URL: http://carnaval.jmsmusic.co/enrollment-letter/
Submission: On September 18 via manual from US

Summary

This website contacted 36 IPs in 6 countries across 35 domains to perform 55 HTTP transactions. The main IP is 89.163.146.143, located in Hattersheim, Germany and belongs to MYLOC-AS, DE. The main domain is carnaval.jmsmusic.co.
This is the only time carnaval.jmsmusic.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 89.163.146.143 24961 (MYLOC-AS)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 151.101.134.56 54113 (FASTLY)
3 2.18.232.80 16625 (AKAMAI-AS)
1 50.62.242.1 26496 (AS-26496-...)
4 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 45.77.110.16 20473 (AS-CHOOPA)
1 137.99.25.182 13796 (UCONN-ARIN)
1 23.96.80.131 8075 (MICROSOFT...)
1 2400:cb00:204... 13335 (CLOUDFLAR...)
3 142.58.102.68 11105 (SFU-AS)
1 216.70.115.38 31815 (MEDIATEMPLE)
1 35.203.142.153 15169 (GOOGLE)
1 2600:9000:200... 16509 (AMAZON-02)
1 151.101.134.110 54113 (FASTLY)
1 216.243.141.106 7753 (GREENCLOUD)
1 2400:cb00:204... 13335 (CLOUDFLAR...)
1 192.185.67.238 20013 (CYRUSONE)
1 132.148.50.109 26496 (AS-26496-...)
1 66.147.244.120 46606 (UNIFIEDLA...)
1 2 129.170.204.87 10755 (DARTMOUTH-AS)
1 4 136.159.96.125 33091 (U-CALGARY)
1 67.222.22.151 63410 (PRIVATESY...)
1 2600:1400:d:5... 20940 (AKAMAI-ASN1)
1 2.19.33.94 20940 (AKAMAI-ASN1)
1 209.129.30.14 2152 (CSUNET-NW)
1 1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 183.111.182.213 4766 (KIXS-AS-K...)
1 66.147.244.163 46606 (UNIFIEDLA...)
1 199.87.225.248 22487 (VALENCIA)
2 3 52.205.108.105 14618 (AMAZON-AES)
1 104.20.3.47 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 104.20.2.47 13335 (CLOUDFLAR...)
55 36
Apex Domain
Subdomains
Transfer
6 googlesyndication.com
pagead2.googlesyndication.com
128 KB
4 doubleclick.net
googleads.g.doubleclick.net
4 ucalgary.ca
www.ucalgary.ca
grad.ucalgary.ca
170 KB
4 pdffiller.com
www.pdffiller.com
177 KB
3 fsu.edu
sc.my.fsu.edu
31 KB
3 sfu.ca
www.sfu.ca
91 KB
3 slidesharecdn.com
image.slidesharecdn.com
271 KB
3 google.com
developers.google.com
adservice.google.com
436 KB
2 statcounter.com
www.statcounter.com
c.statcounter.com
11 KB
2 studylib.net
s2.studylib.net
10 KB
2 dartmouth.edu
www.dartmouth.edu
529 KB
1 google.de
adservice.google.de
171 B
1 valenciacollege.edu
international.valenciacollege.edu
31 KB
1 daviswilliamsfamilytree.com
www.daviswilliamsfamilytree.com
1 MB
1 handskorea.com
www.handskorea.com
81 KB
1 miracosta.edu
www.miracosta.edu
115 KB
1 wahbexchange.org
www.wahbexchange.org
30 KB
1 irs.gov
www.irs.gov
72 KB
1 iwsp5.org
iwsp5.org
64 KB
1 eyeonyavapaicollege.com
www.eyeonyavapaicollege.com
74 KB
1 dcsafe.org
dcsafe.org
85 KB
1 writeletter2.com
writeletter2.com
16 KB
1 jeffbuckley.info
jeffbuckley.info
111 KB
1 khi.org
media.khi.org
2 MB
1 isu.pub
image.isu.pub
21 KB
1 edl.io
1.cdn.edl.io
140 KB
1 korvia.com
www.korvia.com
1 MB
1 studentclearinghouse.info
studentclearinghouse.info
28 KB
1 granitestateartsmarket.com
granitestateartsmarket.com
112 KB
1 schoolleader.com
www.schoolleader.com
5 KB
1 uconn.edu
web2.uconn.edu
25 KB
1 stimulprofit.com
stimulprofit.com
374 KB
1 hcsablog.com
hcsablog.com
133 KB
1 rocketlawyer.net
www.rocketlawyer.net
7 KB
1 jmsmusic.co
carnaval.jmsmusic.co
9 KB
55 35
Domain Requested by
6 pagead2.googlesyndication.com carnaval.jmsmusic.co
pagead2.googlesyndication.com
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
4 www.pdffiller.com carnaval.jmsmusic.co
3 sc.my.fsu.edu 2 redirects carnaval.jmsmusic.co
3 www.sfu.ca carnaval.jmsmusic.co
3 image.slidesharecdn.com carnaval.jmsmusic.co
2 s2.studylib.net 1 redirects carnaval.jmsmusic.co
2 grad.ucalgary.ca 1 redirects carnaval.jmsmusic.co
2 www.ucalgary.ca carnaval.jmsmusic.co
2 www.dartmouth.edu 1 redirects carnaval.jmsmusic.co
2 developers.google.com carnaval.jmsmusic.co
1 c.statcounter.com carnaval.jmsmusic.co
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 www.statcounter.com carnaval.jmsmusic.co
1 international.valenciacollege.edu carnaval.jmsmusic.co
1 www.daviswilliamsfamilytree.com carnaval.jmsmusic.co
1 www.handskorea.com carnaval.jmsmusic.co
1 www.miracosta.edu carnaval.jmsmusic.co
1 www.wahbexchange.org carnaval.jmsmusic.co
1 www.irs.gov carnaval.jmsmusic.co
1 iwsp5.org carnaval.jmsmusic.co
1 www.eyeonyavapaicollege.com carnaval.jmsmusic.co
1 dcsafe.org carnaval.jmsmusic.co
1 writeletter2.com carnaval.jmsmusic.co
1 jeffbuckley.info carnaval.jmsmusic.co
1 media.khi.org carnaval.jmsmusic.co
1 image.isu.pub carnaval.jmsmusic.co
1 1.cdn.edl.io carnaval.jmsmusic.co
1 www.korvia.com carnaval.jmsmusic.co
1 studentclearinghouse.info carnaval.jmsmusic.co
1 granitestateartsmarket.com carnaval.jmsmusic.co
1 www.schoolleader.com carnaval.jmsmusic.co
1 web2.uconn.edu carnaval.jmsmusic.co
1 stimulprofit.com carnaval.jmsmusic.co
1 hcsablog.com carnaval.jmsmusic.co
1 www.rocketlawyer.net carnaval.jmsmusic.co
1 carnaval.jmsmusic.co
55 38
Subject Issuer Validity Valid
*.google.com
Google Internet Authority G3
2018-08-28 -
2018-11-20
3 months crt.sh
api.rocketlawyer.com
GlobalSign CloudSSL CA - SHA256 - G3
2018-09-14 -
2019-01-31
5 months crt.sh
*.slidesharecdn.com
DigiCert SHA2 Secure Server CA
2017-07-18 -
2019-08-20
2 years crt.sh
*.pdffiller.com
DigiCert ECC Secure Server CA
2018-06-19 -
2019-09-18
a year crt.sh
web2.uconn.edu
InCommon RSA Server CA
2018-05-02 -
2020-05-01
2 years crt.sh
sni218503.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2018-08-18 -
2019-02-24
6 months crt.sh
*.sfu.ca
DigiCert SHA2 High Assurance Server CA
2018-08-12 -
2020-10-14
2 years crt.sh
studentclearinghouse.info
Let's Encrypt Authority X3
2018-08-24 -
2018-11-22
3 months crt.sh
www.korvia.com
Let's Encrypt Authority X3
2018-08-11 -
2018-11-09
3 months crt.sh
*.cdn.edl.io
Amazon
2018-01-29 -
2019-02-28
a year crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2018-09-04 -
2019-04-14
7 months crt.sh
*.dartmouth.edu
DigiCert SHA2 High Assurance Server CA
2018-05-30 -
2020-06-03
2 years crt.sh
ucalgary.ca
Entrust Certification Authority - L1M
2018-08-09 -
2019-04-03
8 months crt.sh
www.irs.gov
Entrust Certification Authority - L1K
2018-06-22 -
2020-09-21
2 years crt.sh
www.wahealthplanfinder.org
GeoTrust RSA CA 2018
2018-05-02 -
2019-08-01
a year crt.sh
sni139399.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2018-08-16 -
2019-02-22
6 months crt.sh
www.fsu.edu
COMODO RSA Organization Validation Secure Server CA
2018-06-13 -
2020-06-12
2 years crt.sh
*.g.doubleclick.net
Google Internet Authority G3
2018-08-28 -
2018-11-20
3 months crt.sh

This page contains 8 frames:

Primary Page: http://carnaval.jmsmusic.co/enrollment-letter/
Frame ID: 601B247E67329B7D168A85EF1FCE1381
Requests: 48 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20180912/r20180604/zrt_lookup.html
Frame ID: A319F5A9CE2F5F3A1450DCFC1C5F1E76
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20180912/r20180604/show_ads_impl.js
Frame ID: 72E5B3CE2F6E9C63A604CF83D31AFC5F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2847924964309114&output=html&h=280&slotname=2323411288&adk=2334071881&adf=4269902810&w=336&lmt=1537281189&guci=1.2.0.0.2.2.0&format=336x280&url=http%3A%2F%2Fcarnaval.jmsmusic.co%2Fenrollment-letter%2F&flash=0&wgl=1&adsid=NT&dt=1537281189410&bpp=19&bdt=61&fdt=24&idt=133&shv=r20180912&cbv=r20180604&saldr=aa&abxe=1&correlator=6839365392937&frm=20&pv=2&ga_vid=1800984158.1537281190&ga_sid=1537281190&ga_hid=2023154918&ga_fc=0&iag=0&icsg=10920&dssz=12&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=457&ady=179&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&ifi=1&fsb=1&xpc=tFByGWKsPv&p=http%3A//carnaval.jmsmusic.co&dtd=172
Frame ID: D50DB6AC61C019B8C130D1C24DAA24FE
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20180912/r20180604/show_ads_impl.js
Frame ID: 6DFECB2BB26461686DAB2E4D240EBAFC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2847924964309114&output=html&h=280&slotname=2323411288&adk=2334071881&adf=1874828634&w=336&lmt=1537281189&guci=1.2.0.0.2.2.0&format=336x280&url=http%3A%2F%2Fcarnaval.jmsmusic.co%2Fenrollment-letter%2F&flash=0&wgl=1&adsid=NT&dt=1537281189434&bpp=12&bdt=86&fdt=175&idt=177&shv=r20180912&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=336x280&correlator=6839365392937&frm=20&pv=1&ga_vid=1800984158.1537281190&ga_sid=1537281190&ga_hid=2023154918&ga_fc=0&iag=0&icsg=43688&dssz=13&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=457&ady=2674&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&ifi=2&fsb=1&xpc=VJKNlzn54T&p=http%3A//carnaval.jmsmusic.co&dtd=186
Frame ID: 6E8D141E109554DECCFBCC26AEAAA1F4
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20180912/r20180604/show_ads_impl.js
Frame ID: B36C7024026AD453063BFBD5BD6FD9A7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2847924964309114&output=html&h=280&slotname=2323411288&adk=3767829518&adf=2153072432&w=336&lmt=1537281189&guci=1.2.0.0.2.2.0&format=336x280&url=http%3A%2F%2Fcarnaval.jmsmusic.co%2Fenrollment-letter%2F&flash=0&wgl=1&adsid=NT&dt=1537281189446&bpp=10&bdt=97&fdt=191&idt=193&shv=r20180912&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280&correlator=6839365392937&frm=20&pv=1&ga_vid=1800984158.1537281190&ga_sid=1537281190&ga_hid=2023154918&ga_fc=0&iag=0&icsg=43688&dssz=13&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1019&ady=162&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&ifi=3&fsb=1&xpc=nPXeo7mu5u&p=http%3A//carnaval.jmsmusic.co&dtd=210
Frame ID: 8456196B615FA0A439BB70D389058EE5
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
  • env /^google_ad_/i
  • env /^__google_ad_/i
  • env /^Goog_AdSense_/i

