652c72
1c19c51cd93f6bb7243b486b5dc7d7ecd4111b75
e18a7e7c066be5b361790012308feff237d8d95a175feee93f5304efbaf1651c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/Ultimate_VC_Addons/assets/css/icons.css?ver=3.16.16 HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: max-age=1333600, public
expires: Fri, 08 Dec 2023 18:07:48 GMT
content-type: text/css
last-modified: Tue, 29 Aug 2017 18:35:00 GMT
etag: "059a5b3d4-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 399
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/slick.min.css?ver=3.16.16

69.175.102.130

200 OK

1.3 kB

URL GET HTTP/3
ticketguatemala.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/slick.min.css?ver=3.16.16
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
Unicode text, UTF-8 text, with very long lines (5873), with no line terminators
Size
1.3 kB (1341 bytes)
Hash
9e8851331f2d9dcc8138b66061485dbe
eefe09d4e3f0a726cb8eb23eff73a0e335e30377
08f9294ce040b6e950f5db0097ba81c6324da28898040b1d68fce6f24c500f6e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-css/slick.min.css?ver=3.16.16 HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: max-age=1333600, public
expires: Fri, 08 Dec 2023 18:07:48 GMT
content-type: text/css
last-modified: Tue, 29 Aug 2017 18:35:02 GMT
etag: "059a5b3d6-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1341
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/style.min.css?ver=3.16.16

69.175.102.130

200 OK

2.6 kB

URL GET HTTP/3
ticketguatemala.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/style.min.css?ver=3.16.16
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
ASCII text, with very long lines (13120), with no line terminators
Size
2.6 kB (2589 bytes)
Hash
67385345a1395ce7c2c7202a63891eb8
a2cbbe857d54e0c2da234a63652fda5117a50832
55353f4713fab9442fe0da38dfa31dc6cb42cb8a292eff287bb3e148f3c70918

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-css/style.min.css?ver=3.16.16 HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: max-age=1333600, public
expires: Fri, 08 Dec 2023 18:07:48 GMT
content-type: text/css
last-modified: Tue, 29 Aug 2017 18:35:02 GMT
etag: "059a5b3d6-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2589
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/content-box.min.css?ver=3.16.16

69.175.102.130

200 OK

148 B

URL GET HTTP/3
ticketguatemala.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/content-box.min.css?ver=3.16.16
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
ASCII text, with very long lines (527), with no line terminators
Size
148 B (148 bytes)
Hash
2b3999f7f11f2d5f6429f4b157167af5
7cade342040be3e5a38567c42d6a235397382a57
471305053bd0c57130556ddb916a7a2e971657dc03c2ac2dc05155c6883fa4be

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-css/content-box.min.css?ver=3.16.16 HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: max-age=1333600, public
expires: Fri, 08 Dec 2023 18:07:48 GMT
content-type: text/css
last-modified: Tue, 29 Aug 2017 18:35:00 GMT
etag: "059a5b3d4-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 148
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-content/uploads/smile_fonts/Defaults/Defaults.css?ver=6.4.1

69.175.102.130

200 OK

4.5 kB

URL GET HTTP/3
ticketguatemala.com/wp-content/uploads/smile_fonts/Defaults/Defaults.css?ver=6.4.1
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
ASCII text, with very long lines (27639), with no line terminators
Size
4.5 kB (4453 bytes)
Hash
36ea4805809e6b690c2f5126a0808297
4531470deab3efd0b8499f29a323a1b45f0efced
4354449ab7a164ef5486d12020f3bc403b8ff104a8da73e9f9332106b86b061c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/smile_fonts/Defaults/Defaults.css?ver=6.4.1 HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: max-age=1333600, public
expires: Fri, 08 Dec 2023 18:07:48 GMT
content-type: text/css
last-modified: Tue, 19 Feb 2019 14:18:39 GMT
etag: "05c6c103f-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4453
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/animate.min.css?ver=3.16.16

69.175.102.130

200 OK

5.3 kB

URL GET HTTP/3
ticketguatemala.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/animate.min.css?ver=3.16.16
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
ASCII text, with very long lines (64385), with CRLF line terminators
Size
5.3 kB (5315 bytes)
Hash
9de78c593950f1caca6e6068cb353f92
707dbccc34027929a9bbef5f4a16cb8dc38f4d27
fdf1f6b74140e75ff45ecec7fe84540a6c0c2f307946e99cddb1d70da6811654

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-css/animate.min.css?ver=3.16.16 HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: max-age=1333600, public
expires: Fri, 08 Dec 2023 18:07:48 GMT
content-type: text/css
last-modified: Tue, 29 Aug 2017 18:35:00 GMT
etag: "059a5b3d4-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5315
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.5.1

69.175.102.130

200 OK

37 kB

URL GET HTTP/3
ticketguatemala.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.5.1
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
ASCII text, with very long lines (27287), with CRLF, CR line terminators
Size
37 kB (37073 bytes)
Hash
a5742574b0618148859d6222ce3cfc3e
9f41b9e5fd4a0ff2c71bbe33b81edd8c35f7fbc7
4e4a1e2eacb294e89e5d65b816f0cbacad823a3c480d90764b7d727112d9ec1a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.5.1 HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: max-age=1333600, public
expires: Fri, 08 Dec 2023 18:07:48 GMT
content-type: application/javascript
last-modified: Thu, 19 Oct 2017 23:18:18 GMT
etag: "059e932ba-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 37073
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/ultimate-params.min.js?ver=3.16.16

69.175.102.130

200 OK

443 B

URL GET HTTP/3
ticketguatemala.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/ultimate-params.min.js?ver=3.16.16
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
HTML document, ASCII text, with very long lines (1112), with no line terminators
Size
443 B (443 bytes)
Hash
a24691c4bf1d174a305b5f7ed78b3148
deff525531ecc8c4960768437c64f31f5acf68b3
ab0cdfc06ca24973e56dd55cb9f1742df7a74024031e1f4d9e9e95ffb2c58b48

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-js/ultimate-params.min.js?ver=3.16.16 HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: max-age=1333600, public
expires: Fri, 08 Dec 2023 18:07:48 GMT
content-type: application/javascript
last-modified: Tue, 29 Aug 2017 18:35:10 GMT
etag: "059a5b3de-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 443
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.5.1

69.175.102.130

200 OK

17 kB

URL GET HTTP/3
ticketguatemala.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.5.1
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
ASCII text, with very long lines (64561), with CRLF, CR line terminators
Size
17 kB (17286 bytes)
Hash
c67e33f83e885983fa127d661fb75656
c61e7a94b85fd2d17468d63c0a3871a945fc2b31
33e9157f2819e4b59f1d69129361e494f315d863f466ca1c1573aa1f0c4cbbed

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.5.1 HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: max-age=1333600, public
expires: Fri, 08 Dec 2023 18:07:48 GMT
content-type: application/javascript
last-modified: Thu, 19 Oct 2017 23:18:18 GMT
etag: "059e932ba-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 17286
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/slick.min.js?ver=3.16.16

69.175.102.130

200 OK

9.8 kB

URL GET HTTP/3
ticketguatemala.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/slick.min.js?ver=3.16.16
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
ASCII text, with very long lines (31975)
Size
9.8 kB (9766 bytes)
Hash
4d85c615332d5e23f2a0a3ea3599a79c
39e8ee2f22350d1abff782ec80f3e23aff92b5a5
d8b397b9466a43388937df98e142c322ee70679f8a2d610c462927b3660f362a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-js/slick.min.js?ver=3.16.16 HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: max-age=1333600, public
expires: Fri, 08 Dec 2023 18:07:48 GMT
content-type: application/javascript
last-modified: Tue, 29 Aug 2017 18:35:10 GMT
etag: "059a5b3de-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9766
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/jquery-appear.min.js?ver=3.16.16

69.175.102.130

200 OK

565 B

URL GET HTTP/3
ticketguatemala.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/jquery-appear.min.js?ver=3.16.16
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
ASCII text, with very long lines (1430), with no line terminators
Size
565 B (565 bytes)
Hash
82ecd80a230f5845e8a1859e606ff600
9e3298b409824a8c1031ca2fabba5b1973cd8384
ed5b0f10d76535a66cf69210fb0656ada3621dc0eaad98f13dc37eed471cb728

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-js/jquery-appear.min.js?ver=3.16.16 HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: max-age=1333600, public
expires: Fri, 08 Dec 2023 18:07:48 GMT
content-type: application/javascript
last-modified: Tue, 29 Aug 2017 18:35:08 GMT
etag: "059a5b3dc-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 565
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/slick-custom.min.js?ver=3.16.16

69.175.102.130

200 OK

747 B

URL GET HTTP/3
ticketguatemala.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/slick-custom.min.js?ver=3.16.16
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
HTML document, ASCII text, with very long lines (3133), with no line terminators
Size
747 B (747 bytes)
Hash
338334dd8712e5e5f9f9f14aa3af8254
c28f963a2729697c5e5ca9e943d45e8dd0b18da8
80ba9ff0ae6bed637c7287db558b6fcdaa8f8447aab6e8d041b3c9eae500f7dd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-js/slick-custom.min.js?ver=3.16.16 HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: max-age=1333600, public
expires: Fri, 08 Dec 2023 18:07:48 GMT
content-type: application/javascript
last-modified: Tue, 29 Aug 2017 18:35:10 GMT
etag: "059a5b3de-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 747
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-content/themes/ticket-guatemala/bootstrap/js/bootstrap.js

69.175.102.130

200 OK

19 kB

URL GET HTTP/3
ticketguatemala.com/wp-content/themes/ticket-guatemala/bootstrap/js/bootstrap.js
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
ASCII text, with very long lines (315)
Size
19 kB (19175 bytes)
Hash
d810a38ca2781735a27cba0625a027db
07da27bb41cf623acc959d70b9611d09c01fa5a5
71577fb46a22fa031506bab9c5ddb4640e38ef10a1b4959a11288b41ce4b0757

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ticket-guatemala/bootstrap/js/bootstrap.js HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: max-age=1333600, public
expires: Fri, 08 Dec 2023 18:07:48 GMT
content-type: application/javascript
last-modified: Tue, 19 Feb 2019 14:36:02 GMT
etag: "05c6c1452-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 19175
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-content/themes/ticket-guatemala/bootstrap/js/popper.min.js

69.175.102.130

200 OK

7.0 kB

URL GET HTTP/3
ticketguatemala.com/wp-content/themes/ticket-guatemala/bootstrap/js/popper.min.js
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
ASCII text, with very long lines (20363)
Size
7.0 kB (7007 bytes)
Hash
84910d80281fc6b554f4ae2d14612494
af6f046adaab7e1501adee034fb7c366b8c059fc
106b3d4f5c4c1ddbccd6078cf233e9a28f04675575551b26709cfc381c8434b0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ticket-guatemala/bootstrap/js/popper.min.js HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: max-age=1333600, public
expires: Fri, 08 Dec 2023 18:07:48 GMT
content-type: application/javascript
last-modified: Tue, 19 Feb 2019 14:36:14 GMT
etag: "05c6c145e-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7007
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-content/themes/ticket-guatemala/js/scripts.js?a=143