Overall confidence: 100%
Detected patterns
  • env /^gaGlobal$/i

Overall confidence: 50%
Detected patterns
  • env /^head$/i

Page Statistics

55
Requests

64 %
HTTPS

30 %
IPv6

35
Domains

38
Subdomains

36
IPs

6
Countries

7840 kB
Transfer

8494 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • http://www.dartmouth.edu/~reg/images/dart_cert_sample.png HTTP 301
  • https://www.dartmouth.edu/~reg/images/dart_cert_sample.png
Request Chain 34
  • https://grad.ucalgary.ca/grad/files/grad/styles/panopoly_image_full/public/step1.png HTTP 302
  • https://grad.ucalgary.ca/files/grad/styles/panopoly_image_full/public/step1.png
Request Chain 35
  • http://s2.studylib.net/store/data/011984315_1-1523c95b01eb3760f433ab1e088888bb-260x520.png HTTP 301
  • https://s2.studylib.net/store/data/011984315_1-1523c95b01eb3760f433ab1e088888bb-260x520.png
Request Chain 40
  • https://sc.my.fsu.edu/var/ezwebin_site/storage/images/media/images/all-common-shared-graphics/enrollment-verification-selection/1168184-1-eng-US/Enrollment-Verification-selection_reference.png HTTP 301
  • http://sc.my.fsu.edu/sites/g/files/imported/storage/images/media/images/all-common-shared-graphics/enrollment-verification-selection/1168184-1-eng-US/Enrollment-Verification-selection_reference.png HTTP 301
  • https://sc.my.fsu.edu/sites/g/files/imported/storage/images/media/images/all-common-shared-graphics/enrollment-verification-selection/1168184-1-eng-US/Enrollment-Verification-selection_reference.png

55 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
carnaval.jmsmusic.co/enrollment-letter/
39 KB
9 KB
Document
General
Full URL
http://carnaval.jmsmusic.co/enrollment-letter/
Protocol
HTTP/1.1
Server
89.163.146.143 Hattersheim, Germany, ASN24961 (MYLOC-AS, DE),
Reverse DNS
sa143.saturn.dedi.server-hosting.expert
Software
Apache /
Resource Hash
e4321f8c4a4a0c46ce234e29c0924dd18842a07d085243c9b90b5393bc62df07

Request headers

Host
carnaval.jmsmusic.co
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
601B247E67329B7D168A85EF1FCE1381

Response headers

Date
Tue, 18 Sep 2018 14:33:07 GMT
Server
Apache
Content-Encoding
gzip
Vary
Accept-Encoding
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
74 KB
27 KB
Script
General
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: carnaval.jmsmusic.co
URL: http://carnaval.jmsmusic.co/enrollment-letter/
Protocol
HTTP/1.1
Server
2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
3508f12bf4034fcd6bd9831b0f6e410f75e167a7a21230cd24a9d98ef71cc3df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://carnaval.jmsmusic.co/enrollment-letter/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Tue, 18 Sep 2018 14:33:09 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
18048134910285286216
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
27517
X-XSS-Protection
1; mode=block
Expires
Tue, 18 Sep 2018 14:33:09 GMT
acceptance-letter.png
developers.google.com/open-source/gsoc/help/images/proof-of-enrollment/
335 KB
336 KB
Image
General
Full URL
https://developers.google.com/open-source/gsoc/help/images/proof-of-enrollment/acceptance-letter.png
Requested by
Host: carnaval.jmsmusic.co
URL: http://carnaval.jmsmusic.co/enrollment-letter/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:820::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
ad98da1a36152a41bbaa821f5f53616d15a82b0ee83c76d4a133aa57137bdc56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://carnaval.jmsmusic.co/enrollment-letter/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
last-modified
Sun, 19 Mar 2017 17:20:06 GMT
server
Google Frontend
date
Tue, 18 Sep 2018 14:33:09 GMT
x-frame-options
SAMEORIGIN
content-language
en
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
x-cloud-trace-context
ba64237c811c87aab1835f97bead1a38
cache-control
must_revalidate, public, max-age=3600
content-type
image/png
vary
Accept-Language
x-xss-protection
1; mode=block
expires
Tue, 18 Sep 2018 15:33:09 GMT
Confirmation-of-Enrollment-Thumbnail.png
www.rocketlawyer.net/static_files/img/document_previews/
7 KB
7 KB
Image
General
Full URL
https://www.rocketlawyer.net/static_files/img/document_previews/Confirmation-of-Enrollment-Thumbnail.png
Requested by
Host: carnaval.jmsmusic.co
URL: http://carnaval.jmsmusic.co/enrollment-letter/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.134.56 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
rl /
Resource Hash
6fc30373e5daebe45e5448d90385c64c51440ca01c985d3279db56ceff6b6b91
Security Headers
Name Value
Strict-Transport-Security max-age=32768000

Request headers

Referer
http://carnaval.jmsmusic.co/enrollment-letter/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=32768000
via
1.1 varnish, 1.1 varnish
etag
"4976c0256aa5352ff08452d3b012df27"
age
51854
x-amz-meta-goog-reserved-file-mtime
1501197933
x-guploader-uploadid
AEnB2UosUkSUDjXxvWo2ExEUwxskauIwcQcjlgVCdIUdLMs5euHSoOkmA0MlAQ-EsX2n-DJGTqaEraY6Q_dt8ni2MUWI_yM4Fw
x-cache
HIT, MISS
x-goog-storage-class
REGIONAL
status
200
content-length
6964
x-served-by
cache-sjc3150-SJC, cache-mad9423-MAD
last-modified
Thu, 27 Jul 2017 23:30:28 GMT
server
rl
x-timer
S1537281190.581183,VS0,VE180
date
Tue, 18 Sep 2018 14:33:09 GMT
x-goog-hash
crc32c=QiC41g==, md5=SXbAJWqlNS/whFLTsBLfJw==
content-language
en
access-control-allow-origin
https://www.rocketlawyer.com
cache-control
public, max-age=7776000, s-maxage=7776000
accept-ranges
bytes
content-type
image/png
x-cache-hits
1, 0
proof-of-enrollment-letter-1-638.jpg
image.slidesharecdn.com/f8ed526b-a726-472d-b5d5-e7e47052e180-160404172755/95/
69 KB
69 KB
Image
General
Full URL
https://image.slidesharecdn.com/f8ed526b-a726-472d-b5d5-e7e47052e180-160404172755/95/proof-of-enrollment-letter-1-638.jpg
Requested by
Host: carnaval.jmsmusic.co
URL: http://carnaval.jmsmusic.co/enrollment-letter/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.80 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-80.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
2a8e20c580b541e6edd357991e5901a33f937cf7b235cf22aaf9189b8f1fd3a4

Request headers

Referer
http://carnaval.jmsmusic.co/enrollment-letter/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id
pF5V8ziZe2DlabMhkZpgfRv5wLi4mkWp
Last-Modified
Mon, 04 Apr 2016 17:27:57 GMT
Server
AmazonS3
x-amz-request-id
E06954B20D574F0F
ETag
"2d97adbe327bfead088720cb0b4c21f5"
x-amz-id-2
SD9GAJYpdwFUM6h8XL1U1dWmUJXwWOJIK/RApodzLXScbm22Cc4hHBLkuHG4xqQOm6pqC4iiwPs=
Content-Type
image/jpeg
Cache-Control
max-age=604800
Date
Tue, 18 Sep 2018 14:33:09 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
70150
X-CDN
AKAM
current-student-letter.png
developers.google.com/open-source/gsoc/help/images/proof-of-enrollment/
99 KB
100 KB
Image
General
Full URL
https://developers.google.com/open-source/gsoc/help/images/proof-of-enrollment/current-student-letter.png
Requested by
Host: carnaval.jmsmusic.co
URL: http://carnaval.jmsmusic.co/enrollment-letter/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:820::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
b63ab4e309f431549f4aca037e667cd0890a5da62b4614d16b2ea99cdc9dc433
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://carnaval.jmsmusic.co/enrollment-letter/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
last-modified
Sun, 19 Mar 2017 17:20:05 GMT
server
Google Frontend
date
Tue, 18 Sep 2018 14:33:09 GMT
x-frame-options
SAMEORIGIN
content-language
en
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
x-cloud-trace-context
e48a754af61cc0c839e51a6e619cf003
cache-control
must_revalidate, public, max-age=3600
content-type
image/png
vary
Accept-Language
x-xss-protection
1; mode=block
expires
Tue, 18 Sep 2018 15:33:09 GMT
FACTS-2.jpg
hcsablog.com/hcblog/files/2016/03/
132 KB
133 KB
Image
General
Full URL
http://hcsablog.com/hcblog/files/2016/03/FACTS-2.jpg
Requested by
Host: carnaval.jmsmusic.co
URL: http://carnaval.jmsmusic.co/enrollment-letter/
Protocol
HTTP/1.1
Server
50.62.242.1 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
p3nlhg1012c2012.shr.prod.phx3.secureserver.net
Software
Apache /
Resource Hash
74860e6394e32cdb7cbfbcbf06ddbe2be3ffa206b58558e90a2a0a9d15a193ac