69.175.102.130

200 OK

591 B

URL GET HTTP/3
ticketguatemala.com/wp-content/themes/ticket-guatemala/js/scripts.js?a=143
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
ASCII text, with very long lines (378)
Size
591 B (591 bytes)
Hash
db158fad3382915ab0a5b6264e4c645a
755072692c664f5a1e48e0fd2f17c670615dfb8a
e4eada69f44135cb117e78237d257085e709fddee7ab90b842cc6fddc860cee0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ticket-guatemala/js/scripts.js?a=143 HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: max-age=1333600, public
expires: Fri, 08 Dec 2023 18:07:48 GMT
content-type: application/javascript
last-modified: Tue, 05 Mar 2019 01:08:11 GMT
etag: "05c7dcbfb-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 591
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-content/themes/ticket-guatemala/js/jquery.waypoints.js?a=143

69.175.102.130

200 OK

3.5 kB

URL GET HTTP/3
ticketguatemala.com/wp-content/themes/ticket-guatemala/js/jquery.waypoints.js?a=143
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
Unicode text, UTF-8 text
Size
3.5 kB (3505 bytes)
Hash
1115c65bd62165d952fac7c1b6918b2a
cae1eda71e047a12a2dddaa77a4acac54f6b2cb2
d1e3b0a0cf077e2b2d51e3d28a36273bb1fa5b03db541b5e708a9637b39b8d6e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ticket-guatemala/js/jquery.waypoints.js?a=143 HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: max-age=1333600, public
expires: Fri, 08 Dec 2023 18:07:48 GMT
content-type: application/javascript
last-modified: Tue, 19 Feb 2019 14:34:34 GMT
etag: "05c6c13fa-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3505
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-content/themes/ticket-guatemala/js/all.js

69.175.102.130

200 OK

353 kB

URL GET HTTP/3
ticketguatemala.com/wp-content/themes/ticket-guatemala/js/all.js
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
ASCII text, with very long lines (3394)
Size
353 kB (353013 bytes)
Hash
a4b28c53f67b8e03ec3df1b4621febba
780a2a78e2d56b931fd23bdae072208d31d1988a
6eef3c5d533d8ff19c43d6da708b03c8ab2631825bf21995a14665d8a8a9d472

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ticket-guatemala/js/all.js HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: max-age=1333600, public
expires: Fri, 08 Dec 2023 18:07:48 GMT
content-type: application/javascript
last-modified: Tue, 19 Feb 2019 14:34:35 GMT
etag: "05c6c13fb-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 353013
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-content/themes/ticket-guatemala/images/logo.svg

69.175.102.130

200 OK

5.2 kB

URL GET HTTP/3
ticketguatemala.com/wp-content/themes/ticket-guatemala/images/logo.svg
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (20937), with no line terminators
Size
5.2 kB (5197 bytes)
Hash
9c7d6336fec7d13fc167f1bd1900ff11
b553f409e1553799efcf29b9c645b55901967d06
9f697d731ce321a84f196f22e56055eec8efe67c92b6e6bcc40e63c04bbe60b4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ticket-guatemala/images/logo.svg HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Fri, 08 Dec 2023 18:07:48 GMT
content-type: image/svg+xml
last-modified: Wed, 20 Feb 2019 16:27:41 GMT
etag: "05c6d7ffd-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5197
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-content/themes/ticket-guatemala/images/fb.svg

69.175.102.130

200 OK

240 B

URL GET HTTP/3
ticketguatemala.com/wp-content/themes/ticket-guatemala/images/fb.svg
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (347), with no line terminators
Size
240 B (240 bytes)
Hash
41829429b4ed41c42eaca6c0383fade2
7d65a9c4c08e72c996ac01ede2f04606a8eacf91
ee67c706b0d5739dca527a5a5a7a1d4a7461c2116be56228d376311129853692

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ticket-guatemala/images/fb.svg HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Fri, 08 Dec 2023 18:07:48 GMT
content-type: image/svg+xml
last-modified: Wed, 20 Feb 2019 16:27:19 GMT
etag: "05c6d7fe7-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 240
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-content/themes/ticket-guatemala/images/tw.svg

69.175.102.130

200 OK

369 B

URL GET HTTP/3
ticketguatemala.com/wp-content/themes/ticket-guatemala/images/tw.svg
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (669), with no line terminators
Size
369 B (369 bytes)
Hash
2931c90f359902d3061f1f7239d04f7a
a62c625a0af77eeabb0e91f88c7a522f98b3e310
17cf0acbef47f96e39e8ff533f9310017bc89762441870aa63460e95252e21bc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ticket-guatemala/images/tw.svg HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Fri, 08 Dec 2023 18:07:48 GMT
content-type: image/svg+xml
last-modified: Wed, 20 Feb 2019 16:27:56 GMT
etag: "05c6d800c-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 369
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-content/themes/ticket-guatemala/images/ins.svg

69.175.102.130

200 OK

304 B

URL GET HTTP/3
ticketguatemala.com/wp-content/themes/ticket-guatemala/images/ins.svg
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (621), with no line terminators
Size
304 B (304 bytes)
Hash
cd5d6f5f420c3c15098636d47a64a581
64db72a274021bb72576bf7304a41cc3174d6ee0
291caa83137ce9efc96751f104a22dd81671180ed960ff11977d5efe28d854d1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ticket-guatemala/images/ins.svg HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Fri, 08 Dec 2023 18:07:48 GMT
content-type: image/svg+xml
last-modified: Thu, 21 Feb 2019 14:10:59 GMT
etag: "05c6eb173-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 304
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-content/themes/ticket-guatemala/js/jquery-ui.js

69.175.102.130

200 OK

121 kB

URL GET HTTP/3
ticketguatemala.com/wp-content/themes/ticket-guatemala/js/jquery-ui.js
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
ASCII text, with very long lines (1002)
Size
121 kB (120945 bytes)
Hash
ab5284de5e3d221e53647fd348e5644b
75c20acdc6cbc6334fe2b918ab7afeec007f969e
4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ticket-guatemala/js/jquery-ui.js HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: max-age=1333600, public
expires: Fri, 08 Dec 2023 18:07:48 GMT
content-type: application/javascript
last-modified: Tue, 19 Feb 2019 14:34:31 GMT
etag: "05c6c13f7-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 120945
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.7

69.175.102.130

200 OK

3.9 kB

URL GET HTTP/3
ticketguatemala.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.7
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
HTML document, ASCII text, with very long lines (12943), with no line terminators
Size
3.9 kB (3918 bytes)
Hash
5bc2b1fa970f9cecb3c30c0c92c98271
7c6bb87aaa24714b7b3b3c86dd932736a80270a9
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.7 HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: max-age=1333600, public
expires: Fri, 08 Dec 2023 18:07:48 GMT
content-type: application/javascript
last-modified: Tue, 11 Jul 2023 21:05:40 GMT
etag: "064adc424-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3918
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

69.175.102.130

200 OK

35 kB

URL GET HTTP/3
ticketguatemala.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Size
35 kB (34605 bytes)
Hash
9a98016751e498c06d434cc022ca1a44
6aa9af5fe436eab9c313de9f0bea072c04637624
da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: max-age=1333600, public
expires: Fri, 08 Dec 2023 18:07:48 GMT
content-type: application/javascript
last-modified: Wed, 08 Nov 2023 07:19:01 GMT
etag: "0654b3665-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 34605
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.7.7

69.175.102.130

200 OK

439 B

URL GET HTTP/3
ticketguatemala.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.7.7
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
ASCII text, with very long lines (999), with no line terminators
Size
439 B (439 bytes)
Hash
6a0e8318d42803736d2fafcc12238026
c955314a7e0a9a9871329b0f042c8f0b5df49a78
2648a1333fa24d383fd73a6beaac17156ae78f4267ff7407ad60e05a788df44c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.7.7 HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: max-age=1333600, public
expires: Fri, 08 Dec 2023 18:07:48 GMT
content-type: application/javascript
last-modified: Tue, 11 Jul 2023 21:05:40 GMT
etag: "064adc424-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 439
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/content-box.min.js?ver=3.16.16

69.175.102.130

200 OK

609 B

URL GET HTTP/3
ticketguatemala.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/content-box.min.js?ver=3.16.16
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
ASCII text, with very long lines (1800), with no line terminators
Size
609 B (609 bytes)
Hash
d27c232074bc4cb0163435b9304e4355
188f37c32fde29c1de5436441648c40e4ca3d872
7acfbf7a478c51dd873d4479570a8717bf08b03153b457a74939c337d4541219

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-js/content-box.min.js?ver=3.16.16 HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: max-age=1333600, public
expires: Fri, 08 Dec 2023 18:07:48 GMT
content-type: application/javascript
last-modified: Tue, 29 Aug 2017 18:35:06 GMT
etag: "059a5b3da-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 609
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-content/plugins/revslider/admin/assets/images/transparent.png

69.175.102.130

200 OK

71 B

URL GET HTTP/3
ticketguatemala.com/wp-content/plugins/revslider/admin/assets/images/transparent.png
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
PNG image data, 10 x 10, 8-bit/color RGBA, non-interlaced\012- data
Size
71 B (71 bytes)
Hash
753f6c59bbe7913f21576b58b193bc5a
b3e3885f69e401b3a320010ff7a40dd19768fe3b
8ea078292393a14a8e44be139a7fa6ed09d9c650e210eccca587045239b71cab

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/revslider/admin/assets/images/transparent.png HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: max-age=1333600, public
expires: Fri, 08 Dec 2023 18:07:48 GMT
content-type: image/png
last-modified: Thu, 19 Oct 2017 23:18:10 GMT
etag: "059e932b2-0;;;"
accept-ranges: bytes
content-length: 71
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-content/uploads/2019/03/slider4.png

69.175.102.130

200 OK

379 kB

URL GET HTTP/3
ticketguatemala.com/wp-content/uploads/2019/03/slider4.png
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
PNG image data, 1462 x 750, 8-bit colormap, non-interlaced\012- data
Size
379 kB (378552 bytes)
Hash
f46691baeb98156d1ad1e8f231481ba3
ea6ef71d56d85098c3fdc6b652aea4bdf8e736d2
08031ce59300c52a64599409ed460f164682449b67a3c4a55ecb2f7b20306e4b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2019/03/slider4.png HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: max-age=1333600, public
expires: Fri, 08 Dec 2023 18:07:48 GMT
content-type: image/png
last-modified: Wed, 06 Mar 2019 21:58:41 GMT
etag: "05c804291-0;;;"
accept-ranges: bytes
content-length: 378552
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-content/uploads/2019/03/slider2.png

69.175.102.130

200 OK

384 kB

URL GET HTTP/3
ticketguatemala.com/wp-content/uploads/2019/03/slider2.png
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
PNG image data, 1462 x 750, 8-bit colormap, non-interlaced\012- data
Size
384 kB (384337 bytes)
Hash
ae0194989de3c3bcb183361431ecf9d7
08feffc93e69258e32fa67fb054d32445bc6711d
b5e0808c9cbb4f247ebb7fc674da83c4ff3beb570df0903d94cfbe7c44949d1a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2019/03/slider2.png HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: max-age=1333600, public
expires: Fri, 08 Dec 2023 18:07:48 GMT
content-type: image/png
last-modified: Wed, 06 Mar 2019 21:56:18 GMT
etag: "05c804202-0;;;"
accept-ranges: bytes
content-length: 384337
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-content/uploads/2019/03/ham.jpg

69.175.102.130

200 OK

124 kB

URL GET HTTP/3
ticketguatemala.com/wp-content/uploads/2019/03/ham.jpg
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1032x774, components 3\012- data
Size
124 kB (123626 bytes)
Hash
121cb72fbb695f56ea9a5b60a4fc3c3e
d145a5f524d337313eb5d8e9ea75ae3a2e8d9f6a
951df0c6d356eb28cab5c9f84ead0dc2e7cbda4df662b54cfb1a63639c3831cc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2019/03/ham.jpg HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: max-age=1333600, public
expires: Fri, 08 Dec 2023 18:07:48 GMT
content-type: image/jpeg
last-modified: Thu, 16 Jul 2020 23:34:53 GMT
etag: "05f10e41d-0;;;"
accept-ranges: bytes
content-length: 123626
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-content/uploads/2019/03/codo-desprendible.png

69.175.102.130

200 OK

126 kB

URL GET HTTP/3
ticketguatemala.com/wp-content/uploads/2019/03/codo-desprendible.png
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
PNG image data, 359 x 300, 8-bit/color RGB, non-interlaced\012- data
Size
126 kB (126373 bytes)
Hash
eebd737b5cff8e7298fa2d0b1d6e703a
75225da55a80403d6826cc71e91839731f98fb8d
8aac43e9458884c04a08bc3a9f3bc6df1512f6b60a66c680218bff953c74afe4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2019/03/codo-desprendible.png HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: max-age=1333600, public
expires: Fri, 08 Dec 2023 18:07:48 GMT
content-type: image/png
last-modified: Wed, 06 Mar 2019 18:24:52 GMT
etag: "05c801074-0;;;"
accept-ranges: bytes
content-length: 126373
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-content/uploads/2019/03/NEGRO.jpg

69.175.102.130

200 OK

63 kB

URL GET HTTP/3
ticketguatemala.com/wp-content/uploads/2019/03/NEGRO.jpg
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 586x586, components 3\012- data
Size
63 kB (63356 bytes)
Hash
1f7ed0cf497ad1efd837f55b7bae4314
e3547fddbebce0f488fac92d1b2941c1e98e56ac
b9ef591c67d2314c0179233c8661f82834007c67d105ab74a3470604e4ca0237

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2019/03/NEGRO.jpg HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: max-age=1333600, public
expires: Fri, 08 Dec 2023 18:07:48 GMT
content-type: image/jpeg
last-modified: Mon, 03 Feb 2020 02:18:03 GMT
etag: "05e3782db-0;;;"
accept-ranges: bytes
content-length: 63356
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

69.175.102.130

200 OK

2.3 kB

URL GET HTTP/3
ticketguatemala.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
ASCII text, with very long lines (8171), with no line terminators
Size
2.3 kB (2320 bytes)
Hash
dda652db133fddb9b80a05c6d1b5c540
60c8514c57a5db2980c4b046b0dd479bd427357b
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2 HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: max-age=1333600, public
expires: Fri, 08 Dec 2023 18:07:48 GMT
content-type: application/javascript
last-modified: Tue, 11 Jul 2023 21:07:04 GMT
etag: "064adc478-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2320
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

69.175.102.130

200 OK

2.4 kB

URL GET HTTP/3
ticketguatemala.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
ASCII text, with very long lines (6625), with no line terminators
Size
2.4 kB (2402 bytes)
Hash
fd7ef2e4737acd74fd0dcdc3b515e304
0d792b33f12a48ee8aaaf2560a63a5682470645b
1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0 HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: max-age=1333600, public
expires: Fri, 08 Dec 2023 18:07:48 GMT
content-type: application/javascript
last-modified: Wed, 08 Nov 2023 07:19:01 GMT
etag: "0654b3665-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2402
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

142.250.74.131

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://ticketguatemala.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ticketguatemala.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:53:07 GMT
expires: Fri, 29 Nov 2024 04:53:07 GMT
cache-control: public, max-age=31536000
age: 134082
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ticketguatemala.com/wp-content/themes/ticket-guatemala/images/fb_footer.svg

69.175.102.130

200 OK

267 B

URL GET HTTP/3
ticketguatemala.com/wp-content/themes/ticket-guatemala/images/fb_footer.svg
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (419), with no line terminators
Size
267 B (267 bytes)
Hash
ee439aac6f7c807f7ad51ae89c47506c
18528d536f072eb812dda0437c3648a7f705719c
b25453c73cc800298bf162a5faaf806c6b606addfd39b1f1eb0b092313372ed6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ticket-guatemala/images/fb_footer.svg HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Fri, 08 Dec 2023 18:07:48 GMT
content-type: image/svg+xml
last-modified: Wed, 20 Feb 2019 16:27:26 GMT
etag: "05c6d7fee-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 267
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-content/themes/ticket-guatemala/images/tw_footer.svg

69.175.102.130

200 OK

400 B

URL GET HTTP/3
ticketguatemala.com/wp-content/themes/ticket-guatemala/images/tw_footer.svg
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (755), with no line terminators
Size
400 B (400 bytes)
Hash
65bccdb783614580e6854ddd424e3696
eb31234df8a6378cc283e0c36ae4c59534f1a205
9b86817531cde1dd8bec722c9b6a4ef38db84738727e363f8d3bb4d92dc89ced

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ticket-guatemala/images/tw_footer.svg HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Fri, 08 Dec 2023 18:07:48 GMT
content-type: image/svg+xml
last-modified: Wed, 20 Feb 2019 16:28:02 GMT
etag: "05c6d8012-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 400
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-content/themes/ticket-guatemala/images/ins_footer.svg

69.175.102.130

200 OK

332 B

URL GET HTTP/3
ticketguatemala.com/wp-content/themes/ticket-guatemala/images/ins_footer.svg
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (703), with no line terminators
Size
332 B (332 bytes)
Hash
7ee1b9069fd214e2d3cee578756f2f6b
6969f368c78f49e841d058e1a98688dc6a08db34
dcb0286378703c012a5989d7bb85c2cb92ea8c4a5b67295053c85dfa4953b060

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ticket-guatemala/images/ins_footer.svg HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Fri, 08 Dec 2023 18:07:48 GMT
content-type: image/svg+xml
last-modified: Wed, 20 Feb 2019 16:27:33 GMT
etag: "05c6d7ff5-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 332
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.7

69.175.102.130

200 OK

5.4 kB

URL GET HTTP/3
ticketguatemala.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.7
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
ASCII text, with very long lines (19706), with no line terminators
Size
5.4 kB (5387 bytes)
Hash
9d22f9409c43e4abec30c88531a5c5df
277c5fa5e6412254b72c12d4cdbc8a8063c2f854
2c0bcb73a9ca9483f3d74255ce1a77f5fbc491f09a5516929e55b4c38c2e9ecd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.7 HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: max-age=1333600, public
expires: Fri, 08 Dec 2023 18:07:48 GMT
content-type: application/javascript
last-modified: Wed, 20 Feb 2019 21:07:30 GMT
etag: "05c6dc192-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5387
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-content/plugins/js_composer/assets/lib/bower/skrollr/dist/skrollr.min.js?ver=5.7

69.175.102.130

200 OK

5.4 kB

URL GET HTTP/3
ticketguatemala.com/wp-content/plugins/js_composer/assets/lib/bower/skrollr/dist/skrollr.min.js?ver=5.7
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
ASCII text, with very long lines (12478)
Size
5.4 kB (5426 bytes)
Hash
c8bdfc99c3ad3718bbe2e93ee25f2db5
722bc6b1a4fdeae2440d71072d1499cfb0583c34
ad44888e6834dd14372d63691245513cda17cad9bb7f5ac9df10163ba83108f7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/js_composer/assets/lib/bower/skrollr/dist/skrollr.min.js?ver=5.7 HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: max-age=1333600, public
expires: Fri, 08 Dec 2023 18:07:48 GMT
content-type: application/javascript
last-modified: Wed, 20 Feb 2019 21:12:53 GMT
etag: "05c6dc2d5-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5426
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-content/uploads/2019/03/Brazaletes-Tyvek.png

69.175.102.130

200 OK

123 kB

URL GET HTTP/3
ticketguatemala.com/wp-content/uploads/2019/03/Brazaletes-Tyvek.png
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
PNG image data, 359 x 300, 8-bit/color RGB, non-interlaced\012- data
Size
123 kB (122577 bytes)
Hash
2d28f3d124d4935cb033f890c787a697
a093cb54a144e19e5207416c49e04d66b52e2633
1af6759a87f7a6b1809ac2685c665c12ef2b9f6d48bee4d5ea42781da3941530

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2019/03/Brazaletes-Tyvek.png HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: max-age=1333600, public
expires: Fri, 08 Dec 2023 18:07:48 GMT
content-type: image/png
last-modified: Wed, 06 Mar 2019 18:27:00 GMT
etag: "05c8010f4-0;;;"
accept-ranges: bytes
content-length: 122577
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-content/uploads/2019/03/Brazaletes-Tyvek-con-codo-desprendible.png

69.175.102.130

200 OK

130 kB

URL GET HTTP/3
ticketguatemala.com/wp-content/uploads/2019/03/Brazaletes-Tyvek-con-codo-desprendible.png
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
PNG image data, 359 x 300, 8-bit/color RGB, non-interlaced\012- data
Size
130 kB (129550 bytes)
Hash
14c6028573857a0af182f44845911b1b
a8d79cd9a082ecaee0e4a37544f04d6a69b9f297
b0ddf3af69c69520ab559b73031eff88bfa602509dd40bb4f3f858a930476bf8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2019/03/Brazaletes-Tyvek-con-codo-desprendible.png HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: max-age=1333600, public
expires: Fri, 08 Dec 2023 18:07:48 GMT
content-type: image/png
last-modified: Wed, 06 Mar 2019 18:26:16 GMT
etag: "05c8010c8-0;;;"
accept-ranges: bytes
content-length: 129550
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-content/themes/ticket-guatemala/fonts/original_Quicksand-Medium.woff