Request headers

Referer
http://carnaval.jmsmusic.co/enrollment-letter/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 18 Sep 2018 14:33:09 GMT
Last-Modified
Thu, 31 Mar 2016 11:46:38 GMT
Server
Apache
ETag
"4464b32ac7148275f064a617cc8a0b39"
Content-Type
image/jpeg
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
135633
Expires
Fri, 19 Nov 2021 00:19:49 GMT
100498860.png
www.pdffiller.com/preview/100/498/
148 KB
149 KB
Image
General
Full URL
https://www.pdffiller.com/preview/100/498/100498860.png
Requested by
Host: carnaval.jmsmusic.co
URL: http://carnaval.jmsmusic.co/enrollment-letter/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:19b::3c9a , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
nginx /
Resource Hash
e529f23fddb5ab25f214c37945e933de8c639c44809fc140547160b44c663bc6

Request headers

Referer
http://carnaval.jmsmusic.co/enrollment-letter/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 18 Sep 2018 14:33:10 GMT
last-modified
Mon, 05 Sep 2016 21:39:09 GMT
server
nginx
etag
"cd6ace1c9ddd836acd4b4c6a462785c7"
content-type
image/png
status
200
cache-control
public, max-age=86400
content-length
152063
accept-ranges
bytes
x-img-cache
MISS
expires
Wed, 19 Sep 2018 14:33:10 GMT
open-enrollment-letter-to-employees-the-letter-sample-within-open-enrollment-letter-to-employees.png
stimulprofit.com/wp-content/uploads/2017/07/
374 KB
374 KB
Image
General
Full URL
http://stimulprofit.com/wp-content/uploads/2017/07/open-enrollment-letter-to-employees-the-letter-sample-within-open-enrollment-letter-to-employees.png
Requested by
Host: carnaval.jmsmusic.co
URL: http://carnaval.jmsmusic.co/enrollment-letter/
Protocol
HTTP/1.1
Server
45.77.110.16 Matawan, United States, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
45.77.110.16.vultr.com
Software
LiteSpeed /
Resource Hash
094ea542bbbada91b44b0d86f11108da6e7d4fca9094a754d814d643d0f2df36

Request headers

Referer
http://carnaval.jmsmusic.co/enrollment-letter/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 18 Sep 2018 14:33:09 GMT
Last-Modified
Wed, 26 Jul 2017 14:16:56 GMT
Server
LiteSpeed
Etag
"5d701-5978a458-21d2b0"
Content-Type
image/png
Cache-Control
public, max-age=604800
Accept-Ranges
bytes
Content-Length
382721
Expires
Tue, 25 Sep 2018 14:33:09 GMT
st11cs90_05.gif
web2.uconn.edu/pshelp/student/images/
25 KB
25 KB
Image
General
Full URL
https://web2.uconn.edu/pshelp/student/images/st11cs90_05.gif
Requested by
Host: carnaval.jmsmusic.co
URL: http://carnaval.jmsmusic.co/enrollment-letter/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.99.25.182 Storrs Mansfield, United States, ASN13796 (UCONN-ARIN - University of Connecticut, US),
Reverse DNS
nosbird.org
Software
Apache/2.2.15 (Red Hat) /
Resource Hash
31ccb8b71232a8e9768318e93791c38e48bca8341167a406d1df7d59a052cc63

Request headers

Referer
http://carnaval.jmsmusic.co/enrollment-letter/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 18 Sep 2018 14:33:10 GMT
Last-Modified
Wed, 06 May 2009 18:44:01 GMT
Server
Apache/2.2.15 (Red Hat)
ETag
"12e1958-62d1-46942c766be40"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
25297
rpt_EnrollmentRenewalLetter.gif
www.schoolleader.com/SchoolLeader%20Online%20Guide/
5 KB
5 KB
Image
General
Full URL
http://www.schoolleader.com/SchoolLeader%20Online%20Guide/rpt_EnrollmentRenewalLetter.gif
Requested by
Host: carnaval.jmsmusic.co
URL: http://carnaval.jmsmusic.co/enrollment-letter/
Protocol
HTTP/1.1
Server
23.96.80.131 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
7497060b1e18dd7009d0805ecc88c430cbc7bc378800e64e689b94bca2152c7c

Request headers

Referer
http://carnaval.jmsmusic.co/enrollment-letter/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 18 Sep 2018 14:33:10 GMT
Last-Modified
Sun, 09 Jan 2000 23:25:39 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"802acad6f85abf1:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
5265
collection-of-solutions-8-school-letter-of-intent-templates-%E2%80%93-free-sample-example-format-in-sample-letter-of-intent-for-college-enrollment-of-sample-letter-of-intent-for-college-enrollment.jpg
granitestateartsmarket.com/wp-content/uploads/2018/02/
111 KB
112 KB
Image
General
Full URL
https://granitestateartsmarket.com/wp-content/uploads/2018/02/collection-of-solutions-8-school-letter-of-intent-templates-%E2%80%93-free-sample-example-format-in-sample-letter-of-intent-for-college-enrollment-of-sample-letter-of-intent-for-college-enrollment.jpg
Requested by
Host: carnaval.jmsmusic.co
URL: http://carnaval.jmsmusic.co/enrollment-letter/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::681c:1390 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ab97f94053b3db11d06cbfbfbed439f9a263ba2d1d11b9d271bc2f218d6cf28

Request headers

Referer
http://carnaval.jmsmusic.co/enrollment-letter/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 18 Sep 2018 14:33:10 GMT
cf-cache-status
MISS
last-modified
Mon, 19 Feb 2018 11:53:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
45c486a9ee8897e6-FRA
content-length
114131
expires
Tue, 18 Sep 2018 18:33:10 GMT
1472167492527.png
www.sfu.ca/content/sfu/students/records/confirmation-of-enrollment/jcr:content/main_content/image_0.img.1280.high.png/
47 KB
47 KB
Image
General
Full URL
https://www.sfu.ca/content/sfu/students/records/confirmation-of-enrollment/jcr:content/main_content/image_0.img.1280.high.png/1472167492527.png
Requested by
Host: carnaval.jmsmusic.co
URL: http://carnaval.jmsmusic.co/enrollment-letter/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
142.58.102.68 Burnaby, Canada, ASN11105 (SFU-AS - Simon Fraser University, CA),
Reverse DNS
buntzenf.sfu.ca
Software
Apache /
Resource Hash
d756f51a6d42e7e23ed0a73414dd4b4a00c0ee67f243b92150e10e7d74b08c91
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://carnaval.jmsmusic.co/enrollment-letter/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 18 Sep 2018 14:33:09 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 25 Aug 2016 23:24:52 GMT
Server
Apache
box
b4 D=159307 t=1537281189916306
Transfer-Encoding
chunked
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Keep-Alive
timeout=2, max=200
SSS-agencyletter-495x400.png
studentclearinghouse.info/onestop/wp-content/uploads/
28 KB
28 KB
Image
General
Full URL
https://studentclearinghouse.info/onestop/wp-content/uploads/SSS-agencyletter-495x400.png
Requested by
Host: carnaval.jmsmusic.co
URL: http://carnaval.jmsmusic.co/enrollment-letter/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.70.115.38 Culver City, United States, ASN31815 (MEDIATEMPLE - Media Temple, Inc., US),
Reverse DNS
nscnews.org
Software
nginx / PleskLin
Resource Hash
22f9b35c57b90a02d6e074a1f0ee96e9f72342af0e2e6c6d2795e1501d86ab9a

Request headers

Referer
http://carnaval.jmsmusic.co/enrollment-letter/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 18 Sep 2018 14:33:09 GMT
ETag
"55799030-7019"
Last-Modified
Thu, 11 Jun 2015 13:42:08 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28697
Expires
Thu, 18 Oct 2018 14:33:09 GMT
TEFL%20Enrollment%20proof_Sample.jpg
www.korvia.com/downloads/EPIK/
1 MB
1 MB
Image
General
Full URL
https://www.korvia.com/downloads/EPIK/TEFL%20Enrollment%20proof_Sample.jpg
Requested by
Host: carnaval.jmsmusic.co
URL: http://carnaval.jmsmusic.co/enrollment-letter/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.203.142.153 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
153.142.203.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
d91b2751b125fe0c18142bdf9b7fc7cc448d4caeca85ad4760140a77e4e34771

Request headers

Referer
http://carnaval.jmsmusic.co/enrollment-letter/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type
static/generic
date
Tue, 18 Sep 2018 14:33:09 GMT
last-modified
Mon, 16 Apr 2018 10:02:23 GMT
server
nginx
status
200
etag
"5ad474af-1014dc"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
1053916
141878.png
www.pdffiller.com/preview/0/141/
6 KB
7 KB
Image
General
Full URL
https://www.pdffiller.com/preview/0/141/141878.png
Requested by
Host: carnaval.jmsmusic.co
URL: http://carnaval.jmsmusic.co/enrollment-letter/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:19b::3c9a , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
nginx /
Resource Hash
42ea4720deba0e5c0f5651914567dc46ca4bd334e88487ae49c45957100b11d9

Request headers

Referer
http://carnaval.jmsmusic.co/enrollment-letter/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 18 Sep 2018 14:33:09 GMT
last-modified
Fri, 15 Dec 2017 20:20:53 GMT
server
nginx
etag
"87bacb79feb8470d025e21db159564b0"
content-type
image/png
status
200
cache-control
public, max-age=86400
content-length
6635
accept-ranges
bytes
x-img-cache
MISS
expires
Wed, 19 Sep 2018 14:33:09 GMT
RffzwozdJTJTMt6w0GqTKV3Wj6aXqkj10P7pRoBUYXviFMjU.jpg
1.cdn.edl.io/
140 KB
140 KB
Image
General
Full URL
https://1.cdn.edl.io/RffzwozdJTJTMt6w0GqTKV3Wj6aXqkj10P7pRoBUYXviFMjU.jpg
Requested by
Host: carnaval.jmsmusic.co
URL: http://carnaval.jmsmusic.co/enrollment-letter/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:dc00:5:bc52:5840:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3ee29a553bd36f08a28e4ba511c600390a1b634bccba86cccfa8eed2864d2074