69.175.102.130

200 OK

53 kB

URL GET HTTP/3
ticketguatemala.com/wp-content/themes/ticket-guatemala/fonts/original_Quicksand-Medium.woff
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
Web Open Font Format, TrueType, length 53204, version 3.0\012- data
Size
53 kB (53204 bytes)
Hash
87d0c3df964429e486400ca045ccc9c8
4734dbec7450e7bea5953f9a10c051e53d28c4e6
b0653e8e6aa2af6dc2cf343895477a4e1999489f3f98b4c0a980eaf33eaef40f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ticket-guatemala/fonts/original_Quicksand-Medium.woff HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/wp-content/themes/ticket-guatemala/style.css?v=800
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: font/woff
last-modified: Wed, 20 Feb 2019 18:16:07 GMT
etag: "05c6d9967-0;;;"
accept-ranges: bytes
content-length: 53204
date: Fri, 01 Dec 2023 18:07:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-content/themes/ticket-guatemala/fonts/original_Ubuntu-B.woff

69.175.102.130

200 OK

113 kB

URL GET HTTP/3
ticketguatemala.com/wp-content/themes/ticket-guatemala/fonts/original_Ubuntu-B.woff
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
Web Open Font Format, TrueType, length 112672, version 0.80\012- data
Size
113 kB (112672 bytes)
Hash
ac90cca25174d0d1dabe34d12dd43512
7d5a057920f559c34a496efdebe5a53431381548
041cf81fdec4d8ab10648401ebf067e688442e2068c3b80bd93d96c1f282cdf4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ticket-guatemala/fonts/original_Ubuntu-B.woff HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/wp-content/themes/ticket-guatemala/style.css?v=800
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: font/woff
last-modified: Wed, 20 Feb 2019 18:16:21 GMT
etag: "05c6d9975-0;;;"
accept-ranges: bytes
content-length: 112672
date: Fri, 01 Dec 2023 18:07:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-content/uploads/2019/02/tickets-peque%C3%B1o.png

69.175.102.130

200 OK

101 kB

URL GET HTTP/3
ticketguatemala.com/wp-content/uploads/2019/02/tickets-peque%C3%B1o.png
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
PNG image data, 359 x 300, 8-bit/color RGB, non-interlaced\012- data
Size
101 kB (100691 bytes)
Hash
ed5fa7492b5f0a95b57b3e13ea089ee9
42c40b180a13aba3efc8a5d14b1a942002233312
b4c9db3b1658242179fe226b5afd1127b43fea5b2c43035a307913ec17767533

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2019/02/tickets-peque%C3%B1o.png HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: max-age=1333600, public
expires: Fri, 08 Dec 2023 18:07:48 GMT
content-type: image/png
last-modified: Thu, 21 Feb 2019 15:07:39 GMT
etag: "05c6ebebb-0;;;"
accept-ranges: bytes
content-length: 100691
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-content/uploads/2020/01/FOTO.jpg

69.175.102.130

200 OK

155 kB

URL GET HTTP/3
ticketguatemala.com/wp-content/uploads/2020/01/FOTO.jpg
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1200x960, components 3\012- data
Size
155 kB (154903 bytes)
Hash
0801d8d0a465fa92780030733522d47f
951081e789e06f0c648ee739dc8cc8d697523a00
7043bd51d5d8fb22e69ff1794437f53fa21b520358c19ca3496e8f4fd01d7025

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2020/01/FOTO.jpg HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: max-age=1333600, public
expires: Fri, 08 Dec 2023 18:07:48 GMT
content-type: image/jpeg
last-modified: Fri, 03 Jan 2020 21:02:42 GMT
etag: "05e0fabf2-0;;;"
accept-ranges: bytes
content-length: 154903
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-content/uploads/2022/01/D_886214-MLM43231152423_082020-O.jpg

69.175.102.130

200 OK

77 kB

URL GET HTTP/3
ticketguatemala.com/wp-content/uploads/2022/01/D_886214-MLM43231152423_082020-O.jpg
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
JPEG image data, baseline, precision 8, 500x500, components 3\012- data
Size
77 kB (76707 bytes)
Hash
5d06e3d4a5bb8091d6648f8c03ed98f7
2b2107d795e4117faac2be6db64e036153eb155c
8829a6ae5f81aa4bb9289af6931e2aacbfb6487f9aac07ce7356c4b59d6f3b49

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/01/D_886214-MLM43231152423_082020-O.jpg HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: max-age=1333600, public
expires: Fri, 08 Dec 2023 18:07:48 GMT
content-type: image/jpeg
last-modified: Mon, 17 Jan 2022 16:39:38 GMT
etag: "061e59bca-0;;;"
accept-ranges: bytes
content-length: 76707
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-content/uploads/2021/10/3de3c31e-0ddd-418a-aded-3eb3a37978f3.jpg

69.175.102.130

200 OK

147 kB

URL GET HTTP/3
ticketguatemala.com/wp-content/uploads/2021/10/3de3c31e-0ddd-418a-aded-3eb3a37978f3.jpg
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 880x605, components 3\012- data
Size
147 kB (146908 bytes)
Hash
4f432a5b7c2db2ab1ff3d31367819918
4eadd311d9071b23ab955dc735538cf807a7f7ab
eeb5fb30ae03eeb5896ed37eedddbb886a0cb708da336e1e3d4bd67f8f35bd1a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2021/10/3de3c31e-0ddd-418a-aded-3eb3a37978f3.jpg HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: max-age=1333600, public
expires: Fri, 08 Dec 2023 18:07:48 GMT
content-type: image/jpeg
last-modified: Tue, 12 Oct 2021 02:13:08 GMT
etag: "06164ef34-0;;;"
accept-ranges: bytes
content-length: 146908
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-content/themes/ticket-guatemala/images/logo_blanco.svg

69.175.102.130

200 OK

4.9 kB

URL GET HTTP/3
ticketguatemala.com/wp-content/themes/ticket-guatemala/images/logo_blanco.svg
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (19002), with no line terminators
Size
4.9 kB (4939 bytes)
Hash
b8f27fb78cf18fb8fde38f58e1fae79b
b7363c19264cca6f7a01417e6e172b9e29e6eeda
506b02da4de7f0fc6e086661bbcb0c98a5743e160b6eb4df95ae10d6861e82ee

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ticket-guatemala/images/logo_blanco.svg HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Fri, 08 Dec 2023 18:07:48 GMT
content-type: image/svg+xml
last-modified: Wed, 20 Feb 2019 16:27:45 GMT
etag: "05c6d8001-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4939
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-content/uploads/2019/03/slider1.png

69.175.102.130

200 OK

325 kB

URL GET HTTP/3
ticketguatemala.com/wp-content/uploads/2019/03/slider1.png
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
PNG image data, 1462 x 750, 8-bit colormap, non-interlaced\012- data
Size
325 kB (325384 bytes)
Hash
23dd8552e5b36d659244ffc7bcaf7b8d
3708c1623d645b74a93a8fec74bd59fcb56f349f
cd7eab5b0dcdf3903e5c0a4f25c504a64367b7f73129e0ffabeab9622a5ec258

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2019/03/slider1.png HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: max-age=1333600, public
expires: Fri, 08 Dec 2023 18:07:48 GMT
content-type: image/png
last-modified: Wed, 06 Mar 2019 20:06:52 GMT
etag: "05c80285c-0;;;"
accept-ranges: bytes
content-length: 325384
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-content/themes/ticket-guatemala/fonts/original_Quicksand-Regular.woff

69.175.102.130

200 OK

53 kB

URL GET HTTP/3
ticketguatemala.com/wp-content/themes/ticket-guatemala/fonts/original_Quicksand-Regular.woff
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
Web Open Font Format, TrueType, length 53356, version 3.0\012- data
Size
53 kB (53356 bytes)
Hash
35351db8561a2779041e7308df5ded2e
209932a5aef1520d1e249b41a2c065c3e4b5e387
56ce75475c88ce0dad4d52edc8e2dea31ff134a2632ba69deef8508319c9067d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ticket-guatemala/fonts/original_Quicksand-Regular.woff HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/wp-content/themes/ticket-guatemala/style.css?v=800
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: font/woff
last-modified: Wed, 20 Feb 2019 18:16:13 GMT
etag: "05c6d996d-0;;;"
accept-ranges: bytes
content-length: 53356
date: Fri, 01 Dec 2023 18:07:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

www.googletagmanager.com/gtag/js?id=G-R7FC3EL2MJ&l=dataLayer&cx=c

142.250.74.168

200 OK

80 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-R7FC3EL2MJ&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://ticketguatemala.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (4179)
Size
80 kB (79459 bytes)
Hash
71c5e2d697624155dbed6ed7edb544e2
e5de37f978492993479d87bad97064bd41b18d06
0b3429f19ae06c45f44607757e3f050185dce8d6463a2fa402eae0c4d6827c74

HTTP Headers

GET /gtag/js?id=G-R7FC3EL2MJ&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 01 Dec 2023 18:07:49 GMT
expires: Fri, 01 Dec 2023 18:07:49 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 79459
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d15439.856761995972!2d-90.56565376371276!3d14.657973695636485!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x8589a1d7b63c9157%3A0xe0639e408f79cffb!2sZona+4+de+Mixco%2C+Guatemala!5e0!3m2!1ses!2sgt!4v1551282766790

142.250.74.164

200 OK

892 B

URL GET HTTP/3
www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d15439.856761995972!2d-90.56565376371276!3d14.657973695636485!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x8589a1d7b63c9157%3A0xe0639e408f79cffb!2sZona+4+de+Mixco%2C+Guatemala!5e0!3m2!1ses!2sgt!4v1551282766790
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://ticketguatemala.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1411)
Size
892 B (892 bytes)
Hash
a48fcf692a2cfd5856225ecc9307be04
8370c24d363beadb79e2317a77985117932860ae
0332d2eb18f726ebf3f2dacedff4ba79841a7fea25dc950844c1ba072095c625

HTTP Headers

GET /maps/embed?pb=!1m18!1m12!1m3!1d15439.856761995972!2d-90.56565376371276!3d14.657973695636485!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x8589a1d7b63c9157%3A0xe0639e408f79cffb!2sZona+4+de+Mixco%2C+Guatemala!5e0!3m2!1ses!2sgt!4v1551282766790 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-wVPxGEvgOL23gMCASS0d-A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
pragma: no-cache
vary: Accept-Language, Origin, X-Origin, Referer
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Fri, 01 Dec 2023 18:07:49 GMT
server: scaffolding on HTTPServer2
content-length: 892
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ticketguatemala.com/wp-content/uploads/2019/02/nuestros-clientes-1.png?id=119

69.175.102.130

200 OK

448 kB

URL GET HTTP/3
ticketguatemala.com/wp-content/uploads/2019/02/nuestros-clientes-1.png?id=119
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
PNG image data, 1461 x 255, 8-bit/color RGBA, non-interlaced\012- data
Size
448 kB (448454 bytes)
Hash
65e37c345ba1965e7dfc2124054c183d
891267f0be170be10d068143018d0bfa42c1d6cb
bee9e8b08ff7bc6d09da6691c8d4389d027cc6536de8694077462b284f35fa0c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2019/02/nuestros-clientes-1.png?id=119 HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: max-age=1333600, public
expires: Fri, 08 Dec 2023 18:07:49 GMT
content-type: image/png
last-modified: Thu, 21 Feb 2019 20:14:42 GMT
etag: "05c6f06b2-0;;;"
accept-ranges: bytes
content-length: 448454
date: Fri, 01 Dec 2023 18:07:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-json/contact-form-7/v1/contact-forms/138/feedback/schema

69.175.102.130

200 OK

240 B

URL GET HTTP/3
ticketguatemala.com/wp-json/contact-form-7/v1/contact-forms/138/feedback/schema
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
JSON data\012- , ASCII text, with very long lines (611), with no line terminators
Size
240 B (240 bytes)
Hash
249fa3d29727fd3bf272471abad69fb0
455477cc15bf02bd301c76482a94dd799b1efd1a
42c7ad2236007476c8e3d0852c7b2a66f44419bc07801c123d5b3b8f148edea4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-json/contact-form-7/v1/contact-forms/138/feedback/schema HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, */*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ticketguatemala.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
x-powered-by: PHP/7.4.33
content-type: application/json; charset=UTF-8
x-robots-tag: noindex
link: <https://ticketguatemala.com/wp-json/>; rel="https://api.w.org/"
x-content-type-options: nosniff
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
allow: GET
vary: Origin,Accept-Encoding
content-length: 240
content-encoding: br
date: Fri, 01 Dec 2023 18:07:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN

www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js

142.250.74.131

200 OK

191 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://ticketguatemala.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (563)
Size
191 kB (190682 bytes)
Hash
23b9dd721490a4062ba8d01454ef6ba9
efdbb7331585411f7d397dacbf51fd3e95f3031d
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7

HTTP Headers

GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ticketguatemala.com
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 190682
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 01:52:16 GMT
expires: Fri, 29 Nov 2024 01:52:16 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 144933
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2

142.250.74.131

200 OK

30 kB

URL GET HTTP/2
fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://ticketguatemala.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 29752, version 1.0\012- data
Size
30 kB (29752 bytes)
Hash
ab1fc8621287e4ea9319a3136812cf80
fb4ed2e52e2a8d7ac50a7618a0c2ea5507a24ef3
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa

HTTP Headers

GET /s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ticketguatemala.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:51:07 GMT
expires: Thu, 28 Nov 2024 21:51:07 GMT
cache-control: public, max-age=31536000
age: 159402
last-modified: Wed, 27 Apr 2022 17:05:11 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/quicksand/v31/6xKtdSZaM9iE8KbpRA_hK1QN.woff2

142.250.74.131

200 OK

28 kB

URL GET HTTP/2
fonts.gstatic.com/s/quicksand/v31/6xKtdSZaM9iE8KbpRA_hK1QN.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://ticketguatemala.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 28064, version 1.0\012- data
Size
28 kB (28064 bytes)
Hash
314d6364bbee6681d0b2364ee3555e2e
c5aab803abe36bf664d7b7e2a3731cd849337006
5a42c91e1ecc9b09346a1520d9a6f98074c13eebfb1cc87c4e82e5992beb685b

HTTP Headers

GET /s/quicksand/v31/6xKtdSZaM9iE8KbpRA_hK1QN.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ticketguatemala.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28064
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:50:15 GMT
expires: Thu, 28 Nov 2024 21:50:15 GMT
cache-control: public, max-age=31536000
age: 159454
last-modified: Wed, 13 Sep 2023 23:22:14 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/quicksand/v31/6xKtdSZaM9iE8KbpRA_hK1QN.woff2

142.250.74.131

200 OK

28 kB

URL GET HTTP/2
fonts.gstatic.com/s/quicksand/v31/6xKtdSZaM9iE8KbpRA_hK1QN.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://ticketguatemala.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 28064, version 1.0\012- data
Size
28 kB (28064 bytes)
Hash
314d6364bbee6681d0b2364ee3555e2e
c5aab803abe36bf664d7b7e2a3731cd849337006
5a42c91e1ecc9b09346a1520d9a6f98074c13eebfb1cc87c4e82e5992beb685b

HTTP Headers

GET /s/quicksand/v31/6xKtdSZaM9iE8KbpRA_hK1QN.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ticketguatemala.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28064
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:50:15 GMT
expires: Thu, 28 Nov 2024 21:50:15 GMT
cache-control: public, max-age=31536000
age: 159454
last-modified: Wed, 13 Sep 2023 23:22:14 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad

142.250.74.42

200 OK

63 kB

URL GET HTTP/3
maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad
IP
142.250.74.42:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d15439.856761995972!2d-90.56565376371276!3d14.657973695636485!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x8589a1d7b63c9157%3A0xe0639e408f79cffb!2sZona+4+de+Mixco%2C+Guatemala!5e0!3m2!1ses!2sgt!4v1551282766790
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (2491)
Size
63 kB (63042 bytes)
Hash
0cc976f1c5345348065b0734661a5b19
1212a54039500f629d8c419f27447b2e76c23e45
69fe4deb7c7ad3e4e7add24ab8ecb60452f59768de6a85711f7671fe67338fb4

HTTP Headers

GET /maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Fri, 01 Dec 2023 18:07:49 GMT
server: scaffolding on HTTPServer2
content-length: 63042
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ticketguatemala.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/ajax-loader.gif

69.175.102.130

200 OK

4.2 kB

URL GET HTTP/3
ticketguatemala.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/ajax-loader.gif
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
GIF image data, version 89a, 32 x 32\012- data
Size
4.2 kB (4178 bytes)
Hash
c5cd7f5300576ab4c88202b42f6ded62
7a1aa43614396382bb15e5fde574d9cdcd21698f
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-css/ajax-loader.gif HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/slick.min.css?ver=3.16.16
Cookie: _ga_R7FC3EL2MJ=GS1.1.1701454074.1.0.1701454074.0.0.0; _ga=GA1.1.135706003.1701454075
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: max-age=1333600, public
expires: Fri, 08 Dec 2023 18:07:49 GMT
content-type: image/gif
last-modified: Mon, 28 Aug 2017 10:36:16 GMT
etag: "059a3f220-0;;;"
accept-ranges: bytes
content-length: 4178
date: Fri, 01 Dec 2023 18:07:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-content/uploads/2019/03/slider5.png

69.175.102.130

200 OK

304 kB

URL GET HTTP/3
ticketguatemala.com/wp-content/uploads/2019/03/slider5.png
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
PNG image data, 1462 x 750, 8-bit colormap, non-interlaced\012- data
Size
304 kB (304185 bytes)
Hash
82cc9ec3977b19b78e22c890be4f4c39
3057ea77d33267ccce2ab4f4f390f8b539ac4a66
9d7afef74be90c83348af593d5dd0728f4c5fbfdb166563d353f1bb63f2ad14a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2019/03/slider5.png HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Cookie: _ga_R7FC3EL2MJ=GS1.1.1701454074.1.0.1701454074.0.0.0; _ga=GA1.1.135706003.1701454075
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: max-age=1333600, public
expires: Fri, 08 Dec 2023 18:07:49 GMT
content-type: image/png
last-modified: Wed, 06 Mar 2019 21:59:16 GMT
etag: "05c8042b4-0;;;"
accept-ranges: bytes
content-length: 304185
date: Fri, 01 Dec 2023 18:07:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-content/plugins/Ultimate_VC_Addons/assets/css/fonts/ult-silk.woff

69.175.102.130

200 OK

2.5 kB

URL GET HTTP/3
ticketguatemala.com/wp-content/plugins/Ultimate_VC_Addons/assets/css/fonts/ult-silk.woff
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
Web Open Font Format, CFF, length 2504, version 1.0\012- data
Size
2.5 kB (2504 bytes)
Hash
520b95f60ddfa6a5ab689c1e2a8c476b
82eae4339865914297c9e5d5174906350f31ee9b
8641a749b56f41be6413bb213410f8e3d3f5056211cfe3e3c8c294a3dbbfddce

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/Ultimate_VC_Addons/assets/css/fonts/ult-silk.woff HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/wp-content/plugins/Ultimate_VC_Addons/assets/css/icons.css?ver=3.16.16
Cookie: _ga_R7FC3EL2MJ=GS1.1.1701454074.1.0.1701454074.0.0.0; _ga=GA1.1.135706003.1701454075
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: font/woff
last-modified: Mon, 28 Aug 2017 10:36:16 GMT
etag: "059a3f220-0;;;"
accept-ranges: bytes
content-length: 2504
date: Fri, 01 Dec 2023 18:07:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

142.250.74.42

200 OK

23 B

URL GET HTTP/3
maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
IP
142.250.74.42:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d15439.856761995972!2d-90.56565376371276!3d14.657973695636485!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x8589a1d7b63c9157%3A0xe0639e408f79cffb!2sZona+4+de+Mixco%2C+Guatemala!5e0!3m2!1ses!2sgt!4v1551282766790
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
JSON data\012- , ASCII text
Size
23 B (23 bytes)
Hash
8a80554c91d9fca8acb82f023de02f11
5f36b2ea290645ee34d943220a14b54ee5ea5be5
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

HTTP Headers

GET /maps/api/mapsjs/gen_204?csp_test=true HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Fri, 01 Dec 2023 18:07:50 GMT
server: scaffolding on HTTPServer2
cache-control: private
content-length: 23
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.google.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

maps.gstatic.com/maps-api-v3/embed/js/55/3/init_embed.js

142.250.74.163

200 OK

61 kB

URL GET HTTP/2
maps.gstatic.com/maps-api-v3/embed/js/55/3/init_embed.js
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d15439.856761995972!2d-90.56565376371276!3d14.657973695636485!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x8589a1d7b63c9157%3A0xe0639e408f79cffb!2sZona+4+de+Mixco%2C+Guatemala!5e0!3m2!1ses!2sgt!4v1551282766790
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (3230)
Size
61 kB (60995 bytes)
Hash
0f250ad3a2691ddbd832b75bca4a44be
23e54c1b4cb0c03b4f17d1f56ea74ae74925d60e
40c4591ccf3a569b4db8a939842cefcff28dd8b74d2a1fab68591d7e0c7bbc7e