Request headers

Referer
http://carnaval.jmsmusic.co/enrollment-letter/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 18 Sep 2018 14:33:10 GMT
via
1.1 8391f131e4acb30724947dab1f8592a5.cloudfront.net (CloudFront)
last-modified
Wed, 11 Oct 2017 19:43:57 GMT
server
AmazonS3
etag
"60bb35b676fd2c0212c8e9dd39b32d87"
x-cache
Miss from cloudfront
x-amz-version-id
ukBWrtBfaZHMzo7dPHmG74WSHCBLLsvm
status
200
cache-control
max-age=31536000, public
content-disposition
inline; filename="Reagan%20Enrollment%20Letter-Request-page-001.jpg"; filename*=UTF-8''Reagan%20Enrollment%20Letter-Request-page-001.jpg
accept-ranges
bytes
content-type
image/jpeg
content-length
143077
x-amz-cf-id
lgEeD_j_VDs5Iep22S8nYVnaw9LFEpotW5xKJNp73gwxogBrDkUsIw==
page_1_thumb_large.jpg
image.isu.pub/151014205659-ddf28263ab0481b1d10d46b752fd0a4b/jpg/
20 KB
21 KB
Image
General
Full URL
https://image.isu.pub/151014205659-ddf28263ab0481b1d10d46b752fd0a4b/jpg/page_1_thumb_large.jpg
Requested by
Host: carnaval.jmsmusic.co
URL: http://carnaval.jmsmusic.co/enrollment-letter/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.134.110 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
002fe232f428a08bcbb7dc5875e8a0b4d8f672969ed7b81f6ca1fa540d2ad06e

Request headers

Referer
http://carnaval.jmsmusic.co/enrollment-letter/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 18 Sep 2018 14:33:09 GMT
via
1.1 varnish, 1.1 varnish
age
1044296
x-cache
HIT, MISS
status
200
content-length
20770
x-amz-id-2
Ieq7dL660SrcJADhr0/aBHDMcuzVV5HasEm5iJLt9nD+5Cdg0tVNrwnpVDniAUVc9dbb3WqhA0E=
x-served-by
cache-iad2135-IAD, cache-mad9450-MAD
last-modified
Wed, 14 Oct 2015 20:57:07 GMT
server
AmazonS3
x-timer
S1537281189.418891,VS0,VE97
etag
"3be85971032b5191c5d6387cfaf65592"
fastly-debug-digest
e3df8143b730bffafd0f5934404a79aad49756830a34b276e3e7ecfbb7bcc9a8
x-amz-request-id
14D7777774B42F53
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
1, 0
HutchLetter.png
media.khi.org/img/news/documents/2014/01/29/
2 MB
2 MB
Image
General
Full URL
http://media.khi.org/img/news/documents/2014/01/29/HutchLetter.png
Requested by
Host: carnaval.jmsmusic.co
URL: http://carnaval.jmsmusic.co/enrollment-letter/
Protocol
HTTP/1.1
Server
216.243.141.106 Saint Paul, United States, ASN7753 (GREENCLOUD - ipHouse, US),
Reverse DNS
msp-iph243-2106.arcustech.com
Software
Apache /
Resource Hash
a54df398650882e26be6d3a047bfffaed879f1dc6dac99fdc9a949510a3ac1c0

Request headers

Referer
http://carnaval.jmsmusic.co/enrollment-letter/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 18 Sep 2018 14:33:09 GMT
Last-Modified
Wed, 29 Jan 2014 15:41:55 GMT
Server
Apache
ETag
"230e54-4f11dc7c896c0"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=150
Content-Length
2297428
395945206.png
www.pdffiller.com/preview/395/945/
11 KB
12 KB
Image
General
Full URL
https://www.pdffiller.com/preview/395/945/395945206.png
Requested by
Host: carnaval.jmsmusic.co
URL: http://carnaval.jmsmusic.co/enrollment-letter/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:19b::3c9a , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
nginx /
Resource Hash
087aa45be9296b76fc6b1a27214d6a632dd990c7e8d8503b70f7b94d1a171658

Request headers

Referer
http://carnaval.jmsmusic.co/enrollment-letter/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 18 Sep 2018 14:33:09 GMT
last-modified
Sat, 14 Jan 2017 05:42:19 GMT
server
nginx
etag
"8a1f327d1bbe60b257d6e60d3de06a1b"
content-type
image/png
status
200
cache-control
public, max-age=86400
content-length
11736
accept-ranges
bytes
x-img-cache
MISS
expires
Wed, 19 Sep 2018 14:33:09 GMT
letter-of-intent-to-enroll-in-school-free-letter-of-intent-for-school-enrollment-word-sample-download.jpg
jeffbuckley.info/wp-content/uploads/2018/04/
111 KB
111 KB
Image
General
Full URL
http://jeffbuckley.info/wp-content/uploads/2018/04/letter-of-intent-to-enroll-in-school-free-letter-of-intent-for-school-enrollment-word-sample-download.jpg
Requested by
Host: carnaval.jmsmusic.co
URL: http://carnaval.jmsmusic.co/enrollment-letter/
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6812:2cb8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c42c177b4c66f0c9dc5d8b2d1add76a8131758656829c2e4afd5606fa48754b8

Request headers

Referer
http://carnaval.jmsmusic.co/enrollment-letter/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 18 Sep 2018 14:33:09 GMT
CF-Cache-Status
MISS
Last-Modified
Fri, 06 Apr 2018 13:09:19 GMT
Server
cloudflare
ETag
"1bac5-5692dc39d4011"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
45c486aa802596b8-FRA
Content-Length
113349
Expires
Tue, 18 Sep 2018 18:33:09 GMT
College-Enrollment-Application-Letter-232x300.jpg
writeletter2.com/wp-content/uploads/2016/08/
16 KB
16 KB
Image
General
Full URL
http://writeletter2.com/wp-content/uploads/2016/08/College-Enrollment-Application-Letter-232x300.jpg
Requested by
Host: carnaval.jmsmusic.co
URL: http://carnaval.jmsmusic.co/enrollment-letter/
Protocol
HTTP/1.1
Server
192.185.67.238 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
ccc728a73ca36e40ac087bf506e1e713ae5ca6fbf3f447840d5d1fb0728d51de

Request headers

Referer
http://carnaval.jmsmusic.co/enrollment-letter/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 18 Sep 2018 14:33:09 GMT
Last-Modified
Mon, 15 Aug 2016 08:33:13 GMT
Server
nginx/1.14.0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16274
Content-Type
image/jpeg
gcsrt-enrollment-verificationdr-dorna-sheikh-1-638.jpg
image.slidesharecdn.com/d45a3c8f-5938-40a3-ab39-0e03aeb0c867-160619101903/95/
61 KB
62 KB
Image
General
Full URL
https://image.slidesharecdn.com/d45a3c8f-5938-40a3-ab39-0e03aeb0c867-160619101903/95/gcsrt-enrollment-verificationdr-dorna-sheikh-1-638.jpg
Requested by
Host: carnaval.jmsmusic.co
URL: http://carnaval.jmsmusic.co/enrollment-letter/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.80 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-80.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
cfbad5c992ac842ab2fdda27728d52ae8096111b2b41863a746bde4355787dd6

Request headers

Referer
http://carnaval.jmsmusic.co/enrollment-letter/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id
zWD9OGdy9kax2TC31WvbSdpMtSUsqsJT
Last-Modified
Sun, 19 Jun 2016 10:19:05 GMT
Server
AmazonS3
x-amz-request-id
24A80ED0D45D02B5
ETag
"5466311c9133532048fd2b864148cd22"
x-amz-id-2
fZ15/NpszBqmJaXuhnBFavkGletbtgSVSTLM5jVTUjB5tNZO9il5gyrxno/sUS2VaG23sWK9RI8=
Content-Type
image/jpeg
Cache-Control
max-age=604800
Date
Tue, 18 Sep 2018 14:33:09 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
62793
X-CDN
AKAM
dcps.jpg
dcsafe.org/wp-content/uploads/2012/08/
85 KB
85 KB
Image
General
Full URL
http://dcsafe.org/wp-content/uploads/2012/08/dcps.jpg
Requested by
Host: carnaval.jmsmusic.co
URL: http://carnaval.jmsmusic.co/enrollment-letter/
Protocol
HTTP/1.1
Server
132.148.50.109 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-132-148-50-109.ip.secureserver.net
Software
Apache /
Resource Hash
01e335398cb3b2531cbd0d3516bf4981a2f9c9a7f0daa7b4f66af933b619fe6f

Request headers

Referer
http://carnaval.jmsmusic.co/enrollment-letter/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 18 Sep 2018 14:33:09 GMT
Last-Modified
Fri, 24 Aug 2012 16:19:28 GMT
Server
Apache
ETag
"15231-4c80557118400"
Content-Type
image/jpeg
Cache-Control
max-age=5184000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
86577
Expires
Sat, 17 Nov 2018 14:33:09 GMT
DUAL-ENROLLMENT-LETTER-TO-SUPERINTENDENTS.jpg
www.eyeonyavapaicollege.com/wp-content/uploads/
81 KB
74 KB
Image
General
Full URL
http://www.eyeonyavapaicollege.com/wp-content/uploads/DUAL-ENROLLMENT-LETTER-TO-SUPERINTENDENTS.jpg
Requested by
Host: carnaval.jmsmusic.co
URL: http://carnaval.jmsmusic.co/enrollment-letter/
Protocol
HTTP/1.1
Server
66.147.244.120 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
box820.bluehost.com
Software
nginx/1.14.0 /
Resource Hash
2397c9beb3bd11d44214511a7ddc1bbf2c4af34fd0519791ec4ad4350818e72e

Request headers

Referer
http://carnaval.jmsmusic.co/enrollment-letter/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 18 Sep 2018 14:33:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 02 Jul 2015 17:20:29 GMT
Server
nginx/1.14.0
Vary
Accept-Encoding
Content-Type
image/jpeg
Transfer-Encoding
chunked
X-Acc-Exp
600
Connection
keep-alive
X-Proxy-Cache
BYPASS www.eyeonyavapaicollege.com
dart_cert_sample.png
www.dartmouth.edu/~reg/images/
Redirect Chain
  • http://www.dartmouth.edu/~reg/images/dart_cert_sample.png
  • https://www.dartmouth.edu/~reg/images/dart_cert_sample.png
528 KB
528 KB
Image
General
Full URL
https://www.dartmouth.edu/~reg/images/dart_cert_sample.png
Requested by
Host: carnaval.jmsmusic.co
URL: http://carnaval.jmsmusic.co/enrollment-letter/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
129.170.204.87 Hanover, United States, ASN10755 (DARTMOUTH-AS - Dartmouth College, US),
Reverse DNS
Software
Apache/2.4.6 (Red Hat Enterprise Linux) PHP/5.6.37 mod_python/3.5.0- Python/2.7.5 mod_perl/2.0.10 Perl/v5.16.3 /
Resource Hash
0a97e16b3c7d72a28d11623c188136198e5010845df529b5802a287d3fc39110

Request headers

Referer
http://carnaval.jmsmusic.co/enrollment-letter/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 18 Sep 2018 14:33:10 GMT
Last-Modified
Thu, 05 Apr 2012 13:20:04 GMT
Server
Apache/2.4.6 (Red Hat Enterprise Linux) PHP/5.6.37 mod_python/3.5.0- Python/2.7.5 mod_perl/2.0.10 Perl/v5.16.3
ETag
"83fdb-4bcee65dc0900"
Content-Type
image/png
X-Cnection
close
Accept-Ranges
bytes
Content-Length
540635