HTTP Headers

GET /maps-api-v3/embed/js/55/3/init_embed.js HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 60995
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:34:20 GMT
expires: Thu, 28 Nov 2024 21:34:20 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 29 Nov 2023 00:55:39 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 160410
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ticketguatemala.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.layeranimation.min.js?version=5.4.5

69.175.102.130

200 OK

14 kB

URL GET HTTP/3
ticketguatemala.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.layeranimation.min.js?version=5.4.5
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
ASCII text, with very long lines (55747), with CRLF, CR line terminators
Size
14 kB (13836 bytes)
Hash
eb5e186ce29288630ce0716e1036aa93
ff37a6dc29a6c1c74ec67ca0f55fe327d26da278
6b19dbd4a8065d203fbc8f1c6f83bfcfcf181a2e43aeda2599eb70b3d0e050a5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.layeranimation.min.js?version=5.4.5 HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Cookie: _ga_R7FC3EL2MJ=GS1.1.1701454074.1.0.1701454074.0.0.0; _ga=GA1.1.135706003.1701454075
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: max-age=1333600, public
expires: Fri, 08 Dec 2023 18:07:50 GMT
content-type: application/javascript
last-modified: Thu, 19 Oct 2017 23:18:18 GMT
etag: "059e932ba-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 13836
date: Fri, 01 Dec 2023 18:07:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.slideanims.min.js?version=5.4.5

69.175.102.130

200 OK

6.7 kB

URL GET HTTP/3
ticketguatemala.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.slideanims.min.js?version=5.4.5
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
ASCII text, with very long lines (29149), with CRLF, CR line terminators
Size
6.7 kB (6657 bytes)
Hash
64bd86b1ce810d65855c3a109560fd7c
515936eb400c632fc49d975d00c88b9a7b57ae22
de34850653caab875f9e46ee46c3ba707fb6839665d315ea1a90455383d93360

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.slideanims.min.js?version=5.4.5 HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Cookie: _ga_R7FC3EL2MJ=GS1.1.1701454074.1.0.1701454074.0.0.0; _ga=GA1.1.135706003.1701454075
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: max-age=1333600, public
expires: Fri, 08 Dec 2023 18:07:50 GMT
content-type: application/javascript
last-modified: Thu, 19 Oct 2017 23:18:18 GMT
etag: "059e932ba-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6657
date: Fri, 01 Dec 2023 18:07:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.navigation.min.js?version=5.4.5

69.175.102.130

200 OK

6.7 kB

URL GET HTTP/3
ticketguatemala.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.navigation.min.js?version=5.4.5
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
ASCII text, with very long lines (25862), with CRLF, CR line terminators
Size
6.7 kB (6683 bytes)
Hash
1882b2cf47d04905889dbdb7903ed023
eda2c886e64854263f9072dd07c35a9516c82fe9
d3dfa5802adf9630b7c4bd2f637628f436cffb56eca632b12f7811caa0f8cc76

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.navigation.min.js?version=5.4.5 HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Cookie: _ga_R7FC3EL2MJ=GS1.1.1701454074.1.0.1701454074.0.0.0; _ga=GA1.1.135706003.1701454075
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: max-age=1333600, public
expires: Fri, 08 Dec 2023 18:07:50 GMT
content-type: application/javascript
last-modified: Thu, 19 Oct 2017 23:18:18 GMT
etag: "059e932ba-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6683
date: Fri, 01 Dec 2023 18:07:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.actions.min.js?version=5.4.5

69.175.102.130

200 OK

2.4 kB

URL GET HTTP/3
ticketguatemala.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.actions.min.js?version=5.4.5
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
ASCII text, with very long lines (8049), with CRLF, CR line terminators
Size
2.4 kB (2404 bytes)
Hash
daa7bcc60dc33841f42b33d1202de9c4
3de6b1b36be9fe36b791ace097e33eab4f621cea
a9cfafd7adf794d8c289fc1c84a37edcc93850ca7eea80ed283e4ac8d8ead4b5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.actions.min.js?version=5.4.5 HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Cookie: _ga_R7FC3EL2MJ=GS1.1.1701454074.1.0.1701454074.0.0.0; _ga=GA1.1.135706003.1701454075
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: max-age=1333600, public
expires: Fri, 08 Dec 2023 18:07:50 GMT
content-type: application/javascript
last-modified: Thu, 19 Oct 2017 23:18:18 GMT
etag: "059e932ba-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2404
date: Fri, 01 Dec 2023 18:07:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-content/themes/ticket-guatemala/favicon/favicon-16x16.png

69.175.102.130

200 OK

1.4 kB

URL GET HTTP/3
ticketguatemala.com/wp-content/themes/ticket-guatemala/favicon/favicon-16x16.png
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size
1.4 kB (1398 bytes)
Hash
74fe61acd368d9576f0ea69db31e51ab
9a6142a0af11daf8b393fbb1eeddbc41c15b88e1
bb2b1fab1dd7ae3ecbe83ef0d4a1ce2ab813f648d0f79aec786533f5939196a1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ticket-guatemala/favicon/favicon-16x16.png HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Cookie: _ga_R7FC3EL2MJ=GS1.1.1701454074.1.0.1701454074.0.0.0; _ga=GA1.1.135706003.1701454075
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: max-age=1333600, public
expires: Fri, 08 Dec 2023 18:07:50 GMT
content-type: image/png
last-modified: Wed, 06 Mar 2019 18:31:13 GMT
etag: "05c8011f1-0;;;"
accept-ranges: bytes
content-length: 1398
date: Fri, 01 Dec 2023 18:07:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/wp-content/themes/ticket-guatemala/favicon/android-icon-192x192.png

69.175.102.130

200 OK

13 kB

URL GET HTTP/3
ticketguatemala.com/wp-content/themes/ticket-guatemala/favicon/android-icon-192x192.png
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
13 kB (13054 bytes)
Hash
38d74031884d30824da31f6411e1fe39
5563eae9ea94643c60ac4faf87f440d26a06ada6
5c4a70fbd52dc958b7061cec684c26675e6540b05c8ec2786c9f29bf435c187e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ticket-guatemala/favicon/android-icon-192x192.png HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Cookie: _ga_R7FC3EL2MJ=GS1.1.1701454074.1.0.1701454074.0.0.0; _ga=GA1.1.135706003.1701454075
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: max-age=1333600, public
expires: Fri, 08 Dec 2023 18:07:50 GMT
content-type: image/png
last-modified: Wed, 06 Mar 2019 18:31:09 GMT
etag: "05c8011ed-0;;;"
accept-ranges: bytes
content-length: 13054
date: Fri, 01 Dec 2023 18:07:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

142.250.74.131

200 OK

25 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf9vuYgAAAAADK-TRm3lkLRHvE9Cly_ywYIFlA8&co=aHR0cHM6Ly90aWNrZXRndWF0ZW1hbGEuY29tOjQ0Mw..&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=6n729f8l13po
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (56398), with no line terminators
Size
25 kB (24606 bytes)
Hash
eb4bc511f79f7a1573b45f5775b3a99b
d910fb51ad7316aa54f055079374574698e74b35
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

HTTP Headers

GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24606
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 01 Dec 2023 07:57:18 GMT
expires: Sat, 30 Nov 2024 07:57:18 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/css
vary: Accept-Encoding
age: 36632
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

maps.googleapis.com/maps-api-v3/api/js/55/3/common.js

142.250.74.42

200 OK

57 kB

URL GET HTTP/3
maps.googleapis.com/maps-api-v3/api/js/55/3/common.js
IP
142.250.74.42:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d15439.856761995972!2d-90.56565376371276!3d14.657973695636485!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x8589a1d7b63c9157%3A0xe0639e408f79cffb!2sZona+4+de+Mixco%2C+Guatemala!5e0!3m2!1ses!2sgt!4v1551282766790
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (5883)
Size
57 kB (57129 bytes)
Hash
9b44e2e564f70b079e48e73680228d50
21cbe8228939cccbe04d618cc62592abe8168292
862626d7f047d662ba009df71a153f10d6e807f7ef17d0d5127f0bef16e215d7

HTTP Headers

GET /maps-api-v3/api/js/55/3/common.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 57129
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:34:16 GMT
expires: Thu, 28 Nov 2024 21:34:16 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 29 Nov 2023 00:55:44 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 160414
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

maps.googleapis.com/maps-api-v3/api/js/55/3/log.js

142.250.74.42

200 OK

12 kB

URL GET HTTP/3
maps.googleapis.com/maps-api-v3/api/js/55/3/log.js
IP
142.250.74.42:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d15439.856761995972!2d-90.56565376371276!3d14.657973695636485!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x8589a1d7b63c9157%3A0xe0639e408f79cffb!2sZona+4+de+Mixco%2C+Guatemala!5e0!3m2!1ses!2sgt!4v1551282766790
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (2232)
Size
12 kB (11729 bytes)
Hash
cb2b042885604611e30ae0ec6140c9ce
51928801e4bf03ee47fc9a7bbe6f8cd29580291b
2909c7558041cdd5fec60833c2f3b147eb3928785fbe6e9b88400b6c68771620

HTTP Headers

GET /maps-api-v3/api/js/55/3/log.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 11729
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:36:00 GMT
expires: Thu, 28 Nov 2024 21:36:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 29 Nov 2023 00:55:44 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 160310
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

maps.googleapis.com/maps-api-v3/api/js/55/3/util.js

142.250.74.42

200 OK

55 kB

URL GET HTTP/3
maps.googleapis.com/maps-api-v3/api/js/55/3/util.js
IP
142.250.74.42:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d15439.856761995972!2d-90.56565376371276!3d14.657973695636485!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x8589a1d7b63c9157%3A0xe0639e408f79cffb!2sZona+4+de+Mixco%2C+Guatemala!5e0!3m2!1ses!2sgt!4v1551282766790
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (562)
Size
55 kB (55134 bytes)
Hash
90e04afddd95ef43014450cadb771307
84382d86cb0b94bebef21276b757402c80a49950
416d94f82831298c634952e55392f6a187d52da70fe49083b99af1755bde4615

HTTP Headers

GET /maps-api-v3/api/js/55/3/util.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 55134
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:34:16 GMT
expires: Thu, 28 Nov 2024 21:34:16 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 29 Nov 2023 00:55:44 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 160414
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

maps.googleapis.com/maps-api-v3/api/js/55/3/search_impl.js

142.250.74.42

200 OK

1.2 kB

URL GET HTTP/3
maps.googleapis.com/maps-api-v3/api/js/55/3/search_impl.js
IP
142.250.74.42:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d15439.856761995972!2d-90.56565376371276!3d14.657973695636485!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x8589a1d7b63c9157%3A0xe0639e408f79cffb!2sZona+4+de+Mixco%2C+Guatemala!5e0!3m2!1ses!2sgt!4v1551282766790
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (1470)
Size
1.2 kB (1216 bytes)
Hash
8a50e9517370067b769dfec46e31ae66
55d249979875100ad3d8bbb6b7b0f7b02d280346
0e8c45740f76c7936f760b7ac176a2517c8b6d176231f3d541d67321f9eeea45

HTTP Headers

GET /maps-api-v3/api/js/55/3/search_impl.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 1216
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:34:16 GMT
expires: Thu, 28 Nov 2024 21:34:16 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 29 Nov 2023 00:55:44 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 160414
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

maps.googleapis.com/maps-api-v3/api/js/55/3/map.js

142.250.74.42

200 OK

24 kB

URL GET HTTP/3
maps.googleapis.com/maps-api-v3/api/js/55/3/map.js
IP
142.250.74.42:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d15439.856761995972!2d-90.56565376371276!3d14.657973695636485!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x8589a1d7b63c9157%3A0xe0639e408f79cffb!2sZona+4+de+Mixco%2C+Guatemala!5e0!3m2!1ses!2sgt!4v1551282766790
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (2376)
Size
24 kB (23678 bytes)
Hash
243bb45c4744cbda04a2be95db1b16dd
883795e8de2b2c4ee9dabc3193e4a20639306843
8e89cf5feaf942492d02ab197eab24ecae57af44afa54c5a19f32b80e2395740

HTTP Headers

GET /maps-api-v3/api/js/55/3/map.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 23678
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:34:16 GMT
expires: Thu, 28 Nov 2024 21:34:16 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 29 Nov 2023 00:55:44 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 160414
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

maps.googleapis.com/maps-api-v3/api/js/55/3/onion.js

142.250.74.42

200 OK

8.9 kB

URL GET HTTP/3
maps.googleapis.com/maps-api-v3/api/js/55/3/onion.js
IP
142.250.74.42:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d15439.856761995972!2d-90.56565376371276!3d14.657973695636485!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x8589a1d7b63c9157%3A0xe0639e408f79cffb!2sZona+4+de+Mixco%2C+Guatemala!5e0!3m2!1ses!2sgt!4v1551282766790
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (2559)
Size
8.9 kB (8880 bytes)
Hash
a2d42fe1c670e5f02d792bf944e1908f
bf8ddc906459b74128d3484bd64f47eb96b8932e
4b4ccaf9230460e41b89e77a295c73c250a869c7765a509588b013f4feeaa5a2

HTTP Headers

GET /maps-api-v3/api/js/55/3/onion.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 8880
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:34:16 GMT
expires: Thu, 28 Nov 2024 21:34:16 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 29 Nov 2023 00:55:44 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 160414
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

maps.googleapis.com/maps-api-v3/api/js/55/3/overlay.js

142.250.74.42

200 OK

1.3 kB

URL GET HTTP/3
maps.googleapis.com/maps-api-v3/api/js/55/3/overlay.js
IP
142.250.74.42:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d15439.856761995972!2d-90.56565376371276!3d14.657973695636485!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x8589a1d7b63c9157%3A0xe0639e408f79cffb!2sZona+4+de+Mixco%2C+Guatemala!5e0!3m2!1ses!2sgt!4v1551282766790
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (1152)
Size
1.3 kB (1278 bytes)
Hash
59f3386eebf333dba7982e068e01b797
1f2099e6adddee067e3f2349f27b059d5dd38537
57b27ca34a0a4f104113f302a891f3b0c37fd849b34512e9e52e0084d0523516

HTTP Headers

GET /maps-api-v3/api/js/55/3/overlay.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 1278
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:34:16 GMT
expires: Thu, 28 Nov 2024 21:34:16 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 29 Nov 2023 00:55:44 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 160414
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js

142.250.74.131

200 OK

191 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://ticketguatemala.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (563)
Size
191 kB (190682 bytes)
Hash
23b9dd721490a4062ba8d01454ef6ba9
efdbb7331585411f7d397dacbf51fd3e95f3031d
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7

HTTP Headers

GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 190682
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 01:52:16 GMT
expires: Fri, 29 Nov 2024 01:52:16 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 144934
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.131

200 OK

15 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf9vuYgAAAAADK-TRm3lkLRHvE9Cly_ywYIFlA8&co=aHR0cHM6Ly90aWNrZXRndWF0ZW1hbGEuY29tOjQ0Mw..&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=6n729f8l13po
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 18:39:39 GMT
expires: Thu, 28 Nov 2024 18:39:39 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 170891
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

142.250.74.131

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf9vuYgAAAAADK-TRm3lkLRHvE9Cly_ywYIFlA8&co=aHR0cHM6Ly90aWNrZXRndWF0ZW1hbGEuY29tOjQ0Mw..&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=6n729f8l13po
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 27 Nov 2023 23:42:20 GMT
expires: Tue, 26 Nov 2024 23:42:20 GMT
cache-control: public, max-age=31536000
age: 325530
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ticketguatemala.com/wp-content/uploads/2019/02/fondo-evento.png

69.175.102.130

200 OK

1.9 MB

URL GET HTTP/3
ticketguatemala.com/wp-content/uploads/2019/02/fondo-evento.png
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
PNG image data, 1460 x 1198, 8-bit/color RGBA, non-interlaced\012- data
Size
1.9 MB (1912088 bytes)
Hash
426d1d4c66eae81275eec328118f032e
984f7d464a0615b2131baeda84da4af02a9db43c
6b56afc0d310af8bc41dbcf63ebc88499e0e782ca9974949d553ba96663d5719

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2019/02/fondo-evento.png HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Cookie: _ga_R7FC3EL2MJ=GS1.1.1701454074.1.0.1701454074.0.0.0; _ga=GA1.1.135706003.1701454075
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: max-age=1333600, public
expires: Fri, 08 Dec 2023 18:07:50 GMT
content-type: image/png
last-modified: Thu, 21 Feb 2019 19:34:46 GMT
etag: "05c6efd56-0;;;"
accept-ranges: bytes
content-length: 1912088
date: Fri, 01 Dec 2023 18:07:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

www.google.com/recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed

142.250.74.164

200 OK

2.3 kB

URL GET HTTP/3
www.google.com/recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf9vuYgAAAAADK-TRm3lkLRHvE9Cly_ywYIFlA8&co=aHR0cHM6Ly90aWNrZXRndWF0ZW1hbGEuY29tOjQ0Mw..&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=6n729f8l13po
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type
gzip compressed data\012- data
Size
2.3 kB (2340 bytes)
Hash
72b781c4075af8d5946ee8bae59ce7f8
2b244a1bb68638a6e1106a75813411552dc11584
17818eb1cfa97fb8337fc7b92a24bdb25a926cbd6d96dbea2de9058540d61200

HTTP Headers

GET /recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf9vuYgAAAAADK-TRm3lkLRHvE9Cly_ywYIFlA8&co=aHR0cHM6Ly90aWNrZXRndWF0ZW1hbGEuY29tOjQ0Mw..&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=6n729f8l13po
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/javascript; charset=utf-8
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 01 Dec 2023 18:07:50 GMT
date: Fri, 01 Dec 2023 18:07:50 GMT
cache-control: private, max-age=300
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js

142.250.74.131

200 OK

191 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://ticketguatemala.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (563)
Size
191 kB (190682 bytes)
Hash
23b9dd721490a4062ba8d01454ef6ba9
efdbb7331585411f7d397dacbf51fd3e95f3031d
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7

HTTP Headers

GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 190682
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 01:52:16 GMT
expires: Fri, 29 Nov 2024 01:52:16 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 144934
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

maps.googleapis.com/maps/api/js/StaticMapService.GetMapImage?1m2&1i1041818&2i1924248&2e1&3u14&4m2&1u540&2u465&5m5&1e0&5sen-US&6sus&10b1&12b1&client=google-maps-embed&token=66668

142.250.74.42

200 OK

82 kB

URL GET HTTP/3
maps.googleapis.com/maps/api/js/StaticMapService.GetMapImage?1m2&1i1041818&2i1924248&2e1&3u14&4m2&1u540&2u465&5m5&1e0&5sen-US&6sus&10b1&12b1&client=google-maps-embed&token=66668
IP
142.250.74.42:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d15439.856761995972!2d-90.56565376371276!3d14.657973695636485!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x8589a1d7b63c9157%3A0xe0639e408f79cffb!2sZona+4+de+Mixco%2C+Guatemala!5e0!3m2!1ses!2sgt!4v1551282766790
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
PNG image data, 540 x 465, 8-bit colormap, non-interlaced\012- data
Size
82 kB (81774 bytes)
Hash
db3ffeee3a8f28c5555ce1ae456777c6
e137162b79900ae82fd86776a0200026c1ddf5f9
775b475bf4a2a52bc399ce62b8eee9d2e7b525d7b9c73a749ec4289ac8da5543

HTTP Headers

GET /maps/api/js/StaticMapService.GetMapImage?1m2&1i1041818&2i1924248&2e1&3u14&4m2&1u540&2u465&5m5&1e0&5sen-US&6sus&10b1&12b1&client=google-maps-embed&token=66668 HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: image/png
date: Fri, 01 Dec 2023 18:07:50 GMT
expires: Sat, 02 Dec 2023 18:07:50 GMT
cache-control: public, max-age=86400
server: scaffolding on HTTPServer2
content-length: 81774
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=335
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ticketguatemala.com/wp-content/plugins/revslider/public/assets/fonts/revicons/revicons.woff?5510888

69.175.102.130

200 OK

7.5 kB

URL GET HTTP/3
ticketguatemala.com/wp-content/plugins/revslider/public/assets/fonts/revicons/revicons.woff?5510888
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type
Web Open Font Format, TrueType, length 7536, version 1.0\012- data
Size
7.5 kB (7536 bytes)
Hash
04eb8fc57f27498e5ae37523e3bfb2c7
d942ae11706c3f7e511e3c49b0e4574d7ad199c4
f7b9c3065e55fa3b9e320093612e7b30dcb14355a44ec461247b495a3e729686