Redirect headers

Location
https://www.dartmouth.edu/~reg/images/dart_cert_sample.png
Date
Tue, 18 Sep 2018 14:33:09 GMT
X-Cnection
close
Server
Apache/2.4.6 (Red Hat Enterprise Linux) PHP/5.6.37 mod_python/3.5.0- Python/2.7.5 mod_perl/2.0.10 Perl/v5.16.3
Content-Length
437
Content-Type
text/html; charset=iso-8859-1
re-enrollment-letter-20142015-1-638.jpg
image.slidesharecdn.com/re-enrollmentletter2014-2015-140214031130-phpapp02/95/
139 KB
140 KB
Image
General
Full URL
https://image.slidesharecdn.com/re-enrollmentletter2014-2015-140214031130-phpapp02/95/re-enrollment-letter-20142015-1-638.jpg
Requested by
Host: carnaval.jmsmusic.co
URL: http://carnaval.jmsmusic.co/enrollment-letter/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.80 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-80.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a2c347f14c2dc771c1236a68708b39fb20a8f6181be2cb21ca7590ec95d9ca1f

Request headers

Referer
http://carnaval.jmsmusic.co/enrollment-letter/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id
vw5WoXZfWAgJ18BNFkNgdyWptV61_mZ7
Last-Modified
Fri, 14 Feb 2014 09:11:36 GMT
Server
AmazonS3
x-amz-request-id
8A3425714AF733FD
ETag
"92519645903a029e2803d71549182504"
x-amz-id-2
jHkUc4PuWal5V3f1l9JFdGLIO1Xk8V7GG3Ei6j3PP9oCKzuh4TxhhLfh6eAta8c1EGvI/51+79Y=
Content-Type
image/jpeg
Cache-Control
max-age=604800
Date
Tue, 18 Sep 2018 14:33:09 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
142771
X-CDN
AKAM
step-1-ev-letter.gif
www.ucalgary.ca/registrar/files/registrar/
17 KB
18 KB
Image
General
Full URL
https://www.ucalgary.ca/registrar/files/registrar/step-1-ev-letter.gif
Requested by
Host: carnaval.jmsmusic.co
URL: http://carnaval.jmsmusic.co/enrollment-letter/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
136.159.96.125 Calgary, Canada, ASN33091 (U-CALGARY - University of Calgary, CA),
Reverse DNS
www.ucalgary.ca
Software
Apache/2.2.15 (Red Hat) /
Resource Hash
710e7af32e9c06f68869c07aa2f561afb925ad07aa91bcddef12aa2626e8531e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://carnaval.jmsmusic.co/enrollment-letter/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 18 Sep 2018 14:33:10 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 08 Mar 2016 04:23:45 GMT
Server
Apache/2.2.15 (Red Hat)
Cache-Control
max-age=1209600
ETag
"c0f3bb46-4524-52d81f26fd640"
Content-Type
image/gif
X-Cnection
close
Accept-Ranges
bytes
Content-Length
17700
Expires
Tue, 02 Oct 2018 14:33:10 GMT
12129653.png
www.pdffiller.com/preview/12/129/
9 KB
9 KB
Image
General
Full URL
https://www.pdffiller.com/preview/12/129/12129653.png
Requested by
Host: carnaval.jmsmusic.co
URL: http://carnaval.jmsmusic.co/enrollment-letter/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:19b::3c9a , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
nginx /
Resource Hash
df68cad6c331587b6a147494f6de1699146a8e8bdc3d8f5c76a33f3c40a2791d

Request headers

Referer
http://carnaval.jmsmusic.co/enrollment-letter/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 18 Sep 2018 14:33:09 GMT
last-modified
Sat, 16 Dec 2017 22:18:51 GMT
server
nginx
etag
"f9f5fcf4196a97a912cc057aa3db44e5"
content-type
image/png
status
200
cache-control
public, max-age=86400
content-length
9090
accept-ranges
bytes
x-img-cache
MISS
expires
Wed, 19 Sep 2018 14:33:09 GMT
degree-verification-letter-sample-enrollment-verification-letter-sample_201192.png
iwsp5.org/wp-content/uploads/2018/04/
64 KB
64 KB
Image
General
Full URL
http://iwsp5.org/wp-content/uploads/2018/04/degree-verification-letter-sample-enrollment-verification-letter-sample_201192.png
Requested by
Host: carnaval.jmsmusic.co
URL: http://carnaval.jmsmusic.co/enrollment-letter/
Protocol
HTTP/1.1
Server
67.222.22.151 Seattle, United States, ASN63410 (PRIVATESYSTEMS - PrivateSystems Networks, US),
Reverse DNS
host.intern-resume.com
Software
Apache /
Resource Hash
eacc7914a7337c882d35e9f384f811fa5517c1f543aaddf0266c9aa7697e8e42

Request headers

Referer
http://carnaval.jmsmusic.co/enrollment-letter/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 18 Sep 2018 14:33:10 GMT
Last-Modified
Wed, 18 Apr 2018 03:07:31 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
65513
69551409.gif
www.irs.gov/pub/xml_bc/
71 KB
72 KB
Image
General
Full URL
https://www.irs.gov/pub/xml_bc/69551409.gif
Requested by
Host: carnaval.jmsmusic.co
URL: http://carnaval.jmsmusic.co/enrollment-letter/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1400:d:591::f50 , United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
c5bb690bdd3caaa62c24b5f34dff4878865d9b75d629df81a4068f33ff57bc75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
http://carnaval.jmsmusic.co/enrollment-letter/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
35, 35
date
Tue, 18 Sep 2018 14:33:10 GMT
x-content-type-options
nosniff
x-edgeconnect-midmile-rtt
0, 1
status
200
x-age
0
x-ah-environment
prod
content-length
72922
x-request-id
v-c42087b2-bb4f-11e8-9aa3-0a61c2814d26
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security
max-age=31536000
x-varnish
1011385475
cache-control
max-age=86400
accept-ranges
bytes
content-type
image/gif
expires
Wed, 19 Sep 2018 14:33:10 GMT
1472167452240.png
www.sfu.ca/content/sfu/students/records/confirmation-of-enrollment/jcr:content/main_content/image.img.1280.high.png/
24 KB
24 KB
Image
General
Full URL
https://www.sfu.ca/content/sfu/students/records/confirmation-of-enrollment/jcr:content/main_content/image.img.1280.high.png/1472167452240.png
Requested by
Host: carnaval.jmsmusic.co
URL: http://carnaval.jmsmusic.co/enrollment-letter/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
142.58.102.68 Burnaby, Canada, ASN11105 (SFU-AS - Simon Fraser University, CA),
Reverse DNS
buntzenf.sfu.ca
Software
Apache /
Resource Hash
cc8e4e9ddc14854f8056c004e5e4611aa5422a35fe477d096f1b4e5d4e0c01b8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://carnaval.jmsmusic.co/enrollment-letter/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 18 Sep 2018 14:33:10 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 25 Aug 2016 23:24:12 GMT
Server
Apache
box
b5 D=32894 t=1537281190361186
Transfer-Encoding
chunked
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Keep-Alive
timeout=2, max=200
step-2-ev-letter.gif
www.ucalgary.ca/registrar/files/registrar/
46 KB
46 KB
Image
General
Full URL
https://www.ucalgary.ca/registrar/files/registrar/step-2-ev-letter.gif
Requested by
Host: carnaval.jmsmusic.co
URL: http://carnaval.jmsmusic.co/enrollment-letter/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
136.159.96.125 Calgary, Canada, ASN33091 (U-CALGARY - University of Calgary, CA),
Reverse DNS
www.ucalgary.ca
Software
Apache/2.2.15 (Red Hat) /
Resource Hash
83947075161da038579040223e11f76522d63beee23a873196a6eed96a5921fa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://carnaval.jmsmusic.co/enrollment-letter/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 18 Sep 2018 14:33:10 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 08 Mar 2016 04:28:20 GMT
Server
Apache/2.2.15 (Red Hat)
Cache-Control
max-age=1209600
ETag
"c0f3bb47-b641-52d8202d40100"
Content-Type
image/gif
X-Cnection
close
Accept-Ranges
bytes
Content-Length
46657
Expires
Tue, 02 Oct 2018 14:33:10 GMT
HBE_CC_170822_EE017-Time-to-renew-your-coverage-thumbnail_Page_01-232x300.png
www.wahbexchange.org/wp-content/uploads/2015/10/
30 KB
30 KB
Image
General
Full URL
https://www.wahbexchange.org/wp-content/uploads/2015/10/HBE_CC_170822_EE017-Time-to-renew-your-coverage-thumbnail_Page_01-232x300.png
Requested by
Host: carnaval.jmsmusic.co
URL: http://carnaval.jmsmusic.co/enrollment-letter/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.33.94 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-33-94.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
ac599c1ed11feea50a7fe8573e148fef75cf02b448cbeebe75d86eae37f7082f

Request headers

Referer
http://carnaval.jmsmusic.co/enrollment-letter/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 18 Sep 2018 14:33:10 GMT
xkey
odbtiunrUoc8z2AqznAk InCJ151E1JSKztRG0klo
X-Pantheon-Environment
live
Connection
keep-alive
Content-Length
30511
Surrogate-Key
odbtiunrUoc8z2AqznAk InCJ151E1JSKztRG0klo
Last-Modified
Wed, 23 Aug 2017 17:04:17 GMT
Server
nginx
Cache-Control
max-age=11688
ETag
"599db591-772f"
X-Varnish
689146964
X-Styx-Req-Id
styx-7d16dc427c4a65719937cd65ce14d573
Expires
Tue, 18 Sep 2018 17:47:58 GMT
Surrogate-Key-Raw
Accept-Ranges
bytes
Content-Type
image/png
X-Pantheon-Site
17243bbe-a0ee-498f-82d3-355aa77390b0
X-Pantheon-Styx-Hostname
styx1620eba7
Enrollment%20Verification.png
www.miracosta.edu/studentservices/studenthelp/tutorials/surf/Images/
115 KB
115 KB
Image
General
Full URL
http://www.miracosta.edu/studentservices/studenthelp/tutorials/surf/Images/Enrollment%20Verification.png
Requested by
Host: carnaval.jmsmusic.co
URL: http://carnaval.jmsmusic.co/enrollment-letter/
Protocol
HTTP/1.1
Server
209.129.30.14 Oceanside, United States, ASN2152 (CSUNET-NW - California State University, Office of the Chancellor, US),
Reverse DNS
www.miracosta.edu
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
774150796edf3065963d2b1b9d7f6de7fb1073feb57044501183b1c5d6baea0f

Request headers

Referer
http://carnaval.jmsmusic.co/enrollment-letter/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 18 Sep 2018 14:33:10 GMT
Last-Modified
Wed, 21 Sep 2016 01:07:42 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"043b28da413d21:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
117383
step1.png
grad.ucalgary.ca/files/grad/styles/panopoly_image_full/public/
Redirect Chain
  • https://grad.ucalgary.ca/grad/files/grad/styles/panopoly_image_full/public/step1.png
  • https://grad.ucalgary.ca/files/grad/styles/panopoly_image_full/public/step1.png
106 KB
106 KB
Image
General
Full URL
https://grad.ucalgary.ca/files/grad/styles/panopoly_image_full/public/step1.png
Requested by
Host: carnaval.jmsmusic.co
URL: http://carnaval.jmsmusic.co/enrollment-letter/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
136.159.96.125 Calgary, Canada, ASN33091 (U-CALGARY - University of Calgary, CA),
Reverse DNS
www.ucalgary.ca
Software
Apache/2.2.15 (Red Hat) /
Resource Hash
5c6d067d73f2bf19f2ec19f97302c1393bfbea8fc4b0300ec5d4481baf897b28
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://carnaval.jmsmusic.co/enrollment-letter/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 18 Sep 2018 14:33:10 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 28 Aug 2012 03:33:22 GMT
Server
Apache/2.2.15 (Red Hat)
Cache-Control
max-age=1209600
ETag
"c0f65f84-1a7b8-4c84b1aa58480"
Content-Type
image/png
X-Cnection
close
Accept-Ranges
bytes
Content-Length
108472
Expires
Tue, 02 Oct 2018 14:33:10 GMT

Redirect headers

Location
https://grad.ucalgary.ca/files/grad/styles/panopoly_image_full/public/step1.png
Date
Tue, 18 Sep 2018 14:33:10 GMT
X-Cnection
close
Server
Apache/2.2.15 (Red Hat)
Content-Length
347
Content-Type
text/html; charset=iso-8859-1
011984315_1-1523c95b01eb3760f433ab1e088888bb-260x520.png
s2.studylib.net/store/data/
Redirect Chain
  • http://s2.studylib.net/store/data/011984315_1-1523c95b01eb3760f433ab1e088888bb-260x520.png
  • https://s2.studylib.net/store/data/011984315_1-1523c95b01eb3760f433ab1e088888bb-260x520.png
9 KB
10 KB
Image
General
Full URL
https://s2.studylib.net/store/data/011984315_1-1523c95b01eb3760f433ab1e088888bb-260x520.png
Requested by
Host: carnaval.jmsmusic.co
URL: http://carnaval.jmsmusic.co/enrollment-letter/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::ac40:8217 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
862859140dc8f375e26efba5ce167f0365f5e6cafb0d02ea0ebc2d7555644132

Request headers

Referer
http://carnaval.jmsmusic.co/enrollment-letter/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 18 Sep 2018 14:33:10 GMT
content-encoding
gzip
cf-cache-status
MISS
display
staticcontent_sol
status
200
x-middleton-display
staticcontent_sol
x-middleton-response
200
response
200
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin,Accept-Encoding,X-APP-JSON
content-type
image/png
cache-control
public, max-age=2592000
cf-ray
45c486b02b679706-FRA
link
<http://studylib.net/doc/011984315>; rel="canonical"
expires
Thu, 18 Oct 2018 14:33:10 GMT

Redirect headers

Date
Tue, 18 Sep 2018 14:33:10 GMT
Server
cloudflare
Vary
Accept-Encoding
Location
https://s2.studylib.net/store/data/011984315_1-1523c95b01eb3760f433ab1e088888bb-260x520.png
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
45c486afd60a64bd-FRA
Expires
Tue, 18 Sep 2018 15:33:10 GMT
Sample-enrollment-letter.jpg
www.handskorea.com/wp-content/uploads/2018/04/
81 KB
81 KB
Image
General
Full URL
http://www.handskorea.com/wp-content/uploads/2018/04/Sample-enrollment-letter.jpg
Requested by
Host: carnaval.jmsmusic.co
URL: http://carnaval.jmsmusic.co/enrollment-letter/
Protocol
HTTP/1.1
Server
183.111.182.213 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
nginx /
Resource Hash
891f22107256c0fa845c5c42cc70cf2ac1b055a3c07aefd2448a766354808396

Request headers

Referer
http://carnaval.jmsmusic.co/enrollment-letter/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 18 Sep 2018 14:33:10 GMT
Last-Modified
Mon, 23 Apr 2018 06:35:42 GMT
Server
nginx
ETag
"fd8df7-14316-5add7ebe"
P3P
CP='NOI CURa ADMa DEVa TAIa OUR DELa BUS IND PHY ONL UNI COM NAV INT DEM PRE'
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
82710
1389127995524.JPG
www.sfu.ca/content/sfu/dean-gradstudies/blog/year/2013/04/ConfirmationofEnrollment/jcr:content/main_content/image_0.img.1280.high.jpg/
20 KB
20 KB
Image
General
Full URL
https://www.sfu.ca/content/sfu/dean-gradstudies/blog/year/2013/04/ConfirmationofEnrollment/jcr:content/main_content/image_0.img.1280.high.jpg/1389127995524.JPG
Requested by
Host: carnaval.jmsmusic.co
URL: http://carnaval.jmsmusic.co/enrollment-letter/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
142.58.102.68 Burnaby, Canada, ASN11105 (SFU-AS - Simon Fraser University, CA),
Reverse DNS
buntzenf.sfu.ca
Software
Apache /
Resource Hash
e49d452fba3cd6b0f98ccc918d54acf07b4a944c51252dd4ed3261d41016cba3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://carnaval.jmsmusic.co/enrollment-letter/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 18 Sep 2018 14:33:10 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 07 Jan 2014 20:53:15 GMT
Server
Apache
box
b4 D=41465 t=1537281190545911
Transfer-Encoding
chunked
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Keep-Alive
timeout=2, max=199
Purple-Heart-Hall-of-Honor-Letter.jpeg
www.daviswilliamsfamilytree.com/wp-content/uploads/2010/01/
1 MB
1 MB
Image
General
Full URL
http://www.daviswilliamsfamilytree.com/wp-content/uploads/2010/01/Purple-Heart-Hall-of-Honor-Letter.jpeg
Requested by
Host: carnaval.jmsmusic.co
URL: http://carnaval.jmsmusic.co/enrollment-letter/
Protocol
HTTP/1.1
Server
66.147.244.163 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
box663.bluehost.com
Software
nginx/1.14.0 /
Resource Hash
3ea1805f6cdd44871fb4579065abafcfa1b5fb3d8388ac84d92a182e0ba5a7ce

Request headers

Referer
http://carnaval.jmsmusic.co/enrollment-letter/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 18 Sep 2018 14:33:11 GMT
Content-Encoding
gzip
Last-Modified
Mon, 25 Jan 2010 15:30:32 GMT
Server
nginx/1.14.0
Vary
Accept-Encoding
Content-Type
image/jpeg
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
enrollment-verification-sample.png
international.valenciacollege.edu/wp-content/uploads/sites/5/2014/09/
31 KB
31 KB
Image
General
Full URL
http://international.valenciacollege.edu/wp-content/uploads/sites/5/2014/09/enrollment-verification-sample.png
Requested by
Host: carnaval.jmsmusic.co
URL: http://carnaval.jmsmusic.co/enrollment-letter/
Protocol
HTTP/1.1
Server
199.87.225.248 Orlando, United States, ASN22487 (VALENCIA - Valencia College, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
60e5db9f52b1d0ca67da07b9e0000382714766a1707fc9491553c6aabc0a884b
Security Headers
Name Value
X-Frame-Options ALLOWFROM *.addthis.com

Request headers

Referer
http://carnaval.jmsmusic.co/enrollment-letter/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 18 Sep 2018 14:33:10 GMT
Last-Modified
Mon, 23 Mar 2015 20:59:51 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"604b04eac65d01:0"
X-Frame-Options
ALLOWFROM *.addthis.com
Content-Type
image/png
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Length
31832
X-UA-Compatible
IE=edge
Enrollment-Verification-selection_reference.png
sc.my.fsu.edu/sites/g/files/imported/storage/images/media/images/all-common-shared-graphics/enrollment-verification-selection/1168184-1-eng-US/
Redirect Chain
  • https://sc.my.fsu.edu/var/ezwebin_site/storage/images/media/images/all-common-shared-graphics/enrollment-verification-selection/1168184-1-eng-US/Enrollment-Verification-selection_reference.png
  • http://sc.my.fsu.edu/sites/g/files/imported/storage/images/media/images/all-common-shared-graphics/enrollment-verification-selection/1168184-1-eng-US/Enrollment-Verification-selection_reference.png
  • https://sc.my.fsu.edu/sites/g/files/imported/storage/images/media/images/all-common-shared-graphics/enrollment-verification-selection/1168184-1-eng-US/Enrollment-Verification-selection_reference.png
29 KB
30 KB
Image
General
Full URL
https://sc.my.fsu.edu/sites/g/files/imported/storage/images/media/images/all-common-shared-graphics/enrollment-verification-selection/1168184-1-eng-US/Enrollment-Verification-selection_reference.png
Requested by
Host: carnaval.jmsmusic.co
URL: http://carnaval.jmsmusic.co/enrollment-letter/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.108.105 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-205-108-105.compute-1.amazonaws.com
Software
nginx /
Resource Hash
dc1c79e675f81f5ebd475e41f2d8814826982065455d065d2cc9906b41434be2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://carnaval.jmsmusic.co/enrollment-letter/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 18 Sep 2018 14:33:11 GMT
x-content-type-options
nosniff
last-modified
Wed, 20 Jul 2016 19:43:03 GMT
server
nginx
accept-ranges
bytes
content-type
image/png
status
200
cache-control
max-age=1209600
x-ah-environment
01live
content-length
30047
x-request-id
04b078fcf4698ad56c3c1c40a05d6437
expires
Tue, 02 Oct 2018 14:33:11 GMT

Redirect headers

Date
Wed, 12 Sep 2018 08:28:01 GMT
Via
1.1 varnish-v4
X-Content-Type-Options
nosniff
Server
nginx
Age
540310
X-Cache
HIT
Content-Type
text/html; charset=iso-8859-1
Location
https://sc.my.fsu.edu/sites/g/files/imported/storage/images/media/images/all-common-shared-graphics/enrollment-verification-selection/1168184-1-eng-US/Enrollment-Verification-selection_reference.png
Expires
Wed, 26 Sep 2018 08:28:01 GMT
Cache-Control
max-age=1209600
X-Varnish
4395449 758417
Connection
keep-alive
Content-Length
406
X-Request-ID
v-c2c6e8fa-b665-11e8-a104-0680f3148480
X-Cache-Hits
120
counter.js
www.statcounter.com/counter/
28 KB
11 KB
Script
General
Full URL
http://www.statcounter.com/counter/counter.js
Requested by
Host: carnaval.jmsmusic.co
URL: http://carnaval.jmsmusic.co/enrollment-letter/
Protocol
HTTP/1.1
Server
104.20.3.47 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
03da92f035c699a414e7379fc4e431b20d29e4901ed6b1172eb30f2d7308c2ca

Request headers

Referer
http://carnaval.jmsmusic.co/enrollment-letter/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Tue, 18 Sep 2018 14:33:09 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Fri, 28 Apr 2017 13:36:00 GMT
Server
cloudflare
ETag
W/"59034540-7083"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public, max-age=43200
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
45c486aa307c2744-FRA
Expires
Wed, 19 Sep 2018 02:33:09 GMT
integrator.js
adservice.google.de/adsid/
109 B
171 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=carnaval.jmsmusic.co
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:824::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://carnaval.jmsmusic.co/enrollment-letter/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 Sep 2018 14:33:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
104
x-xss-protection
1; mode=block
integrator.js
adservice.google.com/adsid/
109 B
171 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=carnaval.jmsmusic.co
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:824::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://carnaval.jmsmusic.co/enrollment-letter/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 Sep 2018 14:33:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
104
x-xss-protection
1; mode=block
ca-pub-2847924964309114.js
pagead2.googlesyndication.com/pub-config/r20160913/
469 B
363 B
Script
General
Full URL
https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-2847924964309114.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
765d4c86974ad7bba54ea7307116389923c80f7d7e8878edd9841bb2c0e68676
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://carnaval.jmsmusic.co/enrollment-letter/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 18 Sep 2018 08:48:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 17 Sep 2018 21:19:06 GMT
server
sffe
age
20699
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=43200
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
240
x-xss-protection
1; mode=block
expires
Tue, 18 Sep 2018 20:48:11 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20180912/r20180604/ Frame A319
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20180912/r20180604/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:824::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20180912/r20180604/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://carnaval.jmsmusic.co/enrollment-letter/
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
601B247E67329B7D168A85EF1FCE1381
Referer
http://carnaval.jmsmusic.co/enrollment-letter/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Wed, 12 Sep 2018 14:19:38 GMT
expires
Wed, 26 Sep 2018 14:19:38 GMT
content-type
text/html; charset=UTF-8
etag
18162506661661110595
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
6931
x-xss-protection
1; mode=block
cache-control
public, max-age=1209600
age
519211
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20180912/r20180604/ Frame 72E5
198 KB
73 KB
Script
General
Full URL
http://pagead2.googlesyndication.com/pagead/js/r20180912/r20180604/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
69b89c7eb6a4b343cf690520241902412e60955a75c30cf7a3ccaac5381d869f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://carnaval.jmsmusic.co/enrollment-letter/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Tue, 18 Sep 2018 14:33:09 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
11971346504908387834
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=1209600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
74615
X-XSS-Protection
1; mode=block
Expires
Tue, 18 Sep 2018 14:33:09 GMT
t.php
c.statcounter.com/
49 B
602 B
Image
General
Full URL
http://c.statcounter.com/t.php?sc_project=11825265&java=1&security=433c991e&u1=409269049C0D4FB7D67842852A61F2BC&sc_random=0.15424823884261407&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=http%3A//carnaval.jmsmusic.co/enrollment-letter/&t=enrollment%20letter%20-%20Carnaval.jmsmusic.co&sc_snum=1&sess=7a9eb4&p=0&invisible=1
Requested by
Host: carnaval.jmsmusic.co
URL: http://carnaval.jmsmusic.co/enrollment-letter/
Protocol
HTTP/1.1
Server
104.20.2.47 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
http://carnaval.jmsmusic.co/enrollment-letter/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 18 Sep 2018 14:33:10 GMT
Server
cloudflare
P3P
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
Content-Type
image/gif
Connection
keep-alive
CF-RAY
45c486b1b61c6487-FRA
Content-Length
49
Expires
Mon, 26 Jul 1997 05:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame D50D
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2847924964309114&output=html&h=280&slotname=2323411288&adk=2334071881&adf=4269902810&w=336&lmt=1537281189&guci=1.2.0.0.2.2.0&format=336x280&url=http%3A%2F%2Fcarnaval.jmsmusic.co%2Fenrollment-letter%2F&flash=0&wgl=1&adsid=NT&dt=1537281189410&bpp=19&bdt=61&fdt=24&idt=133&shv=r20180912&cbv=r20180604&saldr=aa&abxe=1&correlator=6839365392937&frm=20&pv=2&ga_vid=1800984158.1537281190&ga_sid=1537281190&ga_hid=2023154918&ga_fc=0&iag=0&icsg=10920&dssz=12&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=457&ady=179&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&ifi=1&fsb=1&xpc=tFByGWKsPv&p=http%3A//carnaval.jmsmusic.co&dtd=172
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20180912/r20180604/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:824::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2847924964309114&output=html&h=280&slotname=2323411288&adk=2334071881&adf=4269902810&w=336&lmt=1537281189&guci=1.2.0.0.2.2.0&format=336x280&url=http%3A%2F%2Fcarnaval.jmsmusic.co%2Fenrollment-letter%2F&flash=0&wgl=1&adsid=NT&dt=1537281189410&bpp=19&bdt=61&fdt=24&idt=133&shv=r20180912&cbv=r20180604&saldr=aa&abxe=1&correlator=6839365392937&frm=20&pv=2&ga_vid=1800984158.1537281190&ga_sid=1537281190&ga_hid=2023154918&ga_fc=0&iag=0&icsg=10920&dssz=12&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=457&ady=179&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&ifi=1&fsb=1&xpc=tFByGWKsPv&p=http%3A//carnaval.jmsmusic.co&dtd=172
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://carnaval.jmsmusic.co/enrollment-letter/
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
601B247E67329B7D168A85EF1FCE1381
Referer
http://carnaval.jmsmusic.co/enrollment-letter/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 18 Sep 2018 14:33:09 GMT
server
cafe
cache-control
private
content-length
382
x-xss-protection
1; mode=block
set-cookie
test_cookie=CheckForPermission; expires=Tue, 18-Sep-2018 14:48:09 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires
Tue, 18 Sep 2018 14:33:09 GMT
osd.js
pagead2.googlesyndication.com/pagead/js/r20180912/r20180604/
73 KB
26 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20180912/r20180604/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20180912/r20180604/show_ads_impl.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
365fce5495070e9ef051c86a561a1c7f30bd3c6a19e7c334f6a9df208fe74d35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://carnaval.jmsmusic.co/enrollment-letter/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 12 Sep 2018 14:49:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
517434
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
27012
x-xss-protection
1; mode=block
server
cafe
etag
2170183139691279436
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 26 Sep 2018 14:49:16 GMT
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20180912/r20180604/ Frame 6DFE
198 KB
0
Script
General
Full URL
http://pagead2.googlesyndication.com/pagead/js/r20180912/r20180604/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
69b89c7eb6a4b343cf690520241902412e60955a75c30cf7a3ccaac5381d869f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Response headers

Date
Tue, 18 Sep 2018 14:33:09 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript; charset=UTF-8
Server
cafe
ETag
11971346504908387834
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=1209600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
74615
X-XSS-Protection
1; mode=block
Expires
Tue, 18 Sep 2018 14:33:09 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 6E8D
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2847924964309114&output=html&h=280&slotname=2323411288&adk=2334071881&adf=1874828634&w=336&lmt=1537281189&guci=1.2.0.0.2.2.0&format=336x280&url=http%3A%2F%2Fcarnaval.jmsmusic.co%2Fenrollment-letter%2F&flash=0&wgl=1&adsid=NT&dt=1537281189434&bpp=12&bdt=86&fdt=175&idt=177&shv=r20180912&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=336x280&correlator=6839365392937&frm=20&pv=1&ga_vid=1800984158.1537281190&ga_sid=1537281190&ga_hid=2023154918&ga_fc=0&iag=0&icsg=43688&dssz=13&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=457&ady=2674&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&ifi=2&fsb=1&xpc=VJKNlzn54T&p=http%3A//carnaval.jmsmusic.co&dtd=186
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20180912/r20180604/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:824::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2847924964309114&output=html&h=280&slotname=2323411288&adk=2334071881&adf=1874828634&w=336&lmt=1537281189&guci=1.2.0.0.2.2.0&format=336x280&url=http%3A%2F%2Fcarnaval.jmsmusic.co%2Fenrollment-letter%2F&flash=0&wgl=1&adsid=NT&dt=1537281189434&bpp=12&bdt=86&fdt=175&idt=177&shv=r20180912&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=336x280&correlator=6839365392937&frm=20&pv=1&ga_vid=1800984158.1537281190&ga_sid=1537281190&ga_hid=2023154918&ga_fc=0&iag=0&icsg=43688&dssz=13&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=457&ady=2674&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&ifi=2&fsb=1&xpc=VJKNlzn54T&p=http%3A//carnaval.jmsmusic.co&dtd=186
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://carnaval.jmsmusic.co/enrollment-letter/
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
601B247E67329B7D168A85EF1FCE1381
Referer
http://carnaval.jmsmusic.co/enrollment-letter/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 18 Sep 2018 14:33:09 GMT
server
cafe
cache-control
private
content-length
383
x-xss-protection
1; mode=block
set-cookie
test_cookie=CheckForPermission; expires=Tue, 18-Sep-2018 14:48:09 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires
Tue, 18 Sep 2018 14:33:09 GMT
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20180912/r20180604/ Frame B36C
198 KB
0
Script
General
Full URL
http://pagead2.googlesyndication.com/pagead/js/r20180912/r20180604/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
69b89c7eb6a4b343cf690520241902412e60955a75c30cf7a3ccaac5381d869f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Response headers

Date
Tue, 18 Sep 2018 14:33:09 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript; charset=UTF-8
Server
cafe
ETag
11971346504908387834
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=1209600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
74615
X-XSS-Protection
1; mode=block
Expires
Tue, 18 Sep 2018 14:33:09 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 8456
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2847924964309114&output=html&h=280&slotname=2323411288&adk=3767829518&adf=2153072432&w=336&lmt=1537281189&guci=1.2.0.0.2.2.0&format=336x280&url=http%3A%2F%2Fcarnaval.jmsmusic.co%2Fenrollment-letter%2F&flash=0&wgl=1&adsid=NT&dt=1537281189446&bpp=10&bdt=97&fdt=191&idt=193&shv=r20180912&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280&correlator=6839365392937&frm=20&pv=1&ga_vid=1800984158.1537281190&ga_sid=1537281190&ga_hid=2023154918&ga_fc=0&iag=0&icsg=43688&dssz=13&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1019&ady=162&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&ifi=3&fsb=1&xpc=nPXeo7mu5u&p=http%3A//carnaval.jmsmusic.co&dtd=210
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20180912/r20180604/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:824::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2847924964309114&output=html&h=280&slotname=2323411288&adk=3767829518&adf=2153072432&w=336&lmt=1537281189&guci=1.2.0.0.2.2.0&format=336x280&url=http%3A%2F%2Fcarnaval.jmsmusic.co%2Fenrollment-letter%2F&flash=0&wgl=1&adsid=NT&dt=1537281189446&bpp=10&bdt=97&fdt=191&idt=193&shv=r20180912&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280&correlator=6839365392937&frm=20&pv=1&ga_vid=1800984158.1537281190&ga_sid=1537281190&ga_hid=2023154918&ga_fc=0&iag=0&icsg=43688&dssz=13&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1019&ady=162&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&ifi=3&fsb=1&xpc=nPXeo7mu5u&p=http%3A//carnaval.jmsmusic.co&dtd=210
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://carnaval.jmsmusic.co/enrollment-letter/
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
601B247E67329B7D168A85EF1FCE1381
Referer
http://carnaval.jmsmusic.co/enrollment-letter/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 18 Sep 2018 14:33:09 GMT
server
cafe
cache-control
private
content-length
19424
x-xss-protection
1; mode=block
set-cookie
test_cookie=CheckForPermission; expires=Tue, 18-Sep-2018 14:48:09 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires
Tue, 18 Sep 2018 14:33:09 GMT

Verdicts & Comments Add Verdict or Comment

129 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| adsbygoogle number| sc_project number| sc_invisible string| sc_security string| scJsHost object| google_js_reporting_queue object| google_ad_modifications boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state function| google_spfd number| google_unique_id object| google_sv_map object| google_t12n_vars object| google_jobrunner object| google_iframe_oncopy number| sc_width number| sc_height string| sc_referer number| sc_unique number| sc_returning number| sc_returns number| sc_error number| sc_remove number| sc_cls number| sc_inv string| sc_os string| sc_title string| sc_url string| sc_base_dir string| sc_click_dir string| sc_link_back_start string| sc_link_back_end string| sc_security_code string| sc_http_url string| sc_host string| sc_dc string| sc_alt_text string| sc_counter_size number| sc_prerendering string| sc_uuid string| sc_uuid_q string| sc_unique_returning string| sc_sp function| _sc_strip_tags function| _sc_sanitiseTags function| _sc_validateTags function| getTagString function| isValidEventName undefined| _statcounter_pending object| _statcounter number| sc_script_num object| _sc_imgs string| sc_pageview_tag_string number| _sc_project_int boolean| _sc_apply_mar_2017_fixes number| clickstat_done number| clickstat_project string| clickstat_security string| dlext string| ltype string| second object| dl object| lnk object| domsec string| host_name object| host_splitted string| domain string| host_split string| lnklocal_mask object| lnklocal object| anchors object| anchor undefined| original_click undefined| s undefined| bs undefined| head undefined| ps undefined| pe undefined| params undefined| plist undefined| body undefined| insert undefined| final_body undefined| ev_head undefined| ev_params undefined| ev_sep undefined| sc_i undefined| ev_foot undefined| ev_final string| sc_gsyn_pattern string| sc_gsyn_pattern2 undefined| sc_px undefined| sc_py undefined| sc_existing function| sc_none function| sc_delay function| sc_clickstat_call function| sc_adsense_click function| sc_adsense_init function| sc_getmouse function| sc_findy function| sc_findx function| sc_exitpage string| sc_doc_loc object| myRE object| sc_date number| sc_time number| sc_time_difference string| cookie_value object| expiration number| sc_call function| init object| google_persistent_state_async object| google_pub_config object| __google_ad_urls number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages function| Goog_AdSense_getAdAdapterInstance boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.cdn.edl.io
adservice.google.com
adservice.google.de
c.statcounter.com
carnaval.jmsmusic.co
dcsafe.org
developers.google.com
googleads.g.doubleclick.net
grad.ucalgary.ca
granitestateartsmarket.com
hcsablog.com
image.isu.pub
image.slidesharecdn.com
international.valenciacollege.edu
iwsp5.org
jeffbuckley.info
media.khi.org
pagead2.googlesyndication.com
s2.studylib.net
sc.my.fsu.edu
stimulprofit.com
studentclearinghouse.info
web2.uconn.edu
writeletter2.com
www.dartmouth.edu
www.daviswilliamsfamilytree.com
www.eyeonyavapaicollege.com
www.handskorea.com
www.irs.gov
www.korvia.com
www.miracosta.edu
www.pdffiller.com
www.rocketlawyer.net
www.schoolleader.com
www.sfu.ca
www.statcounter.com
www.ucalgary.ca
www.wahbexchange.org
104.20.2.47
104.20.3.47
129.170.204.87
132.148.50.109
136.159.96.125
137.99.25.182
142.58.102.68
151.101.134.110
151.101.134.56
183.111.182.213
192.185.67.238
199.87.225.248
2.18.232.80
2.19.33.94
209.129.30.14
216.243.141.106
216.70.115.38
23.96.80.131
2400:cb00:2048:1::6812:2cb8
2400:cb00:2048:1::681c:1390
2600:1400:d:591::f50
2600:9000:200c:dc00:5:bc52:5840:93a1
2606:4700:30::ac40:8217
2606:4700:30::ac40:8317
2a00:1450:4001:816::2002
2a00:1450:4001:81a::2002
2a00:1450:4001:820::200e
2a00:1450:4001:824::2002
2a02:26f0:6c00:19b::3c9a
35.203.142.153
45.77.110.16
50.62.242.1
52.205.108.105
66.147.244.120
66.147.244.163
67.222.22.151
89.163.146.143
002fe232f428a08bcbb7dc5875e8a0b4d8f672969ed7b81f6ca1fa540d2ad06e
01e335398cb3b2531cbd0d3516bf4981a2f9c9a7f0daa7b4f66af933b619fe6f
03da92f035c699a414e7379fc4e431b20d29e4901ed6b1172eb30f2d7308c2ca
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
087aa45be9296b76fc6b1a27214d6a632dd990c7e8d8503b70f7b94d1a171658
094ea542bbbada91b44b0d86f11108da6e7d4fca9094a754d814d643d0f2df36
0a97e16b3c7d72a28d11623c188136198e5010845df529b5802a287d3fc39110
22f9b35c57b90a02d6e074a1f0ee96e9f72342af0e2e6c6d2795e1501d86ab9a
2397c9beb3bd11d44214511a7ddc1bbf2c4af34fd0519791ec4ad4350818e72e
2a8e20c580b541e6edd357991e5901a33f937cf7b235cf22aaf9189b8f1fd3a4
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
31ccb8b71232a8e9768318e93791c38e48bca8341167a406d1df7d59a052cc63
3508f12bf4034fcd6bd9831b0f6e410f75e167a7a21230cd24a9d98ef71cc3df
365fce5495070e9ef051c86a561a1c7f30bd3c6a19e7c334f6a9df208fe74d35
3ea1805f6cdd44871fb4579065abafcfa1b5fb3d8388ac84d92a182e0ba5a7ce
3ee29a553bd36f08a28e4ba511c600390a1b634bccba86cccfa8eed2864d2074
42ea4720deba0e5c0f5651914567dc46ca4bd334e88487ae49c45957100b11d9
5ab97f94053b3db11d06cbfbfbed439f9a263ba2d1d11b9d271bc2f218d6cf28
5c6d067d73f2bf19f2ec19f97302c1393bfbea8fc4b0300ec5d4481baf897b28
60e5db9f52b1d0ca67da07b9e0000382714766a1707fc9491553c6aabc0a884b
69b89c7eb6a4b343cf690520241902412e60955a75c30cf7a3ccaac5381d869f
6fc30373e5daebe45e5448d90385c64c51440ca01c985d3279db56ceff6b6b91
710e7af32e9c06f68869c07aa2f561afb925ad07aa91bcddef12aa2626e8531e
74860e6394e32cdb7cbfbcbf06ddbe2be3ffa206b58558e90a2a0a9d15a193ac
7497060b1e18dd7009d0805ecc88c430cbc7bc378800e64e689b94bca2152c7c
765d4c86974ad7bba54ea7307116389923c80f7d7e8878edd9841bb2c0e68676
774150796edf3065963d2b1b9d7f6de7fb1073feb57044501183b1c5d6baea0f
83947075161da038579040223e11f76522d63beee23a873196a6eed96a5921fa
862859140dc8f375e26efba5ce167f0365f5e6cafb0d02ea0ebc2d7555644132
891f22107256c0fa845c5c42cc70cf2ac1b055a3c07aefd2448a766354808396
a2c347f14c2dc771c1236a68708b39fb20a8f6181be2cb21ca7590ec95d9ca1f
a54df398650882e26be6d3a047bfffaed879f1dc6dac99fdc9a949510a3ac1c0
ac599c1ed11feea50a7fe8573e148fef75cf02b448cbeebe75d86eae37f7082f
ad98da1a36152a41bbaa821f5f53616d15a82b0ee83c76d4a133aa57137bdc56
b63ab4e309f431549f4aca037e667cd0890a5da62b4614d16b2ea99cdc9dc433
c42c177b4c66f0c9dc5d8b2d1add76a8131758656829c2e4afd5606fa48754b8
c5bb690bdd3caaa62c24b5f34dff4878865d9b75d629df81a4068f33ff57bc75
cc8e4e9ddc14854f8056c004e5e4611aa5422a35fe477d096f1b4e5d4e0c01b8
ccc728a73ca36e40ac087bf506e1e713ae5ca6fbf3f447840d5d1fb0728d51de
cfbad5c992ac842ab2fdda27728d52ae8096111b2b41863a746bde4355787dd6
d756f51a6d42e7e23ed0a73414dd4b4a00c0ee67f243b92150e10e7d74b08c91
d91b2751b125fe0c18142bdf9b7fc7cc448d4caeca85ad4760140a77e4e34771
dc1c79e675f81f5ebd475e41f2d8814826982065455d065d2cc9906b41434be2
df68cad6c331587b6a147494f6de1699146a8e8bdc3d8f5c76a33f3c40a2791d
e4321f8c4a4a0c46ce234e29c0924dd18842a07d085243c9b90b5393bc62df07
e49d452fba3cd6b0f98ccc918d54acf07b4a944c51252dd4ed3261d41016cba3
e529f23fddb5ab25f214c37945e933de8c639c44809fc140547160b44c663bc6
eacc7914a7337c882d35e9f384f811fa5517c1f543aaddf0266c9aa7697e8e42