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/fonts/revicons/revicons.woff?5510888 HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.5.1
Cookie: _ga_R7FC3EL2MJ=GS1.1.1701454074.1.0.1701454074.0.0.0; _ga=GA1.1.135706003.1701454075
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: font/woff
last-modified: Thu, 19 Oct 2017 23:18:18 GMT
etag: "059e932ba-0;;;"
accept-ranges: bytes
content-length: 7536
date: Fri, 01 Dec 2023 18:07:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

maps.googleapis.com/maps_api_js_slo/log?hasfast=true

142.250.74.42

200 OK

112 B

URL POST HTTP/3
maps.googleapis.com/maps_api_js_slo/log?hasfast=true
IP
142.250.74.42:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d15439.856761995972!2d-90.56565376371276!3d14.657973695636485!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x8589a1d7b63c9157%3A0xe0639e408f79cffb!2sZona+4+de+Mixco%2C+Guatemala!5e0!3m2!1ses!2sgt!4v1551282766790
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
data
Size
112 B (112 bytes)
Hash
40f93f8e6262377e13ee6a5334635553
8aaa172e1934e1ef4d4cacbf62a855c676f61670
4bd369c61fb00adf8dd91b7ea4bfdcddad3d7c40c2e5c325e2a96c57bdc911c7

HTTP Headers

POST /maps_api_js_slo/log?hasfast=true HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 1712
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: https://www.google.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Fri, 01 Dec 2023 18:08:00 GMT
server: Playlog
cache-control: private
content-length: 112
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+746; expires=Sun, 30-Nov-2025 18:08:00 GMT; path=/; domain=.googleapis.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 01 Dec 2023 18:08:00 GMT

www.google.com/recaptcha/api.js?render=6Lf9vuYgAAAAADK-TRm3lkLRHvE9Cly_ywYIFlA8&ver=3.0

142.250.74.164

200 OK

884 B

URL GET HTTP/2
www.google.com/recaptcha/api.js?render=6Lf9vuYgAAAAADK-TRm3lkLRHvE9Cly_ywYIFlA8&ver=3.0
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://ticketguatemala.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintB0:8E:97:10:7E:30:90:F6:42:A1:32:63:5C:78:27:D3:A8:F1:05:D1
ValidityMon, 23 Oct 2023 11:24:57 GMT - Mon, 15 Jan 2024 11:24:56 GMT

File type
ASCII text, with very long lines (884), with no line terminators
Size
884 B (884 bytes)
Hash
a194131ce4afad73fe0478d01604ad89
7c0077e73bbc4d6ff45d4b9a1f02f6c1bd341390
247ad406f7835e0362116a81be21424684af976a3d2adcd9501d45b349c45286

HTTP Headers

GET /recaptcha/api.js?render=6Lf9vuYgAAAAADK-TRm3lkLRHvE9Cly_ywYIFlA8&ver=3.0 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Fri, 01 Dec 2023 18:07:48 GMT
date: Fri, 01 Dec 2023 18:07:48 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf9vuYgAAAAADK-TRm3lkLRHvE9Cly_ywYIFlA8&co=aHR0cHM6Ly90aWNrZXRndWF0ZW1hbGEuY29tOjQ0Mw..&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=6n729f8l13po

142.250.74.164

200 OK

61 kB

URL GET HTTP/3
www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf9vuYgAAAAADK-TRm3lkLRHvE9Cly_ywYIFlA8&co=aHR0cHM6Ly90aWNrZXRndWF0ZW1hbGEuY29tOjQ0Mw..&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=6n729f8l13po
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://ticketguatemala.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52117)
Size
61 kB (60663 bytes)
Hash
a23155cc599277ac52601d92fb04f1d8
acc36a9b1e45033aaae3aa19280580b497adc7e2
53407c657526790dce2bc94b74f5258de07e7beedb588f52ad4e93c896cb5f55

HTTP Headers

GET /recaptcha/api2/anchor?ar=1&k=6Lf9vuYgAAAAADK-TRm3lkLRHvE9Cly_ywYIFlA8&co=aHR0cHM6Ly90aWNrZXRndWF0ZW1hbGEuY29tOjQ0Mw..&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=6n729f8l13po HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 01 Dec 2023 18:07:50 GMT
content-security-policy: script-src 'nonce-WY3DbKQ_6YkXHR965l6rGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ticketguatemala.com/

69.175.102.130

200 OK

0 B

URL GET HTTP/3
ticketguatemala.com/
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ticketguatemala.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
x-powered-by: PHP/7.4.33
content-type: text/html; charset=UTF-8
link: <https://ticketguatemala.com/>; rel=shortlink
content-encoding: br
vary: Accept-Encoding
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ticketguatemala.com/

69.175.102.130

200 OK

112 kB

URL User Request GET HTTP/2
ticketguatemala.com/
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type

Size
112 kB (111733 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-powered-by: PHP/7.4.33
content-type: text/html; charset=UTF-8
link: <https://ticketguatemala.com/>; rel=shortlink
content-encoding: br
vary: Accept-Encoding
date: Fri, 01 Dec 2023 18:07:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/api2/logo_48.png

142.250.74.131

200 OK

2.2 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/logo_48.png
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf9vuYgAAAAADK-TRm3lkLRHvE9Cly_ywYIFlA8&co=aHR0cHM6Ly90aWNrZXRndWF0ZW1hbGEuY29tOjQ0Mw..&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=6n729f8l13po
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
2.2 kB (2228 bytes)
Hash
ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

HTTP Headers

GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 27 Nov 2023 23:42:11 GMT
expires: Mon, 04 Dec 2023 23:42:11 GMT
cache-control: public, max-age=604800
age: 325539
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.bpo361.com/wp-content/themes/handcrafted-wp-theme-master/images/logoApkana.svg

185.151.30.195

200 OK

262 kB

URL GET HTTP/2
www.bpo361.com/wp-content/themes/handcrafted-wp-theme-master/images/logoApkana.svg
IP
185.151.30.195:443
ASN
#48254 20i Limited

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subject*.bpo361.com
FingerprintFD:12:27:57:43:38:6F:34:B0:B5:CD:11:D7:30:86:AB:34:01:7B:46
ValidityMon, 23 Oct 2023 03:41:54 GMT - Sun, 21 Jan 2024 03:41:53 GMT

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size
262 kB (262331 bytes)
Hash
b3c73f4d9434fd6ea029b4bc652c5a84
61b1ce3d90d9487b7ca1700642a0cc031936d7eb
55964bad835d2c27a9393db0db159439893c2375a5c07d13c0ec3baa076f08d4

HTTP Headers

GET /wp-content/themes/handcrafted-wp-theme-master/images/logoApkana.svg HTTP/1.1
Host: www.bpo361.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Dec 2023 18:07:49 GMT
content-type: image/svg+xml
server: Apache
x-provided-by: StackCDN
last-modified: Fri, 10 Jun 2022 02:58:02 GMT
vary: Accept-Encoding, Accept-Encoding
x-origin-cache-status: HIT
content-encoding: gzip
x-cdn-cache-status: HIT
x-via: FRA1
X-Firefox-Spdy: h2

ticketguatemala.com/

69.175.102.130

200 OK

0 B

URL GET HTTP/3
ticketguatemala.com/
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ticketguatemala.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
x-powered-by: PHP/7.4.33
content-type: text/html; charset=UTF-8
link: <https://ticketguatemala.com/>; rel=shortlink
content-encoding: br
vary: Accept-Encoding
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

fonts.googleapis.com/css?family=Ubuntu:700%7CQuicksand:400%2C500%7CRoboto:500

142.250.74.106

200 OK

6.1 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Ubuntu:700%7CQuicksand:400%2C500%7CRoboto:500
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://ticketguatemala.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (6296), with no line terminators
Size
6.1 kB (6144 bytes)
Hash
c586a809f61f39a620fab5f7a7a9bdab
602f1e291081294362d7fb3b5ec1294c1fc58430
570755ae1c6506e4a0c744255c9cf54579501adcb6d9de72b4c02d8ac29dc765

HTTP Headers

GET /css?family=Ubuntu:700%7CQuicksand:400%2C500%7CRoboto:500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticketguatemala.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 01 Dec 2023 18:07:48 GMT
date: Fri, 01 Dec 2023 18:07:48 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ticketguatemala.com/

69.175.102.130

200 OK

0 B

URL GET HTTP/3
ticketguatemala.com/
IP
69.175.102.130:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://ticketguatemala.com/
Certificate
IssuerLet's Encrypt
Subjectticketguatemala.com
FingerprintA2:69:02:8C:AD:D8:31:67:27:26:EF:8F:BD:94:E1:7C:69:DC:CC:EF
ValidityMon, 27 Nov 2023 19:11:45 GMT - Sun, 25 Feb 2024 19:11:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: ticketguatemala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ticketguatemala.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
x-powered-by: PHP/7.4.33
content-type: text/html; charset=UTF-8
link: <https://ticketguatemala.com/>; rel=shortlink
content-encoding: br
vary: Accept-Encoding
date: Fri, 01 Dec 2023 18:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

www.google.com/recaptcha/api2/reload?k=6Lf9vuYgAAAAADK-TRm3lkLRHvE9Cly_ywYIFlA8

142.250.74.164

200 OK

36 kB

URL POST HTTP/3
www.google.com/recaptcha/api2/reload?k=6Lf9vuYgAAAAADK-TRm3lkLRHvE9Cly_ywYIFlA8
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf9vuYgAAAAADK-TRm3lkLRHvE9Cly_ywYIFlA8&co=aHR0cHM6Ly90aWNrZXRndWF0ZW1hbGEuY29tOjQ0Mw..&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=6n729f8l13po
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type
ASCII text, with very long lines (35886)
Size
36 kB (35891 bytes)
Hash
577a615e324ba40bc42c3782ab5d6e7b
4c79b739f0281a5871c142f03c0fdd0370061cff
39367a8714073d0ec45cc9e720fcc2b852177d9ae23bfc824d1c7e91d41e438e

HTTP Headers

POST /recaptcha/api2/reload?k=6Lf9vuYgAAAAADK-TRm3lkLRHvE9Cly_ywYIFlA8 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-protobuffer
Content-Length: 8361
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf9vuYgAAAAADK-TRm3lkLRHvE9Cly_ywYIFlA8&co=aHR0cHM6Ly90aWNrZXRndWF0ZW1hbGEuY29tOjQ0Mw..&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=6n729f8l13po
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/json; charset=utf-8
content-encoding: gzip
date: Fri, 01 Dec 2023 18:07:51 GMT
expires: Fri, 01 Dec 2023 18:07:51 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
set-cookie: _GRECAPTCHA=09ALb3HLcb9D9yA_bTZzWQj-EpHscyE52S0IVDmvwVtD-7-NvTy1h4LlTJrHTmGG064HRsxiWGdxD8exKaqBuMoK0;Path=/recaptcha;Expires=Wed, 29-May-2024 18:07:51 GMT;Secure;HttpOnly;Priority=HIGH;SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (64)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash