Report - cedofarmers.org/tmiu/qakbot.zip

Report Overview

Submitted URL
cedofarmers.org/tmiu/qakbot.zip
IP
192.185.57.117
ASN
#46606 UNIFIEDLAYER-AS-1
Submitted
2022-11-08 22:20:53
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
340

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
static.xx.fbcdn.net	661	2012-12-01T14:12:13Z	2023-03-10T05:12:12Z	5.8 kB	192 kB	31.13.72.12
syndication.twitter.com	833	2013-09-20T03:46:47Z	2023-03-10T13:45:02Z	6.3 kB	8.1 kB	104.244.42.200
use.fontawesome.com	942	2017-01-30T05:43:25Z	2023-03-10T11:05:46Z	924 B	2.1 kB	172.64.133.15
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-10T05:09:10Z	2.7 kB	7.2 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-10T05:12:35Z	413 B	5.8 kB	34.160.144.191
cdnjs.cloudflare.com	235	2015-04-17T22:46:33Z	2023-03-10T08:04:05Z	423 B	6.7 kB	104.17.25.14
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-10T13:49:44Z	1.0 kB	2.2 kB	93.184.220.29
platform.twitter.com	597	2012-05-21T05:34:05Z	2023-03-10T13:54:25Z	6.3 kB	516 kB	192.229.233.25
abs.twimg.com	1724	2013-04-11T00:09:30Z	2023-03-10T12:26:31Z	423 B	2.7 kB	152.199.21.141
pbs.twimg.com	624	2012-09-06T02:07:06Z	2023-03-10T12:46:49Z	1.7 kB	152 kB	151.101.84.159
cedofarmers.org	unknown	2015-12-19T09:46:03Z	2023-02-21T02:00:00Z	80 kB	7.7 MB	192.185.57.117
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-10T05:10:00Z	333 B	229 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-10T05:10:02Z	606 B	127 B	34.214.64.191
www.facebook.com	99	2012-05-21T02:23:41Z	2021-02-04T00:31:35Z	729 B	19 kB	31.13.72.36
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-10T05:10:04Z	3.2 kB	62 kB	34.120.237.76
scontent-arn2-2.xx.fbcdn.net	87860	2018-12-13T20:32:03Z	2023-03-10T10:00:27Z	640 B	2.7 kB	157.240.194.27

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-08	medium	cedofarmers.org/tmiu/qakbot.zip	Malware
2022-11-08	medium	cedofarmers.org/index.php	Malware
2022-11-08	medium	cedofarmers.org/js/jquery-migrate-3.0.1.min.js	Malware
2022-11-08	medium	cedofarmers.org/js/popper.min.js	Malware
2022-11-08	medium	cedofarmers.org/js/jquery.animateNumber.min.js	Malware
2022-11-08	medium	cedofarmers.org/js/jquery.easing.1.3.js	Malware
2022-11-08	medium	cedofarmers.org/js/jquery.waypoints.min.js	Malware
2022-11-08	medium	cedofarmers.org/js/main.js	Malware
2022-11-08	medium	cedofarmers.org/js/aos.js	Malware
2022-11-08	medium	cedofarmers.org/js/index.js	Malware
2022-11-08	medium	cedofarmers.org/js/scrollax.min.js	Malware
2022-11-08	medium	cedofarmers.org/main.js	Malware
2022-11-08	medium	cedofarmers.org/js/google-map.js	Malware
2022-11-08	medium	cedofarmers.org/js/jquery.timepicker.min.js	Malware
2022-11-08	medium	cedofarmers.org/js/jquery.stellar.min.js	Malware
2022-11-08	medium	cedofarmers.org/js/jquery.magnific-popup.min.js	Malware
2022-11-08	medium	cedofarmers.org/js/bootstrap-datepicker.js	Malware
2022-11-08	medium	cedofarmers.org/js/owl.carousel.min.js	Malware
2022-11-08	medium	cedofarmers.org/js/bootstrap.min.js	Malware
2022-11-08	medium	cedofarmers.org/js/google-map.js	Malware
2022-11-08	medium	cedofarmers.org/images/favicon/usikate.ico	Malware
2022-11-08	medium	cedofarmers.org/fonts/ionicons/fonts/ionicons.ttf?v=4.0.0-19	Malware
2022-11-08	medium	cedofarmers.org/js/jquery.min.js	Malware
2022-11-08	medium	cedofarmers.org/fonts/ionicons/fonts/ionicons.woff2?v=4.0.0-19	Malware

mnemonic secure dns

Scan Date	Severity	Indicator	Alert
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed
2022-11-08	medium	cedofarmers.org	Sinkholed

JavaScript (60)

	URL	Size	First Seen	Last Seen
	cedofarmers.org/js/jquery.stellar.min.js	13 kB	2023-03-07	2024-04-24
Pretty URL cedofarmers.org/js/jquery.stellar.min.js IP 192.185.57.117 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:01 Last Seen2024-04-24 13:45:07 Times Seen2096 Hash 257c1e014bfdf359297cf2a80440a0ba c0655887944d3b358be98b7d6cd0dcdc975a6b3e 1dd583c8ff8eaeeb2f5622845527acbf0e4a875e335b4b706b305590d5a7b456 Loading...

	www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCommunity-Enterprises-Development-Organisation-CEDO-103372861641737%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=556701741929541	7.3 kB	2023-03-11	2023-03-11
Pretty URL www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCommunity-Enterprises-Development-Organisation-CEDO-103372861641737%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=556701741929541 IP 31.13.72.36 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 09:13:46 Last Seen2023-03-11 09:13:46 Times Seen1 Hash 04cc01103739b45a4303307c5abe9ffb d031dc1a6409629bfd3e5632abb6cefd316bc43a 4dd9f56414289857645570b260005de6479e0d360c08ba1eb6e77eb5d67a1d58 Loading...

	platform.twitter.com/_next/static/chunks/4.87a72bcd1cc186518122.js	2.6 kB	2023-03-08	2023-03-11
Pretty URL platform.twitter.com/_next/static/chunks/4.87a72bcd1cc186518122.js IP 192.229.233.25 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:31:23 Last Seen2023-03-11 23:50:53 Times Seen1 Hash ff2a4a029f711ed6f7dcb3f1f834609a 56769115e929960027a4a5193f234ae196cd3130 9e9de6d094db7385e648d25686207bbd961fc21b563a0ebb176e59ed9526ae07 Loading...

	static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz	588 B	2023-03-07	2023-03-17
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2023-03-17 12:55:43 Times Seen1 Hash 797945074d50ebf2563eb393179094fa 8045daea4cd83c16d12995d47fd03a16f5a7d5df 2a3d13042506b014659c201105249b75f7101f0c3175eea254b8f33bb5ea7bd8 Loading...

	platform.twitter.com/_next/static/chunks/vendors~ondemand.LottieWeb.84a69543ec64b75cae2a.js	152 kB	2023-03-07	2023-03-17
Pretty URL platform.twitter.com/_next/static/chunks/vendors~ondemand.LottieWeb.84a69543ec64b75cae2a.js IP 192.229.233.25 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:46 Last Seen2023-03-17 12:48:08 Times Seen1 Hash 72929dff5e574c1b877555fd36c7683a 79d4896c68a7a959a4c9e7cbcd1dc209cb6351f1 222fa391f26a0b6f4b5d8459ada308e078e6d2e69707766e247692a6f45676c8 Loading...

	cedofarmers.org/index.php	41 B	2023-03-07	2024-04-25
Pretty URL cedofarmers.org/index.php IP 192.185.57.117 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:03 Last Seen2024-04-25 04:28:01 Times Seen7146 Hash 2ec370ca0eaf3069dce13df24243d863 64c1919bbb18a6d851d1b7772f830320b8ab5cc1 6a31a3a39783d09cc53dd9e9baeb4a4fa49be602eef90f6bbb9f78af02688064 Loading...

	www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCommunity-Enterprises-Development-Organisation-CEDO-103372861641737%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=556701741929541	391 B	2023-03-11	2023-03-11
Pretty URL www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCommunity-Enterprises-Development-Organisation-CEDO-103372861641737%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=556701741929541 IP 31.13.72.36 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 09:13:46 Last Seen2023-03-11 09:13:46 Times Seen1 Hash a1b08776131439ee36e6763339461e0d 17387dedc626f362feb895a049a0f77af28e77d7 6645748b1730484adf2e897410dc17a77d3aacd55b2ff71333d82aab12ade738 Loading...

	www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCommunity-Enterprises-Development-Organisation-CEDO-103372861641737%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=556701741929541	218 B	2023-03-07	2024-04-24
Pretty URL www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCommunity-Enterprises-Development-Organisation-CEDO-103372861641737%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=556701741929541 IP 31.13.72.36 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-04-24 20:57:48 Times Seen12515 Hash 23731f926ba1b7856c53bf9c572f9e96 52618c2e6dd1bce8956fd2e2872c524eb1fd59d6 dbf6a6f99233910115437a7d602f004b1287d55441d4f751d152bf216375c07a Loading...

	static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz	5.4 kB	2023-03-07	2023-03-17
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2023-03-17 21:22:50 Times Seen1 Hash ece87b14cdf4e70296671c6b6ed11992 8882bac40a57ad20036359600943ceea8911898c 90fc0d4d2666d3f5b0ce950a759f03f7755f52012ba11c5d68bad84ab0ea9a3d Loading...

	static.xx.fbcdn.net/rsrc.php/v3iLl54/yH/l/en_US/9ceEMw7kTfT.js?_nc_x=Ij3Wp8lg5Kz	25 kB	2023-03-10	2023-03-11
Pretty URL static.xx.fbcdn.net/rsrc.php/v3iLl54/yH/l/en_US/9ceEMw7kTfT.js?_nc_x=Ij3Wp8lg5Kz IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:52:51 Last Seen2023-03-11 10:26:47 Times Seen1 Hash b17d8becf2fdf9f9e37d55ca8ec1a347 8f565e423a6fb60198db86866492cefdf4f04364 102a9f1fca2044306ecec1ac2fe470c9764e7fce92b18897e3f87d7d5d2b4b87 Loading...

	static.xx.fbcdn.net/rsrc.php/v3/yH/r/MDNj1eUK5bV.js?_nc_x=Ij3Wp8lg5Kz	25 kB	2023-03-07	2023-03-17
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/yH/r/MDNj1eUK5bV.js?_nc_x=Ij3Wp8lg5Kz IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2023-03-17 12:55:43 Times Seen1 Hash 04551bbefc783773edf23064b1b08ffe 8ee54463dff5f0443fe2afdb72cd200e8aebc390 de196fa938446c7486bcecc14b72919df6f78871a4af22c4f168a2785a0139ff Loading...

	platform.twitter.com/_next/static/chunks/0.ad6e60829dfc07776f5e.js	611 kB	2023-03-08	2023-03-11
Pretty URL platform.twitter.com/_next/static/chunks/0.ad6e60829dfc07776f5e.js IP 192.229.233.25 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:41:28 Last Seen2023-03-11 23:50:47 Times Seen1 Hash f8a649284ac45133fc2c0b92defbd7b3 381dece9be476572563760c277ac902449070d61 d2cf364cab1d465f08450bc1033aef3a648324781b68449c5b1a8a86337e6e9d Loading...

	cedofarmers.org/js/popper.min.js	19 kB	2023-03-07	2024-04-15
Pretty URL cedofarmers.org/js/popper.min.js IP 192.185.57.117 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:23:39 Last Seen2024-04-15 23:53:50 Times Seen1489 Hash 068d64fd1715635226e7a4b91017c6cf ca344d4feda098dc568fea9591be7beefcc6b2aa 072214cac2642148ff8266b18c82fdc64428932369da84dec0562cf01ca58d32 Loading...

	static.xx.fbcdn.net/rsrc.php/v3/ys/r/ojzICpVg5Kb.js?_nc_x=Ij3Wp8lg5Kz	53 kB	2023-03-10	2023-03-11
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/ys/r/ojzICpVg5Kb.js?_nc_x=Ij3Wp8lg5Kz IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 21:11:47 Last Seen2023-03-11 10:30:46 Times Seen1 Hash 282bb1aa3e9ec32f2a454287a01d19d3 7425763c5474781841f367c0ad156856bda54428 511bb2e3d878baab516a36f721819aa1c99a0e7ca1ffdaad02aaefdffbf87445 Loading...

	www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCommunity-Enterprises-Development-Organisation-CEDO-103372861641737%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=556701741929541	15 kB	2023-03-11	2023-03-11
Pretty URL www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCommunity-Enterprises-Development-Organisation-CEDO-103372861641737%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=556701741929541 IP 31.13.72.36 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 09:13:46 Last Seen2023-03-11 09:13:46 Times Seen1 Hash c682e5bf0fe7b32c88d177e48ee9839e 224a86447fa9449e2831a433e7a536f39a1954ff 6e52c4160476ac6c59049e1215e1b1fcd3834231723d174c0b27ff4e141c0c88 Loading...

	cedofarmers.org/js/index.js	1.7 kB	2023-03-10	2023-03-11
Pretty URL cedofarmers.org/js/index.js IP 192.185.57.117 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 18:45:37 Last Seen2023-03-11 09:13:46 Times Seen1 Hash f31a018c022219c7fbf37b9b8e4c8e95 d7e8dea836bbb792e0d622baac2445cdb367913b 537f7fe74a782851b64c60137ce17e0c4939e20f9166aeb070fe2af7b18deac0 Loading...

	platform.twitter.com/_next/static/chunks/runtime-a148fbcbc5efcd91d3a7.js	3.8 kB	2023-03-08	2023-03-11
Pretty URL platform.twitter.com/_next/static/chunks/runtime-a148fbcbc5efcd91d3a7.js IP 192.229.233.25 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:29:34 Last Seen2023-03-11 23:50:53 Times Seen1 Hash 581beb14123ea389fe5c0fe24167fe0a bb410932d362287869c39750b855fe2cfb7e97bd 1383708cb9b24bd70181898d1ea04305ac1f226da97ccae75857882f418c50d0 Loading...

	static.xx.fbcdn.net/rsrc.php/v3iEpO4/yC/l/en_US/I52F_owkvX4.js?_nc_x=Ij3Wp8lg5Kz	85 kB	2023-03-10	2023-03-11
Pretty URL static.xx.fbcdn.net/rsrc.php/v3iEpO4/yC/l/en_US/I52F_owkvX4.js?_nc_x=Ij3Wp8lg5Kz IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 09:13:48 Last Seen2023-03-11 09:13:46 Times Seen1 Hash 028ff3fb201519de5c697a30b2ea01f6 c5617fa94192b4ac7b8dc25aca2ce9ec57d23757 ea0c80567502e1f85aaf1ac044539a76def6ce059e12fe504f25baf56ccdfc59 Loading...

	static.xx.fbcdn.net/rsrc.php/v3/yR/r/fmmMhaNKIl_.js?_nc_x=Ij3Wp8lg5Kz	163 kB	2023-03-10	2023-03-11
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/yR/r/fmmMhaNKIl_.js?_nc_x=Ij3Wp8lg5Kz IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 18:26:44 Last Seen2023-03-11 10:26:37 Times Seen1 Hash 53a4620059fff481c989e2323f03ce92 de53c39a2772811b181bcf43c8b51a8ff8a811d1 350bff481258bf844304130acf62114a8fded76c0f6de81a1e23a343cf3f4b45 Loading...

	static.xx.fbcdn.net/rsrc.php/v3/yQ/r/3wX2w-O_9zc.js?_nc_x=Ij3Wp8lg5Kz	2.9 kB	2023-03-10	2023-03-11
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/yQ/r/3wX2w-O_9zc.js?_nc_x=Ij3Wp8lg5Kz IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:45:09 Last Seen2023-03-11 20:35:27 Times Seen1 Hash aa071aa0f86018bfa3012334519f5606 cd24cb1bdba12e72dcde2c4ca16ce0843b92d092 e8bba666fc7cef1cf595194ac929791183840c7158dfde05eecdb9e537eacb76 Loading...

	static.xx.fbcdn.net/rsrc.php/v3/yI/r/gczkeIw2IoN.js?_nc_x=Ij3Wp8lg5Kz	1.9 kB	2023-03-10	2023-03-11
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/yI/r/gczkeIw2IoN.js?_nc_x=Ij3Wp8lg5Kz IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 18:45:37 Last Seen2023-03-11 11:23:51 Times Seen1 Hash 4cd535b071bae2bdd0cb8caf35b553ca 550f1b18f74029835cd9add88b8ffe7afd16e638 ac1268ec5bf51e037e72c6d466501d404d0c8661b8f418f058ab223edaa6312a Loading...

	cedofarmers.org/js/aos.js	14 kB	2023-03-07	2024-04-19
Pretty URL cedofarmers.org/js/aos.js IP 192.185.57.117 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:42:42 Last Seen2024-04-19 11:30:32 Times Seen1093 Hash cfef135dd95c93ece22421733f319db3 7ca38e8b8c6febc6f6d0d80ff9cdd14d6ab4dcd6 8acb04628394993656dad11f23029fc6ad13cf90cfaa1f5df89150b2727684a9 Loading...

	static.xx.fbcdn.net/rsrc.php/v3/yM/r/WNuD0ewp6xQ.js?_nc_x=Ij3Wp8lg5Kz	339 kB	2023-03-11	2023-03-11
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/yM/r/WNuD0ewp6xQ.js?_nc_x=Ij3Wp8lg5Kz IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 08:49:10 Last Seen2023-03-11 10:30:08 Times Seen1 Hash 0d79552f382f8ba8e365d6ddde109ac6 10b4439ddb2cb92c6f366592704a6f558210f8bd ac8c52f80b7a759436018888f1ce195667e60d3e5fd31c507cda3d375377f5a2 Loading...

	www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCommunity-Enterprises-Development-Organisation-CEDO-103372861641737%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=556701741929541	252 B	2023-03-07	2024-03-07
Pretty URL www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCommunity-Enterprises-Development-Organisation-CEDO-103372861641737%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=556701741929541 IP 31.13.72.36 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-03-07 18:38:30 Times Seen2234 Hash dfc334cd5201ae3c020f43848b1646c4 b951863e53fd874757a2d5a21c8739a4d3640947 6e28b909a82bf42f6a2b51d7bbdc3ecafc47cd43cd52d1a3b584250c2ae579fe Loading...

	cedofarmers.org/js/jquery.easing.1.3.js	8.1 kB	2023-03-07	2024-04-15
Pretty URL cedofarmers.org/js/jquery.easing.1.3.js IP 192.185.57.117 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:01 Last Seen2024-04-15 23:53:50 Times Seen926 Hash 2cb90c06cfc2084e0e11ca2b8a10f6c9 45144c119832bb70b1d0e9708cba1e007ee9fbec 11c19392554c9b78c15771afa8f9fbfc78e0e46ca9527831f90ae41f95da73b8 Loading...

	cedofarmers.org/js/scrollax.min.js	7.4 kB	2023-03-07	2024-04-15
Pretty URL cedofarmers.org/js/scrollax.min.js IP 192.185.57.117 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:23:39 Last Seen2024-04-15 23:53:50 Times Seen289 Hash d21f954ca07a666641163d5c75e8c6e4 b5eb2a221c80c52ad2cfb3daaceedf71422466f7 500bfc62d016cf183c412c5936594c609064cbc5865c1065353af9ad09aa46a4 Loading...

	cedofarmers.org/js/jquery.magnific-popup.min.js	20 kB	2023-03-07	2024-04-25
Pretty URL cedofarmers.org/js/jquery.magnific-popup.min.js IP 192.185.57.117 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-25 01:32:29 Times Seen19512 Hash ba6cf724c8bb1cf5b084e79ff230626e f455c5f153f872e52265f87a644ff89fe14a6fb6 3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4 Loading...

	static.xx.fbcdn.net/rsrc.php/v3/y7/r/_jixirLUzY9.js?_nc_x=Ij3Wp8lg5Kz	13 kB	2023-03-10	2023-03-11
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/y7/r/_jixirLUzY9.js?_nc_x=Ij3Wp8lg5Kz IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 19:39:17 Last Seen2023-03-11 09:50:09 Times Seen1 Hash 23dc4549577706fd1dcfa75ca375869e 040f9c6cd48805ab93d061273289fbc7ac427218 41fe4c106f71de7b1c03731fb52d2ea632037c32c00f9c792c1827cd506c92c3 Loading...

	cedofarmers.org/js/owl.carousel.min.js	43 kB	2023-03-07	2024-04-15
Pretty URL cedofarmers.org/js/owl.carousel.min.js IP 192.185.57.117 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:23:39 Last Seen2024-04-15 23:53:50 Times Seen416 Hash 7c55a054d51f046526a6c94cf915b1f5 a088565329115bea60113dd1e00b76528e545f04 7ddc424649b256e50ebbde6522b13a627359b25c299b3ffa32a2896866e277c1 Loading...

	www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCommunity-Enterprises-Development-Organisation-CEDO-103372861641737%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=556701741929541	114 B	2023-03-07	2023-03-11
Pretty URL www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCommunity-Enterprises-Development-Organisation-CEDO-103372861641737%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=556701741929541 IP 31.13.72.36 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:45:20 Last Seen2023-03-11 12:00:41 Times Seen1 Hash 1334aa8102ff9eb7538eaebc15d1c157 ea32e6d4af09f4bf67272f7707f0d897581194a9 d33028841d43b5e9bf21df4b394ece20f31ad24e430ba99b1fe81fa1a1420ffb Loading...

	static.xx.fbcdn.net/rsrc.php/v3/yJ/r/FXh81Rcprpm.js?_nc_x=Ij3Wp8lg5Kz	24 kB	2023-03-11	2023-03-11
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/yJ/r/FXh81Rcprpm.js?_nc_x=Ij3Wp8lg5Kz IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 08:40:26 Last Seen2023-03-11 09:50:10 Times Seen1 Hash 65e0c9f27d116a453cc6ec7ddd18ecc9 3a02c8a88a414aba019c02e1ef6c92bac6068255 58b9c8077af204059adbc8f6ded260c4fc7ff39bca5a7eb35eae3765b4cfab8b Loading...

	platform.twitter.com/_next/static/octaUlqc-A_Am4qAPnvU1/_buildManifest.js	1.2 kB	2023-03-08	2023-03-11
Pretty URL platform.twitter.com/_next/static/octaUlqc-A_Am4qAPnvU1/_buildManifest.js IP 192.229.233.25 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:25:21 Last Seen2023-03-11 23:50:53 Times Seen1 Hash 12a5a08767706f15b6b316996cd057c1 29da0187284673feef37c7f5a01a52ac8b3c51f5 8056d05694350c1a3f041746d1551107d67d41af439157b1779ecdabbc8e7d35 Loading...

	www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCommunity-Enterprises-Development-Organisation-CEDO-103372861641737%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=556701741929541	17 kB	2023-03-11	2023-03-11
Pretty URL www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCommunity-Enterprises-Development-Organisation-CEDO-103372861641737%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=556701741929541 IP 31.13.72.36 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 09:13:46 Last Seen2023-03-11 09:13:46 Times Seen1 Hash c923ac09455ec2ddd9d063b498df70f7 6f35701d70bf6629b6a6835a1c3e2d9aad1c2830 3310d2fcf8f5cd4e007945cb0a9b4f6ace7e09324558bdca5ff7dc54cbade2da Loading...

	static.xx.fbcdn.net/rsrc.php/v3iEBX4/yg/l/en_US/L3rRYxmZ_M5.js?_nc_x=Ij3Wp8lg5Kz	24 kB	2023-03-10	2023-03-11
Pretty URL static.xx.fbcdn.net/rsrc.php/v3iEBX4/yg/l/en_US/L3rRYxmZ_M5.js?_nc_x=Ij3Wp8lg5Kz IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:45:09 Last Seen2023-03-11 20:31:58 Times Seen1 Hash aa1772c71516a6b845165dea34bdddaf 01e984791bcd71bfbf7f784336451cfb113a337d c64bcf0b42a27f3e7987b1b75beed48aa1e188a1fc8d0a08537cd4b91a4dc757 Loading...

	unknown	0 B	2023-03-07	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 05:51:35 Times Seen37055626 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	cedofarmers.org/js/jquery.animateNumber.min.js	1.4 kB	2023-03-07	2024-04-15
Pretty URL cedofarmers.org/js/jquery.animateNumber.min.js IP 192.185.57.117 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:23:39 Last Seen2024-04-15 23:53:50 Times Seen494 Hash c46a5138afcd0ac989037e5bc908bcac 12a8dd3a49fb07fb906739626d9157e73d1789c1 18201e44a097144b4b4d9fa01b548222bb46918ab5cd98cc5e48fe5d414d26aa Loading...

	platform.twitter.com/_next/static/chunks/13.65c62863b5d1aec3d279.js	38 kB	2023-03-08	2023-03-11
Pretty URL platform.twitter.com/_next/static/chunks/13.65c62863b5d1aec3d279.js IP 192.229.233.25 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:29:34 Last Seen2023-03-11 23:50:53 Times Seen1 Hash 03a11df781dcaecf36e41e0b44708344 8549b071cc56d79412c46663af56f3341577085b 3b55b9f7ea1bff38c6af4f5146cb5661c23f85346f5d98524231847f21483ced Loading...

	cedofarmers.org/js/jquery.timepicker.min.js	16 kB	2023-03-07	2024-02-06
Pretty URL cedofarmers.org/js/jquery.timepicker.min.js IP 192.185.57.117 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:23:39 Last Seen2024-02-06 16:01:30 Times Seen104 Hash 4065e98d84bbd621155e992ee8bd8844 bd8a675d8e069a817cb568176670218b41b1ad4b c3f1b7ac2f7c1b613efd0a848b590b5250d92515f636ebb0817eec324cdc9bd4 Loading...

	platform.twitter.com/_next/static/chunks/main-e9db78f5e7b3d83edd5e.js	90 B	2023-03-07	2023-03-17
Pretty URL platform.twitter.com/_next/static/chunks/main-e9db78f5e7b3d83edd5e.js IP 192.229.233.25 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:45 Last Seen2023-03-17 12:48:08 Times Seen1 Hash 8e33207e7b788da9abde5b6d33da0b00 23e48f1b412b3a0a406639f297fb6f4c4740efe8 80534a6e1ec41d37acec8be383f8d1112dbbeea31dd51ead47463095c13bff3a Loading...

	platform.twitter.com/_next/static/chunks/2.691622e4391d1973cb65.js	23 kB	2023-03-07	2023-05-05
Pretty URL platform.twitter.com/_next/static/chunks/2.691622e4391d1973cb65.js IP 192.229.233.25 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:45 Last Seen2023-05-05 19:49:06 Times Seen668 Hash 942b5b928a24465d1906b4716131d896 1eadaf7d813991cc042e710ac8c74a7160830d72 2adcd0a627dee2ac4ab782a00745d7678e374dc4625ddf673a88121977d77c67 Loading...

	platform.twitter.com/widgets.js	99 kB	2023-03-08	2023-11-01
Pretty URL platform.twitter.com/widgets.js IP 192.229.233.25 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:38 Last Seen2023-11-01 12:31:04 Times Seen3 Hash 6633f9603c759c40d9b200995454f17c fc66d8b06e41ccb007fb52884aba2addfc931cbd c02444f391e8655e79ff8d7d4cb69c3426c3bffbf8731a994fa23aed0f641d12 Loading...

	platform.twitter.com/_next/static/octaUlqc-A_Am4qAPnvU1/_ssgManifest.js	76 B	2023-03-07	2024-04-24
Pretty URL platform.twitter.com/_next/static/octaUlqc-A_Am4qAPnvU1/_ssgManifest.js IP 192.229.233.25 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:45 Last Seen2024-04-24 18:41:22 Times Seen3364 Hash abee47769bf307639ace4945f9cfd4ff c0a0dc51ee8a2852baf5ff30c33b1478ff302585 653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479 Loading...

	static.xx.fbcdn.net/rsrc.php/v3/yW/r/SigIl-WfFaj.js?_nc_x=Ij3Wp8lg5Kz	15 kB	2023-03-10	2023-03-11
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/yW/r/SigIl-WfFaj.js?_nc_x=Ij3Wp8lg5Kz IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 19:39:17 Last Seen2023-03-11 09:50:10 Times Seen1 Hash ee926d8fa9a5fdd61b8031af1471fa2b 80c99e2f76d6a552d0420393342753f38f725544 15a4594f39269de6c199e97983676ed8454df2e6c1993bda495bab182b425fcc Loading...

	static.xx.fbcdn.net/rsrc.php/v3/yV/r/oDVETVg4GJv.js?_nc_x=Ij3Wp8lg5Kz	22 kB	2023-03-07	2023-03-17
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/yV/r/oDVETVg4GJv.js?_nc_x=Ij3Wp8lg5Kz IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:36 Last Seen2023-03-17 11:42:01 Times Seen1 Hash 050895a5c873b840e5ca17b829ff3c3c d57daac71797c61ab83e1e604a252f2a957188a1 d7994b4c7055c1dbba3b5b88309fcd1327a08f3412ff73d5633cb3b842a156f6 Loading...

	platform.twitter.com/js/horizon_timeline.5b32f06df3f1186af2ebf11024b09726.js	8.3 kB	2023-03-08	2023-03-13
Pretty URL platform.twitter.com/js/horizon_timeline.5b32f06df3f1186af2ebf11024b09726.js IP 192.229.233.25 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:29:34 Last Seen2023-03-13 02:19:21 Times Seen1 Hash be517337a860b30e72096680d8dde0eb a5c7725313ccc971f02ef45fc69cfb5fd525be5e 6da7d8315fee3652e18b177b54485b45bb90222d001b4c6488fb4e19e498d591 Loading...

	platform.twitter.com/_next/static/chunks/modules.c7def0268c66f6a548ed.js	293 kB	2023-03-07	2023-03-17
Pretty URL platform.twitter.com/_next/static/chunks/modules.c7def0268c66f6a548ed.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:46 Last Seen2023-03-17 12:36:47 Times Seen1 Hash 51acddf0dbfab928b183f36c1ee67619 4da2fb36a4bd09d150c3536babb5dcc75770aa30 cdc46119f82b8cc0c4fa0ad51203da3154d0aee0e887aaf26a46988e5f359070 Loading...

	cedofarmers.org/js/jquery-migrate-3.0.1.min.js	11 kB	2023-03-07	2024-04-19
Pretty URL cedofarmers.org/js/jquery-migrate-3.0.1.min.js IP 192.185.57.117 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:01 Last Seen2024-04-19 21:53:29 Times Seen6121 Hash 05689c22f0c872e5089f80a5745e31ce 381ef842b4e21e4783d412a90925ea11281c406d 1743b54e611ae08f0ddb89d8d1bc9ae7d78feacbd672c86a5f5bb3c1a582e05e Loading...

	static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz	39 kB	2023-03-11	2023-03-11
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 09:10:55 Last Seen2023-03-11 22:02:12 Times Seen1 Hash 18793e9b6c478baff390c2c25df442c3 7840e8de1bfaef6c1ecc05563ca00f3f7901901d f28bb67943d02b75ca344e7d7403636d1174bbf9af444c11d4a0fd5cc0f8da0c Loading...

	platform.twitter.com/_next/static/chunks/pages/timeline-profile/screen-name/%5BscreenName%5D-c8b4c96951cf24f547b4.js	13 kB	2023-03-08	2023-03-11
Pretty URL platform.twitter.com/_next/static/chunks/pages/timeline-profile/screen-name/%5BscreenName%5D-c8b4c96951cf24f547b4.js IP 192.229.233.25 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:25:21 Last Seen2023-03-11 23:50:53 Times Seen1 Hash 1efc61e416c7f4f293501e877fbec836 7365750549f8a40e958709b58e9f2cae7d5f1753 b2bb7d781fe71f7f9496ed8a4f377a6a88b635233ea17c10457218c9992db8b5 Loading...

	platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fcedofarmers.org	327 kB	2023-03-07	2023-05-03
Pretty URL platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fcedofarmers.org IP 192.229.233.25 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:57 Last Seen2023-05-03 22:50:00 Times Seen3 Hash 26599e03fbd14de8182dfc6fb71ab446 00642f9520c1d630f6474a3f910a3444d8e8d589 2af340a08ce2caffa6df9a38412f1df460199ea76e4bc1fe3957cc3ce2962518 Loading...

	cedofarmers.org/js/jquery.waypoints.min.js	8.8 kB	2023-03-07	2024-04-21
Pretty URL cedofarmers.org/js/jquery.waypoints.min.js IP 192.185.57.117 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:01 Last Seen2024-04-21 11:44:13 Times Seen757 Hash 28ef3dc306be44a30ec0d0ffe2bee109 791cc9899f0f4dc57ace616780448da4763f05bc 114484b6bcaa6c2e7ac8301929d6bcda18a7f71924a835c2e6c01fdbd6421f5b Loading...

	cedofarmers.org/js/main.js	6.3 kB	2023-03-10	2023-03-25
Pretty URL cedofarmers.org/js/main.js IP 192.185.57.117 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 18:45:37 Last Seen2023-03-25 23:03:00 Times Seen2 Hash 6cfe966a63cf1308e6adb10612dc7650 53d8a305c4792f7750a6bbf54b0069f8b1b34238 629cbb3ab0def4051ea16e2b409b9cc9b8c2a9d384e0ce2896c68af2baac0c9a Loading...

	static.xx.fbcdn.net/rsrc.php/v3/y5/r/sDdqCaJ5A6D.js?_nc_x=Ij3Wp8lg5Kz	63 kB	2023-03-10	2023-03-11
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/y5/r/sDdqCaJ5A6D.js?_nc_x=Ij3Wp8lg5Kz IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 11:32:31 Last Seen2023-03-11 10:26:47 Times Seen1 Hash 705b6461a0cd9650178ee1b770f2fc45 68eec8bd5ce20cdebb6fae148061dad5ffea6208 a14f4c6905873afa342fbb06fd53049a539beb24490e3f9a0f32d3e9da8bec26 Loading...

	static.xx.fbcdn.net/rsrc.php/v3/y6/r/Y1Vj4wvi23s.js?_nc_x=Ij3Wp8lg5Kz	11 kB	2023-03-10	2023-03-11
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/y6/r/Y1Vj4wvi23s.js?_nc_x=Ij3Wp8lg5Kz IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 19:39:17 Last Seen2023-03-11 11:23:51 Times Seen1 Hash 847be4d6dcdc1f2a6b3d36ec259f178e f46bbd50b6608b3fdec5a3b2db6cf409e73a8033 f94fbc7e1883fe6d805d2b4c875d4fc2c21e0873a0f09d99bb9ded4d1f0fe681 Loading...

	platform.twitter.com/_next/static/chunks/ondemand.Dropdown.8bc7f6ae41bfb038b2b2.js	6.7 kB	2023-03-08	2023-03-11
Pretty URL platform.twitter.com/_next/static/chunks/ondemand.Dropdown.8bc7f6ae41bfb038b2b2.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:29:34 Last Seen2023-03-11 23:50:53 Times Seen1 Hash 24b6ad17fef6a1d54596d62f11e5a2c6 1b4c287c8944ec358296c47192c9c79e4e1d7c84 bb63f8f3077e1d4d470b89b2fc6e3acf7d9a99d622ecd639de5448d80e84f56d Loading...

	cedofarmers.org/js/bootstrap.min.js	51 kB	2023-03-07	2024-04-24
Pretty URL cedofarmers.org/js/bootstrap.min.js IP 192.185.57.117 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:37 Last Seen2024-04-24 19:05:39 Times Seen6310 Hash ce6e785579ae4cb555c9de311d1b9271 5ef2c15b47d7290698c737676ba9c3056b45f2e8 0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339 Loading...

	cedofarmers.org/js/bootstrap-datepicker.js	47 kB	2023-03-07	2024-02-14
Pretty URL cedofarmers.org/js/bootstrap-datepicker.js IP 192.185.57.117 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:23:39 Last Seen2024-02-14 12:37:09 Times Seen182 Hash 6f2305704b66eea2b6a7c5dd0a08293b 023eb42884db66ec3ae2a872faab9e3747d0f2c3 ae69f62cf7df7c2777acf907e06e7ad0406b727ebb7544949e1ecd7b1a82f6f6 Loading...

	www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCommunity-Enterprises-Development-Organisation-CEDO-103372861641737%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=556701741929541	30 B	2023-03-07	2024-04-10
Pretty URL www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCommunity-Enterprises-Development-Organisation-CEDO-103372861641737%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=556701741929541 IP 31.13.72.36 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-04-10 19:25:29 Times Seen81 Hash d1e154e25314b9fbe73dfbbf8d25da8a 2e9fc107aa7c5003d4e46c79aa5f94d079fd3a23 cc56f5136a80b2aa68095bf7da1ae3c753210eae44581620ca4c5a4e9293e016 Loading...

	platform.twitter.com/_next/static/chunks/pages/_app-446fb4a338b215deec8c.js	1.3 kB	2023-03-07	2023-03-17
Pretty URL platform.twitter.com/_next/static/chunks/pages/_app-446fb4a338b215deec8c.js IP 192.229.233.25 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:46 Last Seen2023-03-17 12:48:08 Times Seen1 Hash be3e428d416daa9027cecf70b5f26bf9 3e8a5de715f690340896e9dbcd5138eae0a3e2d8 0b646f6a0117000d7a12cb08668222c21cd3ae0194b31cb4a12a60547171e380 Loading...

		Size	First Seen	Last Seen
	#1 Write - 3a824154b16ed7dab899bf000b80eeee	4 B	2023-03-07	2024-02-13
Pretty Observations First Seen2023-03-07 01:02:03 Last Seen2024-02-13 04:29:14 Times Seen34 Hash 3a824154b16ed7dab899bf000b80eeee e575dccc71140754dd85beda5965b6a358150309 b1ab1e892617f210425f658cf1d361b5489028c8771b56d845fe1c62c1fbc8b0 Loading...

HTTP Transactions (135)

URL IP Response Size

cedofarmers.org/tmiu/qakbot.zip

192.185.57.117

301 Moved Permanently

241 B

URL HTTP/1.1
cedofarmers.org/tmiu/qakbot.zip
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
241 B (241 bytes)
Hash
143e857dedbeba8a9afd5e4b6a4ec3c7
739291f581c628a095ae9dbb766b86c3f971ef7c
42f51bd1ae4ade0a86552ab214350f8a4f8c8de6645618d8d96cc41f47d37bbe

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /tmiu/qakbot.zip HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Tue, 08 Nov 2022 22:20:40 GMT
Server: Apache
Location: https://cedofarmers.org/index.php
Content-Length: 241
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c7a8ba48383a0e56baca8c8c41b81a04
b04c1f1e730a71f17ff639c9db697c532d4e5421
7860552382285e6eddddc5226c6f6400caa3f6fc3cb4b8a2d550c6fc653f78bb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7860552382285E6EDDDDC5226C6F6400CAA3F6FC3CB4B8A2D550C6FC653F78BB"
Last-Modified: Sun, 06 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2446
Expires: Tue, 08 Nov 2022 23:01:26 GMT
Date: Tue, 08 Nov 2022 22:20:40 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
7908acd0c083145e2b454aaeb063c236
0696647bb0a4118327f637a50ebcc21bac39d592
ffc30b68df0b33d67f31e37bbf5ae5cf4c23e1c8b8197bf76a95ee06bec4cd36

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4425
Cache-Control: max-age=134656
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 22:20:40 GMT
Etag: "636a2fef-1d7"
Expires: Thu, 10 Nov 2022 11:44:56 GMT
Last-Modified: Tue, 08 Nov 2022 10:31:11 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9a21dcd6794c5ba4178522096f695511
d731cf49db5e048d0d820d5cee03417cdd8c1c7b
c4981ce849fcfce045d1c9eeb2978767d87fcbf6087626f3d6541ec8b1938a37

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C4981CE849FCFCE045D1C9EEB2978767D87FCBF6087626F3D6541EC8B1938A37"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9200
Expires: Wed, 09 Nov 2022 00:54:00 GMT
Date: Tue, 08 Nov 2022 22:20:40 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 8F3RjqYKDx7AAbK6zGNeLWpXa5lt+OqtZ3HdqrKniPrkcBrjB5gbPwJ5OL0NmFAdoEUbYkqyym8=
x-amz-request-id: 0SCNW9NZ080566R4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 08 Nov 2022 22:11:28 GMT
age: 552
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 08 Nov 2022 22:20:40 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
17a694f272f175c24d486240fe3fbeb8
d9d41d9e1024dcd836c2b2fd95341736d539c606
7c99cf1bf90d0425556667f9a7c6dc7319d013a9d0f6c94baa8bc0deb49d22c7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7C99CF1BF90D0425556667F9A7C6DC7319D013A9D0F6C94BAA8BC0DEB49D22C7"
Last-Modified: Tue, 08 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21548
Expires: Wed, 09 Nov 2022 04:19:48 GMT
Date: Tue, 08 Nov 2022 22:20:40 GMT
Connection: keep-alive

cedofarmers.org/index.php

192.185.57.117

200 OK

6.1 kB

URL HTTP/2
cedofarmers.org/index.php
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (535), with CRLF, LF line terminators
Size
6.1 kB (6098 bytes)
Hash
029b32b1c044a1137c3278212e0ebc26
a87198ef26fc15df2cc5d3c40fb45f3199cd1d97
edcb2372b5af7ec52e60e688e373910580cf796aa693e440cfad177381268c1c

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /index.php HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
cache-control: no-cache, private
date: Tue, 08 Nov 2022 22:20:40 GMT
set-cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; expires=Wed, 09-Nov-2022 00:20:41 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D; expires=Wed, 09-Nov-2022 00:20:41 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
content-encoding: gzip
content-length: 6098
content-type: text/html; charset=UTF-8
server: Apache
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
2a47d129a3af5f02c654faf925c60273
9ad27ed9f4500c939260a677c12e702599b00fa9
0e031af077bf7009ffefada782407a247bbd31bddc96994c68de7bfe902bf992

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6333
Cache-Control: max-age=131498
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 22:20:41 GMT
Etag: "636a1c26-1d7"
Expires: Thu, 10 Nov 2022 10:52:19 GMT
Last-Modified: Tue, 08 Nov 2022 09:06:46 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

104.17.25.14

200 OK

5.6 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (30837)
Size
5.6 kB (5631 bytes)
Hash
109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 08 Nov 2022 22:20:41 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 539585
expires: Sun, 29 Oct 2023 22:20:41 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aahRd60ghO8AmfZV0F6tGHMj0AdIT9Dfn%2FLLIKAdV7rcDzjh4GwQlRbYAA0xHi1kuerkMyuYQRa%2FYPj4rvdqpAmwKOjqHQYEPaF9qJ6FjezO%2BTy7kcR2Jisl0rq%2BkPB3%2F%2F10ePzM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7671b2868fc11bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cedofarmers.org/css/slide.css

192.185.57.117

200 OK

516 B

URL HTTP/2
cedofarmers.org/css/slide.css
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
516 B (516 bytes)
Hash
026248c5259afb78149df842131c47ab
0a8a946962d23bb631fe7d4d192f7b7539dbf3b7
92f5e24d85a907f8ad1ba478ba86c417c5fca3a06719481adacea0bce3431656

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /css/slide.css HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 19 Jun 2021 18:42:50 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 516
content-type: text/css
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

cedofarmers.org/css/open-iconic-bootstrap.min.css

192.185.57.117

200 OK

2.0 kB

URL HTTP/2
cedofarmers.org/css/open-iconic-bootstrap.min.css
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (9467), with no line terminators
Size
2.0 kB (2034 bytes)
Hash
1a49150e9f9aec5c1fe7943c7368e096
065b59678676666e6509b064bcc576eb4bec6aa1
6e94ff0f08e65917674594e6e5b98d707a96a427003598c26f0ab537318abac7

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /css/open-iconic-bootstrap.min.css HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2034
content-type: text/css
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

cedofarmers.org/css/owl.carousel.min.css

192.185.57.117

200 OK

1.1 kB

URL HTTP/2
cedofarmers.org/css/owl.carousel.min.css
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (3350)
Size
1.1 kB (1098 bytes)
Hash
e95f3bc7f5a4daefb4a7c59bf8f346d6
393cd6eb55cb32c8932a8c6d1a6c2b249ae51629
9e27608f367fb404f42a20c441190981860399a8efbb54b30cdb56a8e7e191da

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /css/owl.carousel.min.css HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1098
content-type: text/css
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

cedofarmers.org/css/animate.css

192.185.57.117

200 OK

7.3 kB

URL HTTP/2
cedofarmers.org/css/animate.css
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
7.3 kB (7310 bytes)
Hash
c7a2b713e689dcbcba933282930c18df
07d6bab3d164902128825ea44e6c408b1b9f1bcc
ba217008e30851184739f646cb37a0a9a8e8b0b5ccd9a426c4a8a6a7c5ea6105

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /css/animate.css HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7310
content-type: text/css
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

cedofarmers.org/css/owl.theme.default.min.css

192.185.57.117

200 OK

446 B

URL HTTP/2
cedofarmers.org/css/owl.theme.default.min.css
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
446 B (446 bytes)
Hash
829abaf1a058dee8d1c923200a574f17
8acb6c114c4650ffa90f120d35061545c09b64e0
380a836084c2489b0ba6266d630d9cd26b12a2f3151ce0d7ce11f7de5377d0f3

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /css/owl.theme.default.min.css HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 446
content-type: text/css
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

cedofarmers.org/css/aos.css

192.185.57.117

200 OK

2.2 kB

URL HTTP/2
cedofarmers.org/css/aos.css
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (25948)
Size
2.2 kB (2196 bytes)
Hash
42e52dc8ebb4e86a83acbe2e3a433a2d
c102f5a5756bd293cfbd890706560f924a8b2dad
3430e9404526e3626b63dbde1ee828089ef07bb73852df0eadff5f403d078762

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /css/aos.css HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2196
content-type: text/css
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

push.services.mozilla.com/

34.214.64.191

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.214.64.191:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: C0YW7I0iOVs9XrNfPROL2g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: iaesKn33yaAzXRoq9g0fdeNRHQ4=

cedofarmers.org/css/ionicons.min.css

192.185.57.117

200 OK

8.9 kB

URL HTTP/2
cedofarmers.org/css/ionicons.min.css
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Unicode text, UTF-8 text, with very long lines (46353)
Size
8.9 kB (8872 bytes)
Hash
30e1e5b3be98130dc13f66e3d5d4a4dd
16945c3b91fe3b7e84c83789c3a7158be4cf3f9c
e4979dc06bca7b944980d478d583e27d530931eb6e9f560822ad3049cfc70643

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /css/ionicons.min.css HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8872
content-type: text/css
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

cedofarmers.org/css/bootstrap-datepicker.css

192.185.57.117

200 OK

3.6 kB

URL HTTP/2
cedofarmers.org/css/bootstrap-datepicker.css
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
3.6 kB (3576 bytes)
Hash
14373813f111ee36904a15a3b750b0c9
2b0edd4a5bd61060da384d04424f83e2dd644c56
90e8499185ca0fd4d32fb2088117f7b9ce4e399b7d876070c3669b0c64ac4404

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /css/bootstrap-datepicker.css HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3576
content-type: text/css
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

cedofarmers.org/css/magnific-popup.css

192.185.57.117

200 OK

2.2 kB

URL HTTP/2
cedofarmers.org/css/magnific-popup.css
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
2.2 kB (2191 bytes)
Hash
757c165194bdd1de4ca4a38bfea220f7
c1d4a88790cd476995d9a5ff7db8de77cc39c5d0
772675dc2c0403949be38fc53d785d9124fad348324d0be6a75c174800afa8ea

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /css/magnific-popup.css HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2191
content-type: text/css
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

cedofarmers.org/css/jquery.timepicker.css

192.185.57.117

200 OK

456 B

URL HTTP/2
cedofarmers.org/css/jquery.timepicker.css
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
456 B (456 bytes)
Hash
c310f69ed9a3cd6ce699c5df769a7e28
dec2efbf8cbf89cecfece91877b361f23356dd57
edd2492f889f995428231e2c07a819831840294fef6a9d59cea7e54c8932dff2

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /css/jquery.timepicker.css HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 456
content-type: text/css
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

cedofarmers.org/css/flaticon.css

192.185.57.117

200 OK

466 B

URL HTTP/2
cedofarmers.org/css/flaticon.css
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
466 B (466 bytes)
Hash
745c2e66a7681f81fecd0399f16054e0
d36db54699951ea73000ece2604a5c1f1ee4d932
5f9c839e836adefc596f4a675ab9b59f49f6d13c0670e11eb18bbf44841bb41d

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /css/flaticon.css HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 466
content-type: text/css
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

cedofarmers.org/css/icomoon.css

192.185.57.117

200 OK

14 kB

URL HTTP/2
cedofarmers.org/css/icomoon.css
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
14 kB (13989 bytes)
Hash
7a704ee33ed7777f856bd19a6d54c133
1706b2c62d08a8b48d71e6e46e9cc18e03d9f040
0089a5b5cd9f1d273312b6a6a73ab075e0a28a2d1b11681570ce39d5286837eb

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /css/icomoon.css HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 13989
content-type: text/css
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

cedofarmers.org/js/jquery-migrate-3.0.1.min.js

192.185.57.117

200 OK

3.9 kB

URL HTTP/2
cedofarmers.org/js/jquery-migrate-3.0.1.min.js
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
3.9 kB (3888 bytes)
Hash
5eb86a89a29cbbdf4c50ed77ecdbea34
e0f8e06212fb706648209755fab270b7ba804caa
072d17e2f98fa8124dda17d0e874f4e9225164193ac304fd29a489e35f57d051

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /js/jquery-migrate-3.0.1.min.js HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3888
content-type: application/javascript
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

cedofarmers.org/js/popper.min.js

192.185.57.117

200 OK

8.1 kB

URL HTTP/2
cedofarmers.org/js/popper.min.js
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (18860)
Size
8.1 kB (8080 bytes)
Hash
5996341f0746435a8fa35e664d9d66a4
29f2b76dad23c3dd64a8a86924bbb8e1b6dc8782
0bcca1c908b2eaf5de34371c31e7976e95f4b38e09764be3ce6330df72d6be3c

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /js/popper.min.js HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8080
content-type: application/javascript
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

cedofarmers.org/js/jquery.animateNumber.min.js

192.185.57.117

200 OK

747 B

URL HTTP/2
cedofarmers.org/js/jquery.animateNumber.min.js
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (527)
Size
747 B (747 bytes)
Hash
40bca4537ed2129cb598f9ffbf29141c
68ad9269449269e54fd761b91d58a0e947ea21f7
6749cb11f6ec74583b49f9b5ff2f75929d78c22af7184a008796ba377dc7fb8b

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /js/jquery.animateNumber.min.js HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 747
content-type: application/javascript
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

cedofarmers.org/js/jquery.easing.1.3.js

192.185.57.117

200 OK

2.8 kB

URL HTTP/2
cedofarmers.org/js/jquery.easing.1.3.js
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Unicode text, UTF-8 text
Size
2.8 kB (2789 bytes)
Hash
d393d9f57ac1e235965f6a8115bc497f
28b5b3eb6dafc4bf8f3f27e209bdb62931470de2
02bf96fb3412a080cc6f155e8952e10d3f1d204a581e1aa08d4d3c095096a27e

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /js/jquery.easing.1.3.js HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2789
content-type: application/javascript
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

cedofarmers.org/js/jquery.waypoints.min.js

192.185.57.117

200 OK

3.2 kB

URL HTTP/2
cedofarmers.org/js/jquery.waypoints.min.js
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Unicode text, UTF-8 text, with very long lines (8668)
Size
3.2 kB (3151 bytes)
Hash
fb0f2e418324ef4b2ccef62b8460160d
9e1a7fd820cb33d4cbf8620dfa28e284fdfc6a8e
d458a5bdf76d7529e89e204b4d6de5d4c36d25f78e4e5ad1db0b6aef4f53851b

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /js/jquery.waypoints.min.js HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3151
content-type: application/javascript
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

cedofarmers.org/js/main.js

192.185.57.117

200 OK

2.3 kB

URL HTTP/2
cedofarmers.org/js/main.js
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
2.3 kB (2305 bytes)
Hash
b2f80211a529090e618b1f35f30f1d4d
0fb79a31eb9f7512452cfba90208632a5131c5e9
988394aa7d1206bc442db463165ef47cc253826aac2488861a8718b367cc2170

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /js/main.js HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 29 Jun 2019 03:45:10 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2305
content-type: application/javascript
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

cedofarmers.org/img/cedo_logo.png

192.185.57.117

200 OK

16 kB

URL HTTP/2
cedofarmers.org/img/cedo_logo.png
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 300 x 94, 8-bit/color RGBA, non-interlaced\012- data
Size
16 kB (15783 bytes)
Hash
b651660d68c75f78e3978f00936cb68c
a7f21fe219c254e2ae32bffdb8a6dada4d22818c
2ed1f32cd719b7a33baaa6e83983e9f3359f6a14004ad0b7b879f605f1567959

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /img/cedo_logo.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 02 May 2019 04:07:06 GMT
accept-ranges: bytes
content-length: 15783
content-type: image/png
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

cedofarmers.org/js/aos.js

192.185.57.117

200 OK

6.8 kB

URL HTTP/2
cedofarmers.org/js/aos.js
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (14212)
Size
6.8 kB (6766 bytes)
Hash
479cdf80b809326d4db924af9c776aed
19a6c5f3d7d22dabc779ca8211c9b77e46be2ba6
c297112630880d8480a1659d77b2a72afc346de97dab6826bda00903732b7da7

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /js/aos.js HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 6766
content-type: application/javascript
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

cedofarmers.org/js/index.js

192.185.57.117

200 OK

467 B

URL HTTP/2
cedofarmers.org/js/index.js
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
467 B (467 bytes)
Hash
73fd203856751378aeb85a6f208f323e
40050647cc618d020743a5b763a5daca3c5d10e1
dbbf9922f8df175089acdbeae683e19d990ac333922a37bea45332170571f960

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /js/index.js HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 05 Jun 2019 08:05:04 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 467
content-type: application/javascript
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

cedofarmers.org/js/scrollax.min.js

192.185.57.117

200 OK

3.5 kB

URL HTTP/2
cedofarmers.org/js/scrollax.min.js
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (567)
Size
3.5 kB (3479 bytes)
Hash
86a4f5314ead33144666591358283dbf
e96f5ee479f0acd04dc7f05e81bd1b17dd045a78
d214654b8c08d790c05d134b7d00ddee5616b96400c5ab79ef21bbc95312156a

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /js/scrollax.min.js HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3479
content-type: application/javascript
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

cedofarmers.org/main.js

192.185.57.117

404 Not Found

2.4 kB

URL HTTP/2
cedofarmers.org/main.js
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Size
2.4 kB (2401 bytes)
Hash
2cdccc9eccc72b2742298d87caffaad1
6edb66f8bee92447167a98055ae225ee85945647
a4033c6180cf444d30d417f543c3c7b28b291d28169557e02269168f4ce20678

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /main.js HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
cache-control: no-cache, private
date: Tue, 08 Nov 2022 22:20:41 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 2401
content-type: text/html; charset=UTF-8
server: Apache
X-Firefox-Spdy: h2

cedofarmers.org/js/google-map.js

192.185.57.117

404 Not Found

2.4 kB

URL HTTP/2
cedofarmers.org/js/google-map.js
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Size
2.4 kB (2401 bytes)
Hash
2cdccc9eccc72b2742298d87caffaad1
6edb66f8bee92447167a98055ae225ee85945647
a4033c6180cf444d30d417f543c3c7b28b291d28169557e02269168f4ce20678

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /js/google-map.js HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
cache-control: no-cache, private
date: Tue, 08 Nov 2022 22:20:41 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 2401
content-type: text/html; charset=UTF-8
server: Apache
X-Firefox-Spdy: h2

cedofarmers.org/js/jquery.timepicker.min.js

192.185.57.117

200 OK

6.3 kB

URL HTTP/2
cedofarmers.org/js/jquery.timepicker.min.js
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (15516)
Size
6.3 kB (6300 bytes)
Hash
08067ede5d206b26fccbb23d95361eb2
c64f0b991ed0460e73f4d84ef656960b3686f15e
3bf889f378d89317e9f7eeca4a4c9eab04c50a9c684e3bc6920bf5aa6db96d69

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /js/jquery.timepicker.min.js HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 6300
content-type: application/javascript
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

cedofarmers.org/js/jquery.stellar.min.js

192.185.57.117

200 OK

4.1 kB

URL HTTP/2
cedofarmers.org/js/jquery.stellar.min.js
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (12453)
Size
4.1 kB (4109 bytes)
Hash
3525f2201b4f09032255aa580b5ffb6f
00b2c0b860cdc0a4d466575d57b6f3d9b748decc
700f7e51cd1033335fd0dff2838e02e9cbf3fd206eb4635de5fd07ccaa92dfaa

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /js/jquery.stellar.min.js HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4109
content-type: application/javascript
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

cedofarmers.org/js/jquery.magnific-popup.min.js

192.185.57.117

200 OK

9.2 kB

URL HTTP/2
cedofarmers.org/js/jquery.magnific-popup.min.js
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (20087)
Size
9.2 kB (9204 bytes)
Hash
7a10ae63b238729dc4da7f7bd8986219
654c47168dca0ec7080f6c57e8c4482b57f879d4
b782185399b361358f7c409d6f23f22d45f695dcbb63876c35752c7b1de72db3

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /js/jquery.magnific-popup.min.js HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 9204
content-type: application/javascript
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

cedofarmers.org/js/bootstrap-datepicker.js

192.185.57.117

200 OK

15 kB

URL HTTP/2
cedofarmers.org/js/bootstrap-datepicker.js
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
15 kB (15126 bytes)
Hash
2b79093933df55bc5c7ef67c538716d6
dcd4c757ffb7e12e2fdcb79bfb63a89904ddcdb0
63c105faabd1a5e17ae5f3c9d38d2496e244b2f9eb212089a0370bc737006494

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /js/bootstrap-datepicker.js HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 15126
content-type: application/javascript
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

cedofarmers.org/js/owl.carousel.min.js

192.185.57.117

200 OK

16 kB

URL HTTP/2
cedofarmers.org/js/owl.carousel.min.js
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (32035)
Size
16 kB (15509 bytes)
Hash
ba718faf7d0b70331002a08b21cb59a9
e95351f57800bcccb528cba3f019b0ed71b7dd95
d4c7012b6c81af915538208c9ebab6a2d99ef16b57d411b74e3191b5ba8db169

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /js/owl.carousel.min.js HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 15509
content-type: application/javascript
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

cedofarmers.org/js/bootstrap.min.js

192.185.57.117

200 OK

21 kB

URL HTTP/2
cedofarmers.org/js/bootstrap.min.js
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
data
Size
21 kB (21241 bytes)
Hash
4efc523f309b7df5fa5f0e1e5df40994
40c1184027ec7be4dd43e920d63cae60010b0d5a
4ad134447508147ad2ff3a9d4b1d38bf266869a730214c9541ae9b6cf1544acd

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /js/bootstrap.min.js HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

cedofarmers.org/uploads/partners/1604226138-LWR_logo.png

192.185.57.117

200 OK

6.5 kB

URL HTTP/2
cedofarmers.org/uploads/partners/1604226138-LWR_logo.png
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 202 x 105, 8-bit/color RGBA, non-interlaced\012- data
Size
6.5 kB (6465 bytes)
Hash
8e5beb848c845557339a3655c5739797
9f3e281eb8228e6b9e7e394ecf9c41d59de7f5fa
e22a121b4142e6b94b58f79e8e470c1b0a68f96e0df9ead4800c5f9c44cb4e9b

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/partners/1604226138-LWR_logo.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:22:18 GMT
accept-ranges: bytes
content-length: 6465
content-type: image/png
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

cedofarmers.org/uploads/partners/1604226064-farmradio_logo.png

192.185.57.117

200 OK

8.5 kB

URL HTTP/2
cedofarmers.org/uploads/partners/1604226064-farmradio_logo.png
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 260 x 83, 8-bit/color RGBA, non-interlaced\012- data
Size
8.5 kB (8523 bytes)
Hash
acbc305b30b93c9cad8a0319bc83beb2
82ac01754fd55c3b2a8536c731705c3bb5370d01
0067638d649205450369e299ebe376323fe320748a60783a0696a59102ed5fc2

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/partners/1604226064-farmradio_logo.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:21:04 GMT
accept-ranges: bytes
content-length: 8523
content-type: image/png
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

cedofarmers.org/uploads/partners/1604226130-KARLO_logo.jpg

192.185.57.117

200 OK

8.0 kB

URL HTTP/2
cedofarmers.org/uploads/partners/1604226130-KARLO_logo.jpg
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 90", baseline, precision 8, 150x107, components 3\012- data
Size
8.0 kB (7970 bytes)
Hash
a70178ed43b38e68755a5d8151784977
82efa0ffc4c68bd719647ae2280f558fcaf8d3fc
49c0797da907ea1e62d3f25df9546275a097ebf1618f63b22b9b9e9e5571ce7c

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/partners/1604226130-KARLO_logo.jpg HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:22:10 GMT
accept-ranges: bytes
content-length: 7970
content-type: image/jpeg
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCommunity-Enterprises-Development-Organisation-CEDO-103372861641737%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=556701741929541

31.13.72.36

200 OK

15 kB

URL HTTP/2
www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCommunity-Enterprises-Development-Organisation-CEDO-103372861641737%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=556701741929541
IP
31.13.72.36:0
ASN
#32934 FACEBOOK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (18899)
Size
15 kB (15060 bytes)
Hash
d3355591ff3ede374656e805ba7fabc0
6ea4aba76e32d110e5f3049c569401107c5b4836
ad7ffc3152fc71fab6b555cb6ffdd07294e0e8ca6c1a23ea1bdc7a2c07ead29c

HTTP Headers

GET /plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCommunity-Enterprises-Development-Organisation-CEDO-103372861641737%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=556701741929541 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: OldIRVQHIK2IuVgYtaNHwfiiWf/UG9ivaMsi0N+mq2pBb1PFhnqgWds3C/4ab7cPvCtCU7iH0BV5JikcRyD4tw==
date: Tue, 08 Nov 2022 22:20:42 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cedofarmers.org/uploads/partners/1604226049-concern_logo.png

192.185.57.117

200 OK

13 kB

URL HTTP/2
cedofarmers.org/uploads/partners/1604226049-concern_logo.png
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Size
13 kB (12627 bytes)
Hash
554c7995c6fc7c2b5296488df5890258
5ddfb85c9140fb6154fd367517faab935e24ab57
754877b85cfc8583e983f4b4012570e6e7900e25ac72aaeb72b5393c73838b10

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/partners/1604226049-concern_logo.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:20:48 GMT
accept-ranges: bytes
content-length: 12627
content-type: image/png
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

cedofarmers.org/uploads/partners/1604226020-AgVerify_logo.png

192.185.57.117

200 OK

13 kB

URL HTTP/2
cedofarmers.org/uploads/partners/1604226020-AgVerify_logo.png
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 102 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
13 kB (13108 bytes)
Hash
3a77e0e97be8d382c49a0bea0e7b96ee
97e6ae8f29a688171daf8fb0ae76227a94748486
2f5bce4713af81495b4af3268b84565aa32675d402d7520ba3366cf0dbdfb1a3

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/partners/1604226020-AgVerify_logo.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:20:20 GMT
accept-ranges: bytes
content-length: 13108
content-type: image/png
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

cedofarmers.org/uploads/partners/1604226123-ISSDUganda_logo.gif

192.185.57.117

200 OK

14 kB

URL HTTP/2
cedofarmers.org/uploads/partners/1604226123-ISSDUganda_logo.gif
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
GIF image data, version 89a, 280 x 108\012- data
Size
14 kB (13761 bytes)
Hash
a91ea5feb010fc00dc507da48df2bb08
d8bb71422001c5e5b297384972836747804cabeb
85dda7d730462d957e02f093456c1490a0337de25ba19a2a06a24a82623f347d

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/partners/1604226123-ISSDUganda_logo.gif HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:22:02 GMT
accept-ranges: bytes
content-length: 13761
content-type: image/gif
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

cedofarmers.org/uploads/partners/1604226212-peacecorps_logo.png

192.185.57.117

200 OK

13 kB

URL HTTP/2
cedofarmers.org/uploads/partners/1604226212-peacecorps_logo.png
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- Minix filesystem, V1 (big endian), 1140 zones\012- data
Size
13 kB (12921 bytes)
Hash
36201ea364ca857180650ef26d4c261d
be94a53efc6cfaed7440e11c3e805d31952a7194
7a17429bfe71b4562c9bceae1f22f3f54567da2528778683c428ebb65a215e07

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/partners/1604226212-peacecorps_logo.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:23:32 GMT
accept-ranges: bytes
content-length: 12921
content-type: image/png
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

cedofarmers.org/uploads/partners/1604226026-azuri_logo.png

192.185.57.117

200 OK

15 kB

URL HTTP/2
cedofarmers.org/uploads/partners/1604226026-azuri_logo.png
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 140 x 94, 8-bit/color RGBA, non-interlaced\012- data
Size
15 kB (15194 bytes)
Hash
66294f8bd37606f90bffc393fc904580
dc5157ff63ed21fcf0436418ee9f951b23b374c9
bd91ec976f613f95b085817dccd53abb9069a01e1acf27d36c36f50f534c9792

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/partners/1604226026-azuri_logo.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:20:26 GMT
accept-ranges: bytes
content-length: 15194
content-type: image/png
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

cedofarmers.org/uploads/partners/1604226163-muk_logo.jpg

192.185.57.117

200 OK

16 kB

URL HTTP/2
cedofarmers.org/uploads/partners/1604226163-muk_logo.jpg
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 90", baseline, precision 8, 244x207, components 3\012- data
Size
16 kB (16210 bytes)
Hash
61b27a12a411b114288abec230530cea
fe28d81a4e39588110377c1daae4c1d3e1907334
d8709f607a3ba10f8cce62e8aed817b01560029503f8fc04654087039d4403f6

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/partners/1604226163-muk_logo.jpg HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:22:42 GMT
accept-ranges: bytes
content-length: 16210
content-type: image/jpeg
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

cedofarmers.org/uploads/partners/1604226015-AgResults_logo.png

192.185.57.117

200 OK

17 kB

URL HTTP/2
cedofarmers.org/uploads/partners/1604226015-AgResults_logo.png
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 239 x 90, 8-bit/color RGBA, non-interlaced\012- data
Size
17 kB (17025 bytes)
Hash
b940f566411a53bf2bcc5236296f4541
c433b0bd09151992a7fd93c4dd89231a73749558
40fcdd32c8646567df6634909a9ff559a7ef474f12f19c06bd2bb8578cecd66a

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/partners/1604226015-AgResults_logo.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:20:14 GMT
accept-ranges: bytes
content-length: 17025
content-type: image/png
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

cedofarmers.org/uploads/partners/1604226145-mamedicot_logo.jpg

192.185.57.117

200 OK

17 kB

URL HTTP/2
cedofarmers.org/uploads/partners/1604226145-mamedicot_logo.jpg
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 90", baseline, precision 8, 319x170, components 3\012- data
Size
17 kB (16992 bytes)
Hash
f17dffa45410e3b7055e9b5c42db9887
c25736b1ff2d855ae9b667333c1265fd3ec7fb82
427e42a5cc5181d1b1ac27bec35c139578d4b3989cc4570a1c7aa147d6a34f8d

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/partners/1604226145-mamedicot_logo.jpg HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:22:24 GMT
accept-ranges: bytes
content-length: 16992
content-type: image/jpeg
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

cedofarmers.org/uploads/partners/1604667006-SDC.png

192.185.57.117

200 OK

18 kB

URL HTTP/2
cedofarmers.org/uploads/partners/1604667006-SDC.png
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 389 x 129, 8-bit/color RGBA, non-interlaced\012- data
Size
18 kB (17630 bytes)
Hash
5feaa2561972e1f1936d27afa46f8073
9a131c67f0cbdcdab6b68111d488f4ed470d19f5
4d4ac6c810b35e9bc899bbca7ea1945f34c1587b8d05de854afa1c96743fd0e0

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/partners/1604667006-SDC.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 06 Nov 2020 09:50:06 GMT
accept-ranges: bytes
content-length: 17630
content-type: image/png
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

cedofarmers.org/uploads/partners/1604226182-nutreal_logo.png

192.185.57.117

200 OK

18 kB

URL HTTP/2
cedofarmers.org/uploads/partners/1604226182-nutreal_logo.png
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 314 x 133, 8-bit/color RGBA, non-interlaced\012- data
Size
18 kB (17488 bytes)
Hash
1d0e4e690cd2fb73a223791f6927df16
806f6fdca255063da5403e63f947f44cf5918fa0
cabeb13a9695700c0597e6b33b223fce17a698ba5409637fb76489234d8f4f2e

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/partners/1604226182-nutreal_logo.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:23:02 GMT
accept-ranges: bytes
content-length: 17488
content-type: image/png
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

cedofarmers.org/uploads/partners/1604226099-idrc_logo.png

192.185.57.117

200 OK

19 kB

URL HTTP/2
cedofarmers.org/uploads/partners/1604226099-idrc_logo.png
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 600 x 138, 8-bit/color RGBA, non-interlaced\012- data
Size
19 kB (18864 bytes)
Hash
b84e72d2691312625aec39da7e26b1c8
512d979aaafcb147e8da1ff27a202c83ce904690
f3630581290816968d46650aa3a4e6b87dd96cac7eb5ccf9ca513a7461c8f19f

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/partners/1604226099-idrc_logo.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:21:38 GMT
accept-ranges: bytes
content-length: 18864
content-type: image/png
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

cedofarmers.org/uploads/partners/1604667043-GAC.jpg

192.185.57.117

200 OK

18 kB

URL HTTP/2
cedofarmers.org/uploads/partners/1604667043-GAC.jpg
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 782x84, components 3\012- data
Size
18 kB (18426 bytes)
Hash
68860c558193b9c06ad87590544260c8
9301bb291f1b44834fa4e2b80b3ced0828fac9cc
d12bb2d859f25717a11a9f2bbed1f9659713ec98177e9743515a9ad759ba32ba

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/partners/1604667043-GAC.jpg HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 06 Nov 2020 09:50:44 GMT
accept-ranges: bytes
content-length: 18426
content-type: image/jpeg
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/ScKYGqqHLxM.css?_nc_x=Ij3Wp8lg5Kz

31.13.72.12

200 OK

5.0 kB

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/ScKYGqqHLxM.css?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (4431)
Size
5.0 kB (5031 bytes)
Hash
68b687b4bd9b8bc82a675dcc86c76b59
4e9194a9831c6c1b400ebe65e6be09661f0997cd
f7acf02cb9f1350a252391e55a8e577ea291aa212f3577aa15c8f0d963a12e5f

HTTP Headers

GET /rsrc.php/v3/yF/l/0,cross/ScKYGqqHLxM.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 08 Nov 2023 18:03:24 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: aLaHtL2bi8gqZ13MhsdrWQ==
x-fb-debug: U2NYlGCDC8vM6+H94gXuaKpd2vCIvO+cBEZrmO/ZCY/220x4aySHC0Vjdw8uuAPICOmRg5+Qwt5jx++CX+JF9Q==
priority: u=2
content-length: 5031
x-fb-trip-id: 1904183273
date: Tue, 08 Nov 2022 22:20:42 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.xx.fbcdn.net/rsrc.php/v3/y7/r/_jixirLUzY9.js?_nc_x=Ij3Wp8lg5Kz

31.13.72.12

200 OK

4.5 kB

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3/y7/r/_jixirLUzY9.js?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (2186)
Size
4.5 kB (4455 bytes)
Hash
33ae46fb5ca5586b8eb684c440bdfde3
cc75ec00d4e015261cbc526606a7478ad72a9e43
c475fadc8a824492c8eeba78780349b668c4111794dcbe1a18fcd19bbee38de4

HTTP Headers

GET /rsrc.php/v3/y7/r/_jixirLUzY9.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 03 Nov 2023 06:15:25 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: M65G+1ylWGuOtoTEQL394w==
x-fb-debug: VQd+jiE/YM9O7IEUhklCp4iUczum/ERYFsBbEam6pexOxiTBzn2vBUxMsU53Ri0PbzNXpdK+OVkgLH6mDgWdqw==
content-length: 4455
x-fb-trip-id: 1904183273
date: Tue, 08 Nov 2022 22:20:42 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

31.13.72.12

200 OK

338 B

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (327)
Size
338 B (338 bytes)
Hash
76f593e842677f73cd0a06232874b2c3
25a13f79478d5a0e286a2299dca2f3b296463079
74dcbe026002f10b703960a500b50dabe518862e568a9e689dec7afa243fa44d

HTTP Headers

GET /rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 03 Nov 2023 19:15:56 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: dvWT6EJnf3PNCgYjKHSyww==
x-fb-debug: vLp3dEeNhcWIuGGRPqFKvYa8/RiVMkyB/9NwkoeTDgEUdyaVtI7MghihesG4cqzA6RhJQmLNpI5ZEXFXA10BRw==
priority: u=3,i
content-length: 338
x-fb-trip-id: 1904183273
date: Tue, 08 Nov 2022 22:20:42 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.xx.fbcdn.net/rsrc.php/v3/yW/r/SigIl-WfFaj.js?_nc_x=Ij3Wp8lg5Kz

31.13.72.12

200 OK

4.6 kB

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3/yW/r/SigIl-WfFaj.js?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
C source, ASCII text, with very long lines (10494)
Size
4.6 kB (4647 bytes)
Hash
2eb625206434356a5678c51841c11964
4ecd1c720cc21d03d6c5d68a3cfbe7636cccf23d
feab180e6aa77381b51329ed9391e05765ab1a7831691215010cce091f635781

HTTP Headers

GET /rsrc.php/v3/yW/r/SigIl-WfFaj.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 04 Nov 2023 06:52:20 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: LrYlIGQ0NWpWeMUYQcEZZA==
x-fb-debug: 7iGu7w468misanBoQha65sd9JUn7Fdp1ArgzwyEA/WmqsxntGFQ0+OsG24rQ7mU8zZ6R4kxfDbeNvU3kL2Ov+w==
priority: u=3,i
content-length: 4647
x-fb-trip-id: 1904183273
date: Tue, 08 Nov 2022 22:20:42 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.xx.fbcdn.net/rsrc.php/v3/yl/r/SuHirPIqipH.js?_nc_x=Ij3Wp8lg5Kz

31.13.72.12

200 OK

8.2 kB

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3/yl/r/SuHirPIqipH.js?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (9885)
Size
8.2 kB (8222 bytes)
Hash
0eaa197a5c011011e1489f411b042249
9ba134dd641bbbc6ce70619ccd94f5d5ef47a899
145cfec975ec864e6589409173f8f9fee2a59faf0ce28c42889897e812ab9ac4

HTTP Headers

GET /rsrc.php/v3/yl/r/SuHirPIqipH.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 03 Nov 2023 05:50:55 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: DqoZelwBEBHhSJ9BGwQiSQ==
x-fb-debug: yMzCe1sdU6mg7klvggXuZjDYvUcaDAkJnsXnHCkzBQ/uvXgKylMoqhhpMHmyOsGd3IWLNB0nsY5GHPnHulUPqg==
content-length: 8222
x-fb-trip-id: 1904183273
date: Tue, 08 Nov 2022 22:20:42 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.xx.fbcdn.net/rsrc.php/v3iLl54/yH/l/en_US/9ceEMw7kTfT.js?_nc_x=Ij3Wp8lg5Kz

31.13.72.12

200 OK

7.1 kB

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3iLl54/yH/l/en_US/9ceEMw7kTfT.js?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (2905)
Size
7.1 kB (7089 bytes)
Hash
950c261533c6a05f36c3ec2562963ecb
65cbaffa72eb8dafe5b43aec833435170c02b15d
4c9b051d6cba504010fc8ebdba2ca7da807224e44ad7e9798bb25b90069a3e11

HTTP Headers

GET /rsrc.php/v3iLl54/yH/l/en_US/9ceEMw7kTfT.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 03 Nov 2023 20:30:36 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: lQwmFTPGoF82w+wlYpY+yw==
x-fb-debug: P3JsMJ/9sMIFIo2VQUKoMne1CwmEilUE+Zfo5097yjTjyJTLSoOUizTarRB96PEFk+mUfaDACax69E6NVl0l6w==
priority: u=3,i
content-length: 7089
x-fb-trip-id: 1904183273
date: Tue, 08 Nov 2022 22:20:42 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.xx.fbcdn.net/rsrc.php/v3iEpO4/yC/l/en_US/I52F_owkvX4.js?_nc_x=Ij3Wp8lg5Kz

31.13.72.12

200 OK

23 kB

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yC/l/en_US/I52F_owkvX4.js?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (41977)
Size
23 kB (23273 bytes)
Hash
e5ac274375457b828912871811b4be94
3bbd528facf279eab4dc093a7fad9dbc837689eb
602f6ee48130b3bcb4e21f4307bd1c83d110182e1fb4cb8f118171d10c6f5ae4

HTTP Headers

GET /rsrc.php/v3iEpO4/yC/l/en_US/I52F_owkvX4.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 03 Nov 2023 16:03:29 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 5awnQ3VFe4KJEocYEbS+lA==
x-fb-debug: 4H7GOAumLJQE282v5rDuSHVRtBkCdstrQufEHymEpVhsV7z4jH4Xmqgn2nCrNS5LWg3guZG3NXBYmTIJUNUwzQ==
priority: u=3,i
content-length: 23273
x-fb-trip-id: 1904183273
date: Tue, 08 Nov 2022 22:20:42 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.xx.fbcdn.net/rsrc.php/v3/yV/r/oDVETVg4GJv.js?_nc_x=Ij3Wp8lg5Kz

31.13.72.12

200 OK

7.2 kB

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3/yV/r/oDVETVg4GJv.js?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (4061)
Size
7.2 kB (7236 bytes)
Hash
d1ba68f146b01f4aef60d79aadb926ea
c6b4703c25d07fd2363e5d67d11e4846d9979b26
abbff04acf96f39a3121ed97505b5a23cbeee9057dd7040c58c4e423c899805d

HTTP Headers

GET /rsrc.php/v3/yV/r/oDVETVg4GJv.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 03 Nov 2023 19:15:55 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 0bpo8UawH0rvYNearbkm6g==
x-fb-debug: 3JdQxyKLncFe1MouguIcs/yRhoAHmODDSMKAf7+37YE39XQlZOEzkpfV72QBviKdm8jhmFayla948PrKMqJNHQ==
content-length: 7236
x-fb-trip-id: 1904183273
date: Tue, 08 Nov 2022 22:20:42 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cedofarmers.org/uploads/partners/1604226177-NARO_logo.png

192.185.57.117

200 OK

22 kB

URL HTTP/2
cedofarmers.org/uploads/partners/1604226177-NARO_logo.png
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 110 x 115, 8-bit/color RGBA, non-interlaced\012- data
Size
22 kB (22156 bytes)
Hash
d88ead51d157daeb14f1fa4bef294888
3257637eccca18810f172d4b659d288c4b2565d6
b17ae365c55ef7ded5aa0a72cc42a8ce2c3330cae2d68f14b7af8e1f40ad4ba5

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/partners/1604226177-NARO_logo.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:22:56 GMT
accept-ranges: bytes
content-length: 22156
content-type: image/png
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/4_8X-2u0CDc.css?_nc_x=Ij3Wp8lg5Kz

31.13.72.12

200 OK

827 B

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/4_8X-2u0CDc.css?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (724)
Size
827 B (827 bytes)
Hash
29973cf3b0ef9f16fe31ed981b2f6573
f22eb80b89b5e0ae9ace854aab6676d56eaef6a1
476822c80e0a0ee078edb7a74db59378f8b1d43d2de844e28a9e9c2f68a4c8d8

HTTP Headers

GET /rsrc.php/v3/ys/l/0,cross/4_8X-2u0CDc.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 03 Nov 2023 20:06:17 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: KZc887Dvnxb+Me2YGy9lcw==
x-fb-debug: U8RJgKUtHGLUiQk9HHpA+IRcULT5qX+DuwPkFrA1TVl4/mz6+76fzZ9YDejeZlR7UxuiL1amRZ0p3hU19KekzQ==
priority: u=3,i
content-length: 827
x-fb-trip-id: 1904183273
date: Tue, 08 Nov 2022 22:20:42 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cedofarmers.org/uploads/partners/1604226170-naccri_logo.gif

192.185.57.117

200 OK

23 kB

URL HTTP/2
cedofarmers.org/uploads/partners/1604226170-naccri_logo.gif
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
GIF image data, version 89a, 363 x 215\012- data
Size
23 kB (22584 bytes)
Hash
b1518cc05cd30d01c564d7b805477fcd
37befe6a7ee22438729b40c59e1b60883e70a493
6512e90f7eb83d3cb1cfcb5feaf0daf69d224a70ca18e1a1ea528223f1fd9797

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/partners/1604226170-naccri_logo.gif HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:22:50 GMT
accept-ranges: bytes
content-length: 22584
content-type: image/gif
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz

31.13.72.12

200 OK

12 kB

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (5542)
Size
12 kB (12369 bytes)
Hash
0765d76d746716156d53d36ee6f80836
17e1546f87cc6417615caa10dcbbcb699c59471a
f1e6af63ae9ff0385126b72a492b0d34709514dd4c00074a1be28272c253d4f8

HTTP Headers

GET /rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 08 Nov 2023 14:58:40 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: B2XXbXRnFhVtU9Nu5vgINg==
x-fb-debug: D5GS3x6wx04rycniYZY/0Xz+ksXYSSm92jqaYBfwJdNE2gVWZsHNSKS1Na1e4Jf9SQ8Wn6qjKZVunFivJgncuw==
priority: u=3,i
content-length: 12369
x-fb-trip-id: 1904183273
date: Tue, 08 Nov 2022 22:20:42 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cedofarmers.org/uploads/partners/1604226009-aciar_logo.png

192.185.57.117

200 OK

24 kB

URL HTTP/2
cedofarmers.org/uploads/partners/1604226009-aciar_logo.png
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 300 x 74, 8-bit/color RGBA, non-interlaced\012- data
Size
24 kB (24150 bytes)
Hash
77445a24baf789dc455d546e9a648f27
4110ca088be4f164d509a845083e32006bdf8bf1
e87872696cbc1b239bcd07500d471f14decdb8b5b06f1f405c83fcac4a86f1dd

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/partners/1604226009-aciar_logo.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:20:08 GMT
accept-ranges: bytes
content-length: 24150
content-type: image/png
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz

31.13.72.12

200 OK

1.7 kB

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (1984)
Size
1.7 kB (1657 bytes)
Hash
16f083b23b565db9d2f20d1ad75933c1
6d74ad139c96b1e3fc9d541419788b5b4893ec9a
36b909cd9132a8996a1bbb221d05217c31506a6951bb408deeea6aa612dc4200

HTTP Headers

GET /rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 03 Nov 2023 05:04:25 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: FvCDsjtWXbnS8g0a11kzwQ==
x-fb-debug: 00IrCbBbnm9vzmEGDumL0sh3nuf2iWdTpefIOOCSnTUUmtz+z/FyUfmUD4SQEeD9WcEh83B1Vahq8P4hknaGTg==
content-length: 1657
x-fb-trip-id: 1904183273
date: Tue, 08 Nov 2022 22:20:42 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cedofarmers.org/uploads/partners/1604226042-CIAT_logo.png

192.185.57.117

200 OK

26 kB

URL HTTP/2
cedofarmers.org/uploads/partners/1604226042-CIAT_logo.png
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 546 x 262, 8-bit/color RGBA, non-interlaced\012- data
Size
26 kB (26151 bytes)
Hash
fa6fbaa6375ea882f3ed89b9873c54ef
6be564842ac991e86873875fbdbc5fe38d6d4f62
295dfb343ff16792b8e1c59a47ccbf77fde7a4481dcd2b78ca13a3a033a1ce3f

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/partners/1604226042-CIAT_logo.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:20:42 GMT
accept-ranges: bytes
content-length: 26151
content-type: image/png
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

static.xx.fbcdn.net/rsrc.php/v3/ys/r/ojzICpVg5Kb.js?_nc_x=Ij3Wp8lg5Kz

31.13.72.12

200 OK

16 kB

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3/ys/r/ojzICpVg5Kb.js?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
C source, ASCII text, with very long lines (8749)
Size
16 kB (16259 bytes)
Hash
c2b0fc32b893b1c243b3a27bcc5799cd
a9a85686e79bf7bba56cf1a7883b89447096eb54
f84f8dc2511cfbed3abe4ae7dd9c8e02c02260e0824eddaf69f2d54f3994a726

HTTP Headers

GET /rsrc.php/v3/ys/r/ojzICpVg5Kb.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 05 Nov 2023 03:23:46 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: wrD8MriTscJDs6J7zFeZzQ==
x-fb-debug: ZeaG4nczRFV9qJrZM59ZmYklxtldDRvk75b6fH34gkz1gMCEFsaTtetQwAT3aF82JRPYbxFDD5vVyCK2+3MHGg==
priority: u=3,i
content-length: 16259
x-fb-trip-id: 1904183273
date: Tue, 08 Nov 2022 22:20:42 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cedofarmers.org/uploads/partners/1604226242-unihoffen_logo.png

192.185.57.117

200 OK

32 kB

URL HTTP/2
cedofarmers.org/uploads/partners/1604226242-unihoffen_logo.png
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 1200 x 630, 8-bit/color RGBA, non-interlaced\012- data
Size
32 kB (31987 bytes)
Hash
274488a5926f3abd2d033b657a1ca661
cb36c76e5a984a14ea5098fbb46b15e390560cd0
c28e456d7421c182180b7e0b04d8813609cf9abaf30e44c5dd4cfb790420aa94

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/partners/1604226242-unihoffen_logo.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:24:02 GMT
accept-ranges: bytes
content-length: 31987
content-type: image/png
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

static.xx.fbcdn.net/rsrc.php/v3/yM/r/WNuD0ewp6xQ.js?_nc_x=Ij3Wp8lg5Kz

31.13.72.12

200 OK

91 kB

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3/yM/r/WNuD0ewp6xQ.js?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (18630)
Size
91 kB (91137 bytes)
Hash
2735f6f13ab0e68d5d21650e8d76d90d
fac3c804bd2c335c0c6aa615a0f6bd9197d5ed87
1744afaa9fc41238e9cfa2073844a8c1ed9c80093e5f1555fc93acfbec268b5d

HTTP Headers

GET /rsrc.php/v3/yM/r/WNuD0ewp6xQ.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 08 Nov 2023 01:32:04 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: JzX28Tqw5o1dIWUOjXbZDQ==
x-fb-debug: bC5+aa5Je0InC3pf1rVrCdTR4TP6lFHLdvrsN0ce1Cc3jv3cHGvzYTQToVx8+qOeVfHGmJ0JfNlleTuHo1Q+uQ==
content-length: 91137
x-fb-trip-id: 1904183273
date: Tue, 08 Nov 2022 22:20:42 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cedofarmers.org/uploads/partners/1604226057-crs_logo.jpg

192.185.57.117

200 OK

48 kB

URL HTTP/2
cedofarmers.org/uploads/partners/1604226057-crs_logo.jpg
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 90", baseline, precision 8, 617x403, components 3\012- data
Size
48 kB (47794 bytes)
Hash
00497e3754e0461e122b841ff253af40
fe1c146a43e5498a83f3d3117e5ff56be27ce29c
b2b28b1a937ef62a9b7bae09257b7833f589f45b163ea3cfe6128e110c3dbe81

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/partners/1604226057-crs_logo.jpg HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:20:56 GMT
accept-ranges: bytes
content-length: 47794
content-type: image/jpeg
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

cedofarmers.org/uploads/partners/1604226154-mastercardlabs_logo.png

192.185.57.117

200 OK

54 kB

URL HTTP/2
cedofarmers.org/uploads/partners/1604226154-mastercardlabs_logo.png
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 640 x 360, 8-bit/color RGBA, non-interlaced\012- data
Size
54 kB (54162 bytes)
Hash
22d28b31b56b34ed09c57cc0f5e05a3c
fb50da88db4b7c460a6b935ad1aef6e33701230a
9dc8b3fa8f1cf2b1fc9799c2fa996e646db1fb81760a0bd023fa250ade4e0943

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/partners/1604226154-mastercardlabs_logo.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:22:34 GMT
accept-ranges: bytes
content-length: 54162
content-type: image/png
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

cedofarmers.org/uploads/partners/1604226204-pabra_logo.jpg

192.185.57.117

200 OK

78 kB

URL HTTP/2
cedofarmers.org/uploads/partners/1604226204-pabra_logo.jpg
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 90", baseline, precision 8, 773x452, components 3\012- data
Size
78 kB (77922 bytes)
Hash
c766d10face8900cde72ee0e9bd9aa69
9f05c6f3fad7a28d5ebf92572e59ce54a58d7fad
99cbb2054889f4bef94863f0060f9ef9bce8af13486fac7122143dfcfffbb055

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/partners/1604226204-pabra_logo.jpg HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:23:24 GMT
accept-ranges: bytes
content-length: 77922
content-type: image/jpeg
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

cedofarmers.org/uploads/partners/1604226034-bmz_logo.png

192.185.57.117

200 OK

79 kB

URL HTTP/2
cedofarmers.org/uploads/partners/1604226034-bmz_logo.png
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 481 x 347, 8-bit/color RGBA, non-interlaced\012- data
Size
79 kB (78907 bytes)
Hash
0c81df3683571159de721680f05c8da9
49da33674e6db8b872ecd0d298369bce1035bedc
126b903c6ae4dc921808baa17129b8da90c7dd365b431523bbc3b4d9d81fbb4c

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/partners/1604226034-bmz_logo.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:20:34 GMT
accept-ranges: bytes
content-length: 78907
content-type: image/png
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

cedofarmers.org/uploads/partners/1604226219-RHSP_logo.jpg

192.185.57.117

200 OK

72 kB

URL HTTP/2
cedofarmers.org/uploads/partners/1604226219-RHSP_logo.jpg
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Web Open Font Format (Version 2), TrueType, length 72112, version 329.31064\012- data
Size
72 kB (72112 bytes)
Hash
4b115e1153a9ea339d6a0bb284cc8ed3
f988b2efe9434b0af28943708d33dd3afad9a5ba
d5f471476e1636e23b00991ae8a85d3703ada55bc6d6162472a28aa94fa64d4e

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/partners/1604226219-RHSP_logo.jpg HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:23:38 GMT
accept-ranges: bytes
content-length: 9556
content-type: image/jpeg
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

cedofarmers.org/uploads/partners/1604226071-ford-foundation_logo.jpg

192.185.57.117

200 OK

102 kB

URL HTTP/2
cedofarmers.org/uploads/partners/1604226071-ford-foundation_logo.jpg
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 90", baseline, precision 8, 1920x484, components 3\012- data
Size
102 kB (101564 bytes)
Hash
13a75153ca015117d661e470a1416894
b985631fc048fb90c4e693b05b627e01d97b716a
5e5c0074da04ac82c1516265c5dad2c2e880fd60d0caa6938394877afd632ca5

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/partners/1604226071-ford-foundation_logo.jpg HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:21:10 GMT
accept-ranges: bytes
content-length: 101564
content-type: image/jpeg
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

cedofarmers.org/uploads/partners/1604226079-harvestplus.png

192.185.57.117

200 OK

107 kB

URL HTTP/2
cedofarmers.org/uploads/partners/1604226079-harvestplus.png
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 593 x 519, 8-bit/color RGBA, non-interlaced\012- data
Size
107 kB (106875 bytes)
Hash
a9ad0e607c4e32a45915f53bd05754bf
7879d95a905ba82922f6a68f016a9a918cf2c40a
640750935f7ee4cc8afe436bbe1f86b28ea13435fcce59dc4061b04bcb394442

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/partners/1604226079-harvestplus.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:21:18 GMT
accept-ranges: bytes
content-length: 106875
content-type: image/png
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

cedofarmers.org/uploads/partners/1604666872-Alliance%20Bioversity%20%20CIAT.png

192.185.57.117

200 OK

117 kB

URL HTTP/2
cedofarmers.org/uploads/partners/1604666872-Alliance%20Bioversity%20%20CIAT.png
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 1999 x 1113, 8-bit/color RGBA, non-interlaced\012- data
Size
117 kB (116714 bytes)
Hash
0ac3d05c98924409a2e4b4a84984a808
eab6bbd62e8db544b715da2b8dba536bbaa165ce
b48528ca84652ac77d70371f5243cd75f2255890a56880b9f4df0e10150be5dc

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/partners/1604666872-Alliance%20Bioversity%20%20CIAT.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 06 Nov 2020 09:47:54 GMT
accept-ranges: bytes
content-length: 116714
content-type: image/png
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9342
Expires: Wed, 09 Nov 2022 00:56:24 GMT
Date: Tue, 08 Nov 2022 22:20:42 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9342
Expires: Wed, 09 Nov 2022 00:56:24 GMT
Date: Tue, 08 Nov 2022 22:20:42 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

602 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
602 B (602 bytes)
Hash
6f1c35518a7e607830c0b0da05eb8143
e98b9cc7afb57557c29ffcdc1eb787d8cff90dbb
c8e36b52a34fcf04c0f8e1f522f55240f057f81d0862424a0d939d2c393eb748

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9342
Expires: Wed, 09 Nov 2022 00:56:24 GMT
Date: Tue, 08 Nov 2022 22:20:42 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9342
Expires: Wed, 09 Nov 2022 00:56:24 GMT
Date: Tue, 08 Nov 2022 22:20:42 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9342
Expires: Wed, 09 Nov 2022 00:56:24 GMT
Date: Tue, 08 Nov 2022 22:20:42 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ec06e64-918f-480d-ac05-7fea783ee61f.jpeg

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ec06e64-918f-480d-ac05-7fea783ee61f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11723 bytes)
Hash
251feed4603d868ab84aa13c9b8edbdb
381a81a8dcff741612c76f5fdfb42bc13372a119
2dc3848fa2917b3b909e39104657601f41876935b217371a50ee15f778e5a9f5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ec06e64-918f-480d-ac05-7fea783ee61f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11723
x-amzn-requestid: 955f8ec3-9815-48ff-aa6a-250956377cdf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTVLFo5oAMF2UA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc20-70e216d808330566039aee89;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:37:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: hcOJnYBsbAtMobcAC_q19cCoOChDcKs-oIspAtNKskbYnoSHz2NmEg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:43:31 GMT
etag: "381a81a8dcff741612c76f5fdfb42bc13372a119"
content-type: image/jpeg
age: 2231
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10462 bytes)
Hash
4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 43480a38-fd89-4c47-b8c4-e6ba90b1321c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aMF6oEz_oAMF8Hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e5043-6617fd2e59cab00135301cdd;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 07:05:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: C7GYpM3mXSf0hVyGO9Zzlxa3IHXHdyPlXsvr3i0GoQnaPZF6lO-OwA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 06:28:01 GMT
age: 57161
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b1448b9-c14a-494a-b2b3-d4d430f83cd7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.1 kB (7108 bytes)
Hash
da90dc6a5f2fc0c07e1e3d7ac0f1a67c
131acddbc0fefa19de876f5254d21370691b4653
60a17b9d4f66a571b54b17bcdd5ae19942bd8540569663611a3a64c07734417c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b1448b9-c14a-494a-b2b3-d4d430f83cd7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7108
x-amzn-requestid: bf8302ba-8138-4b4a-8821-fe1c1d1864fc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bMYDHEoFoAMFqVA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636806e0-7b5856224000122233ad81ea;Sampled=0
x-amzn-remapped-date: Sun, 06 Nov 2022 19:11:28 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4BaZ-LMJyYy_6UTMKjwjUulT4nAc0pxyJvmTmsy-M_WGXw9doIO0Vg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 22:03:36 GMT
age: 1026
etag: "131acddbc0fefa19de876f5254d21370691b4653"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b197dc2-1415-4c19-8d36-1fa334168ba5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.3 kB (9313 bytes)
Hash
29429581f8dc762c69c5916009f70080
9265cae98aa663a5498925b70079abdd8e7031fd
c3deee74c80905a1e92b84868b9987cb30ad7a210dca066b97c325cc2c83872e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b197dc2-1415-4c19-8d36-1fa334168ba5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9313
x-amzn-requestid: be3f6b0f-cf61-4bec-ad1a-87abdbc45d73
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTTwF5AoAMFZAw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc17-5ca45b5b1065a4ea492f2ac6;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:37:27 GMT
x-amz-cf-pop: SEA19-C3, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 9lVY7YgQQ0FAP3ItgCSWePY0Msd4RIyBz4eNPc-K51BtnWUjOObv6g==
via: 1.1 31dfa94142c6eaf975b0e5454c00340a.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:43:31 GMT
etag: "9265cae98aa663a5498925b70079abdd8e7031fd"
content-type: image/jpeg
age: 2231
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d4ddd67-c616-4121-a20d-93a46ca683a5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7620 bytes)
Hash
b52a8b78f7273b02455e93107edb9633
7a09033d8e92af7e492e5ec41d6d90c473b848f6
b239606b1c37e680536a899808e845ccf270b1eadec03476e0cbfdf9911c149b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d4ddd67-c616-4121-a20d-93a46ca683a5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7620
x-amzn-requestid: 4938029b-6e40-4549-8404-63ca28e79961
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTU_WEQgIAMFU2w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acec8-2bda1b015e94c4127df2b052;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:48:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: N-7W40j1csZhuoQvk_awKDRBjxJukydzyRVHvJNBSBx-AqYJQrUYGg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 22:02:26 GMT
age: 1096
etag: "7a09033d8e92af7e492e5ec41d6d90c473b848f6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0adf10c-d2d8-4768-a99e-671dd205fa5f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9741 bytes)
Hash
10699bfbe3966b42cce253bfd3c09d0d
dd74707d8871dd800aa29bda2edc6105bd00adf6
26b571dbe9c885db2a2a6ae4e4a432b843a2815fb34ec976db7a3e6148a4dc8e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0adf10c-d2d8-4768-a99e-671dd205fa5f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9741
x-amzn-requestid: 19706043-9952-4148-bf73-815d2b80f88a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bKom8FixIAMFjzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63675492-26d889196e698552262b0ef6;Sampled=0
x-amzn-remapped-date: Sun, 06 Nov 2022 06:30:42 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 30pGKplOuXFYhdd8rDJhmKimfi5RdviDma-8hJ6Bf6zrwO8KgVhODw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 22:03:53 GMT
age: 1009
etag: "dd74707d8871dd800aa29bda2edc6105bd00adf6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

cedofarmers.org/js/google-map.js

192.185.57.117

404 Not Found

2.4 kB

URL HTTP/2
cedofarmers.org/js/google-map.js
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Size
2.4 kB (2401 bytes)
Hash
2cdccc9eccc72b2742298d87caffaad1
6edb66f8bee92447167a98055ae225ee85945647
a4033c6180cf444d30d417f543c3c7b28b291d28169557e02269168f4ce20678

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /js/google-map.js HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
cache-control: no-cache, private
date: Tue, 08 Nov 2022 22:20:42 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 2401
content-type: text/html; charset=UTF-8
server: Apache
X-Firefox-Spdy: h2

scontent-arn2-2.xx.fbcdn.net/v/t39.30808-1/308009677_406387218318479_7887056903145320551_n.jpg?stp=c1.0.50.50a_cp0_dst-jpg_p50x50&_nc_cat=108&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=AF4olkElq2UAX-cgmYK&_nc_ht=scontent-arn2-2.xx&oh=00_AfAba7cdRPHinAdz5eXe6Aaam63J3uuPZV6KGeRPycboFg&oe=6370217E

157.240.194.27

200 OK

2.2 kB

URL HTTP/2
scontent-arn2-2.xx.fbcdn.net/v/t39.30808-1/308009677_406387218318479_7887056903145320551_n.jpg?stp=c1.0.50.50a_cp0_dst-jpg_p50x50&_nc_cat=108&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=AF4olkElq2UAX-cgmYK&_nc_ht=scontent-arn2-2.xx&oh=00_AfAba7cdRPHinAdz5eXe6Aaam63J3uuPZV6KGeRPycboFg&oe=6370217E
IP
157.240.194.27:0
ASN
#32934 FACEBOOK

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Size
2.2 kB (2152 bytes)
Hash
2dc2b52940d4885637e6e4097f6cfb94
f9f70a65aab76ad9ff18216f6c05563f63775a88
5c5b484596b6266c93c3540e573c174561a16c6cc61985ed3750ffeb2c82d185

HTTP Headers

GET /v/t39.30808-1/308009677_406387218318479_7887056903145320551_n.jpg?stp=c1.0.50.50a_cp0_dst-jpg_p50x50&_nc_cat=108&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=AF4olkElq2UAX-cgmYK&_nc_ht=scontent-arn2-2.xx&oh=00_AfAba7cdRPHinAdz5eXe6Aaam63J3uuPZV6KGeRPycboFg&oe=6370217E HTTP/1.1
Host: scontent-arn2-2.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Wed, 28 Sep 2022 02:14:43 GMT
x-haystack-needlechecksum: 2226211856
x-needle-checksum: 185997496
content-type: image/jpeg
content-digest: adler32=2948273709
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 2152
x-fb-trip-id: 1904183273
date: Tue, 08 Nov 2022 22:20:43 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cedofarmers.org/uploads/partners/1604226105-iowauni_logo.png

192.185.57.117

200 OK

350 kB

URL HTTP/2
cedofarmers.org/uploads/partners/1604226105-iowauni_logo.png
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 1200 x 1200, 8-bit/color RGBA, non-interlaced\012- data
Size
350 kB (349764 bytes)
Hash
4490e0ee79edc5a8109a3a95d306940b
191d8c923a15ecec846936650999bc790256faf5
05cdfc5684753f7f0cbc94b3c475335b3bfb2bef02bd25fb772916e3b5593ac7

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/partners/1604226105-iowauni_logo.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:21:46 GMT
accept-ranges: bytes
content-length: 349764
content-type: image/png
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

cedofarmers.org/ckuploads/files/background1(1).jpg

192.185.57.117

200 OK

410 kB

URL HTTP/2
cedofarmers.org/ckuploads/files/background1(1).jpg
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 80", baseline, precision 8, 1600x900, components 3\012- data
Size
410 kB (410126 bytes)
Hash
98b4dff5eeaf048b4b535f9d5b7c30f2
453a68269b7a783484c03d0496df847b58e619e7
dfa95a7073b8216fa92434b28ddd47bee5bf6ef0f6810964e467e43dc806c464

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /ckuploads/files/background1(1).jpg HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 06:39:12 GMT
accept-ranges: bytes
content-length: 410126
content-type: image/jpeg
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

platform.twitter.com/widgets.js

192.229.233.25

200 OK

29 kB

URL HTTP/1.1
platform.twitter.com/widgets.js
IP
192.229.233.25:0
ASN
#15133 EDGECAST

File type
Unicode text, UTF-8 text, with very long lines (33915)
Size
29 kB (29221 bytes)
Hash
7899fffaf0046efb7f9be2495d9dc928
d4c60d88e8deea577a50f9d20e1b6b3a20cba2cf
07d50450f22df0588cc1b67f5a124cb91d99a032a229586eb7dc490cce9f7f30

HTTP Headers

GET /widgets.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Age: 1460
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Date: Tue, 08 Nov 2022 22:20:43 GMT
Etag: "6633f9603c759c40d9b200995454f17c+gzip"
Last-Modified: Wed, 02 Nov 2022 19:43:37 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71E)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
x-amzn-internal-status: 304
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 29221

platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fcedofarmers.org

192.229.233.25

200 OK

105 kB

URL HTTP/1.1
platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fcedofarmers.org
IP
192.229.233.25:0
ASN
#15133 EDGECAST

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (56168)
Size
105 kB (105445 bytes)
Hash
2b4968b185495eddda0d85b2351ebb71
c665785ca0f4039f8c71d94631cd50a879d866b5
eb8af089d8082a58a6e90fedc23007f17a9e89ddbc6a29b6e535e4847ba94160

HTTP Headers

GET /widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fcedofarmers.org HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 518390
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 08 Nov 2022 22:20:43 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:59 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105445

ocsp.digicert.com/

93.184.220.29

200 OK

313 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
313 B (313 bytes)
Hash
ec8b93692d2bc1822021c436019d515d
aa4b30802f6167f004bcae84b5ab86a2f92c5e40
21a41caa4636c24c1048a93cc0ea80a8ad41f9686f6a08f9a6e41e797e3e3b8c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5203
Cache-Control: max-age=115945
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 22:20:44 GMT
Etag: "6369e3d2-139"
Expires: Thu, 10 Nov 2022 06:33:09 GMT
Last-Modified: Tue, 08 Nov 2022 05:06:26 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 313

syndication.twitter.com/settings?session_id=44a52223fb01c79465fa12ad00be41b01af606a1

104.244.42.200

200 OK

375 B

URL HTTP/2
syndication.twitter.com/settings?session_id=44a52223fb01c79465fa12ad00be41b01af606a1
IP
104.244.42.200:0
ASN
#13414 TWITTER

File type
JSON data\012- , ASCII text, with very long lines (914), with no line terminators
Size
375 B (375 bytes)
Hash
22ba4030aabb3e3f64bbbcb1148617f0
2fc6418de8aeb4439351672d396dc8823b3e9357
db89caae1654117a1d9191db8633b6da5cde5deebf238bbd1800616cfc8f4254

HTTP Headers

GET /settings?session_id=44a52223fb01c79465fa12ad00be41b01af606a1 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://platform.twitter.com/
Origin: https://platform.twitter.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Tue, 08 Nov 2022 22:20:43 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: application/json; charset=utf-8
cache-control: must-revalidate, max-age=600
last-modified: Tue, 08 Nov 2022 22:20:44 GMT
content-length: 375
content-encoding: gzip
x-transaction-id: 6475a9cd5b9b7073
strict-transport-security: max-age=631138519
access-control-allow-origin: https://platform.twitter.com
access-control-allow-credentials: true
x-response-time: 110
x-connection-hash: e2270441904909b917f36cbb0ea322527f317e7dae0aafe9778b4444cb1c74e4
X-Firefox-Spdy: h2

platform.twitter.com/js/horizon_timeline.5b32f06df3f1186af2ebf11024b09726.js

192.229.233.25

200 OK

3.0 kB

URL HTTP/1.1
platform.twitter.com/js/horizon_timeline.5b32f06df3f1186af2ebf11024b09726.js
IP
192.229.233.25:0
ASN
#15133 EDGECAST

File type
Unicode text, UTF-8 text, with very long lines (8274), with no line terminators
Size
3.0 kB (2977 bytes)
Hash
9dcf6c8cba8fe3e8cb99b94ee63af2d5
ec132eb470954fdf2ff629d8344942b47ce4a5d1
2783e866faf68e4f6bc1775136ac1fa7b05d4adc7522f350763eb09a0e91b80d

HTTP Headers

GET /js/horizon_timeline.5b32f06df3f1186af2ebf11024b09726.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 518391
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 08 Nov 2022 22:20:44 GMT
Etag: "be517337a860b30e72096680d8dde0eb+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:52 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71C)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 2977

syndication.twitter.com/i/jot/embeds?l=%7B%22experiment_key%22%3A%22tfw_horizon_timeline_12034%22%2C%22bucket%22%3A%22treatment%22%2C%22version%22%3Anull%2C%22data%22%3A%7B%7D%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1667946041212%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22widget_origin%22%3A%22%22%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22ddg%22%2C%22section%22%3A%22tfw_horizon_timeline_12034%22%2C%22action%22%3A%22experiment%22%7D%7D&session_id=44a52223fb01c79465fa12ad00be41b01af606a1

104.244.42.200

200 OK

43 B

URL HTTP/2
syndication.twitter.com/i/jot/embeds?l=%7B%22experiment_key%22%3A%22tfw_horizon_timeline_12034%22%2C%22bucket%22%3A%22treatment%22%2C%22version%22%3Anull%2C%22data%22%3A%7B%7D%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1667946041212%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22widget_origin%22%3A%22%22%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22ddg%22%2C%22section%22%3A%22tfw_horizon_timeline_12034%22%2C%22action%22%3A%22experiment%22%7D%7D&session_id=44a52223fb01c79465fa12ad00be41b01af606a1
IP
104.244.42.200:0
ASN
#13414 TWITTER

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

HTTP Headers

GET /i/jot/embeds?l=%7B%22experiment_key%22%3A%22tfw_horizon_timeline_12034%22%2C%22bucket%22%3A%22treatment%22%2C%22version%22%3Anull%2C%22data%22%3A%7B%7D%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1667946041212%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22widget_origin%22%3A%22%22%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22ddg%22%2C%22section%22%3A%22tfw_horizon_timeline_12034%22%2C%22action%22%3A%22experiment%22%7D%7D&session_id=44a52223fb01c79465fa12ad00be41b01af606a1 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 08 Nov 2022 22:20:44 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: image/gif
cache-control: must-revalidate, max-age=600
last-modified: Tue, 08 Nov 2022 22:20:44 GMT
content-length: 43
x-transaction-id: 78dab29a5b7ad2e0
strict-transport-security: max-age=631138519
x-response-time: 119
x-connection-hash: e2270441904909b917f36cbb0ea322527f317e7dae0aafe9778b4444cb1c74e4
X-Firefox-Spdy: h2

cedofarmers.org/images/favicon/usikate.ico

192.185.57.117

404 Not Found

2.4 kB

URL HTTP/2
cedofarmers.org/images/favicon/usikate.ico
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Size
2.4 kB (2401 bytes)
Hash
2cdccc9eccc72b2742298d87caffaad1
6edb66f8bee92447167a98055ae225ee85945647
a4033c6180cf444d30d417f543c3c7b28b291d28169557e02269168f4ce20678

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /images/favicon/usikate.ico HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
cache-control: no-cache, private
date: Tue, 08 Nov 2022 22:20:43 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 2401
content-type: text/html; charset=UTF-8
server: Apache
X-Firefox-Spdy: h2

syndication.twitter.com/srv/timeline-profile/screen-name/CEDO_Ug?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&limit=2&origin=https%3A%2F%2Fcedofarmers.org%2Findex.php&sessionId=44a52223fb01c79465fa12ad00be41b01af606a1&showHeader=true&showReplies=false&transparent=false&widgetsVersion=a3525f077c700%3A1667415560940

104.244.42.200

200 OK

5.6 kB

URL HTTP/2
syndication.twitter.com/srv/timeline-profile/screen-name/CEDO_Ug?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&limit=2&origin=https%3A%2F%2Fcedofarmers.org%2Findex.php&sessionId=44a52223fb01c79465fa12ad00be41b01af606a1&showHeader=true&showReplies=false&transparent=false&widgetsVersion=a3525f077c700%3A1667415560940
IP
104.244.42.200:0
ASN
#13414 TWITTER

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (26488), with no line terminators
Size
5.6 kB (5648 bytes)
Hash
d9a7fb951f68b0f431dba0a8fc4a1831
5d4aede5ea929f3e86d8b8362e5f033cfd332a05
7dd267ee2776d0ec601c322acd811113a8da64d7fdacaa5c43bf365015d3788c

HTTP Headers

GET /srv/timeline-profile/screen-name/CEDO_Ug?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&limit=2&origin=https%3A%2F%2Fcedofarmers.org%2Findex.php&sessionId=44a52223fb01c79465fa12ad00be41b01af606a1&showHeader=true&showReplies=false&transparent=false&widgetsVersion=a3525f077c700%3A1667415560940 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 08 Nov 2022 22:20:45 GMT
etag: "6782-c+BzzEt7AmBoq6YxcVa+JF41opY"
perf: 7626143928
server: tsa_o
content-type: text/html; charset=utf-8
cache-control: must-revalidate, max-age=60
x-transaction-id: e3e33d46c77dd4f6
x-xss-protection: 0
strict-transport-security: max-age=631138519
content-encoding: gzip
content-length: 5648
x-response-time: 456
x-connection-hash: e2270441904909b917f36cbb0ea322527f317e7dae0aafe9778b4444cb1c74e4
X-Firefox-Spdy: h2

platform.twitter.com/_next/static/chunks/runtime-a148fbcbc5efcd91d3a7.js

192.229.233.25

200 OK

2.1 kB

URL HTTP/1.1
platform.twitter.com/_next/static/chunks/runtime-a148fbcbc5efcd91d3a7.js
IP
192.229.233.25:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (3835), with no line terminators
Size
2.1 kB (2097 bytes)
Hash
a7a94df486e306b619ab921142d234e2
1386bcf32860c146b6b7d912b92a540662cc7361
f4de548de8d166e7872adeefa8e8345f952b9001b40ca56622cd40033a34bf22

HTTP Headers

GET /_next/static/chunks/runtime-a148fbcbc5efcd91d3a7.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 441118
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 08 Nov 2022 22:20:45 GMT
Etag: "581beb14123ea389fe5c0fe24167fe0a+gzip"
Last-Modified: Thu, 03 Nov 2022 19:46:26 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71B)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 2097

cedofarmers.org/fonts/ionicons/fonts/ionicons.woff?v=4.0.0-19

192.185.57.117

404 Not Found

102 kB

URL HTTP/2
cedofarmers.org/fonts/ionicons/fonts/ionicons.woff?v=4.0.0-19
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
data
Size
102 kB (102328 bytes)
Hash
46a3f89f7cdbb73d367f0aaaab237686
549840b65c61265031adee0623127924cb507460
c0b62806138408c5e9901875e4ad4168d90de256d800da59db12ac775cffd7f4

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /fonts/ionicons/fonts/ionicons.woff?v=4.0.0-19 HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://cedofarmers.org/css/ionicons.min.css
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
cache-control: no-cache, private
date: Tue, 08 Nov 2022 22:20:44 GMT
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
server: Apache
X-Firefox-Spdy: h2

platform.twitter.com/_next/static/chunks/main-e9db78f5e7b3d83edd5e.js

192.229.233.25

200 OK

90 B

URL HTTP/1.1
platform.twitter.com/_next/static/chunks/main-e9db78f5e7b3d83edd5e.js
IP
192.229.233.25:0
ASN
#15133 EDGECAST

File type
ASCII text, with no line terminators
Size
90 B (90 bytes)
Hash
8e33207e7b788da9abde5b6d33da0b00
23e48f1b412b3a0a406639f297fb6f4c4740efe8
80534a6e1ec41d37acec8be383f8d1112dbbeea31dd51ead47463095c13bff3a

HTTP Headers

GET /_next/static/chunks/main-e9db78f5e7b3d83edd5e.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 518392
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 08 Nov 2022 22:20:45 GMT
Etag: "8e33207e7b788da9abde5b6d33da0b00"
Last-Modified: Wed, 28 Sep 2022 17:24:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71A)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 90

platform.twitter.com/_next/static/chunks/pages/_app-446fb4a338b215deec8c.js

192.229.233.25

200 OK

668 B

URL HTTP/1.1
platform.twitter.com/_next/static/chunks/pages/_app-446fb4a338b215deec8c.js
IP
192.229.233.25:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (1338), with no line terminators
Size
668 B (668 bytes)
Hash
79fd032d8d5d9fa6b966e0a2b0e5a3e1
092828885b8721858c80381d92622760aa6b2188
d08463c097b4b77e9db4acb6fdf01a44f3b80db66cd368c76185a363c9bf0863

HTTP Headers

GET /_next/static/chunks/pages/_app-446fb4a338b215deec8c.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 518392
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 08 Nov 2022 22:20:45 GMT
Etag: "be3e428d416daa9027cecf70b5f26bf9+gzip"
Last-Modified: Wed, 28 Sep 2022 17:24:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 668

platform.twitter.com/_next/static/chunks/pages/timeline-profile/screen-name/%5BscreenName%5D-c8b4c96951cf24f547b4.js

192.229.233.25

200 OK

1.3 kB

URL HTTP/1.1
platform.twitter.com/_next/static/chunks/pages/timeline-profile/screen-name/%5BscreenName%5D-c8b4c96951cf24f547b4.js
IP
192.229.233.25:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (13043), with no line terminators
Size
1.3 kB (1285 bytes)
Hash
9a40466b77e5f5f4a525cf508afee546
410eb7a6ee4ee31950b33844fd21efcc8850e3e0
aae2810ee062cd3d5a1d770d2f1b287c84d5ae6276c90914ab21c9cce6686538

HTTP Headers

GET /_next/static/chunks/pages/timeline-profile/screen-name/%5BscreenName%5D-c8b4c96951cf24f547b4.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 518391
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 08 Nov 2022 22:20:45 GMT
Etag: "1efc61e416c7f4f293501e877fbec836+gzip"
Last-Modified: Wed, 28 Sep 2022 17:24:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F714)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 1285

platform.twitter.com/_next/static/octaUlqc-A_Am4qAPnvU1/_buildManifest.js

192.229.233.25

200 OK

414 B

URL HTTP/1.1
platform.twitter.com/_next/static/octaUlqc-A_Am4qAPnvU1/_buildManifest.js
IP
192.229.233.25:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (1208), with no line terminators
Size
414 B (414 bytes)
Hash
19e50b016c2418a8b7178a219a9fe03d
68c691a19558f28e9111b35f0c0f182addd31e3f
ff39afa732cf28797d8c7d8170b9e4dcc5ab8bcbd688b44be3dc0d82a5b3bbe4

HTTP Headers

GET /_next/static/octaUlqc-A_Am4qAPnvU1/_buildManifest.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 441118
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 08 Nov 2022 22:20:45 GMT
Etag: "12a5a08767706f15b6b316996cd057c1+gzip"
Last-Modified: Thu, 03 Nov 2022 19:46:26 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F70D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 414

platform.twitter.com/_next/static/octaUlqc-A_Am4qAPnvU1/_ssgManifest.js

192.229.233.25

200 OK

76 B

URL HTTP/1.1
platform.twitter.com/_next/static/octaUlqc-A_Am4qAPnvU1/_ssgManifest.js
IP
192.229.233.25:0
ASN
#15133 EDGECAST

File type
ASCII text, with no line terminators
Size
76 B (76 bytes)
Hash
abee47769bf307639ace4945f9cfd4ff
c0a0dc51ee8a2852baf5ff30c33b1478ff302585
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479

HTTP Headers

GET /_next/static/octaUlqc-A_Am4qAPnvU1/_ssgManifest.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 441117
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 08 Nov 2022 22:20:45 GMT
Etag: "abee47769bf307639ace4945f9cfd4ff"
Last-Modified: Thu, 03 Nov 2022 19:46:26 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F716)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 76

platform.twitter.com/_next/static/chunks/13.65c62863b5d1aec3d279.js

192.229.233.25

200 OK

12 kB

URL HTTP/1.1
platform.twitter.com/_next/static/chunks/13.65c62863b5d1aec3d279.js
IP
192.229.233.25:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (38097), with no line terminators
Size
12 kB (12015 bytes)
Hash
6f1f49e728d9b878cfa056a239c32cb1
43e501c9bcafe56b859f414521ae48e8d81ce658
39392ba895d16fed8dda86e09ab0ae9f443895fda3036f50384308e59b5e98bc

HTTP Headers

GET /_next/static/chunks/13.65c62863b5d1aec3d279.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 441117
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 08 Nov 2022 22:20:45 GMT
Etag: "03a11df781dcaecf36e41e0b44708344+gzip"
Last-Modified: Thu, 03 Nov 2022 19:46:26 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71C)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 12015

platform.twitter.com/_next/static/chunks/2.691622e4391d1973cb65.js

192.229.233.25

200 OK

7.7 kB

URL HTTP/1.1
platform.twitter.com/_next/static/chunks/2.691622e4391d1973cb65.js
IP
192.229.233.25:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (23122), with no line terminators
Size
7.7 kB (7674 bytes)
Hash
47db702890e40ec11a744a885b6724b9
8ad88841d05dc05ce69ee8d430728214dd82e981
c8f11861cf29a4bc87a1f04f8add61885cc2627e6fd35a0ad12c48acddbaecb6

HTTP Headers

GET /_next/static/chunks/2.691622e4391d1973cb65.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 518392
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 08 Nov 2022 22:20:45 GMT
Etag: "942b5b928a24465d1906b4716131d896+gzip"
Last-Modified: Wed, 28 Sep 2022 17:24:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F712)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 7674

platform.twitter.com/_next/static/chunks/4.87a72bcd1cc186518122.js

192.229.233.25

200 OK

1.3 kB

URL HTTP/1.1
platform.twitter.com/_next/static/chunks/4.87a72bcd1cc186518122.js
IP
192.229.233.25:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (2558), with no line terminators
Size
1.3 kB (1276 bytes)
Hash
385597e7610afe03d76680534f29c35d
12280b5eef389f1e5a45b2b6ff7b21d1ca0b2f8f
ba66755ab4b673c2c028ddc2540308742f6287ae47243b6424df833c4ccd1be3

HTTP Headers

GET /_next/static/chunks/4.87a72bcd1cc186518122.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 441116
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 08 Nov 2022 22:20:45 GMT
Etag: "ff2a4a029f711ed6f7dcb3f1f834609a+gzip"
Last-Modified: Thu, 03 Nov 2022 19:46:26 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F717)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 1276

platform.twitter.com/_next/static/chunks/1.f4b5d6e5e8dcb4c6aa7f.js

192.229.233.25

200 OK

299 kB

URL HTTP/1.1
platform.twitter.com/_next/static/chunks/1.f4b5d6e5e8dcb4c6aa7f.js
IP
192.229.233.25:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (65536), with no line terminators
Size
299 kB (299281 bytes)
Hash
37911f421b8b06c74a625ce6d756bf02
e46b6ad082f67fdbbe9a580c5101389142f67ccb
4a8884b498676dbc1d2eb772bc28b6fab7abef976c997b46667c53b41e47c633

HTTP Headers

GET /_next/static/chunks/1.f4b5d6e5e8dcb4c6aa7f.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 441117
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 08 Nov 2022 22:20:45 GMT
Etag: "5a0c374fae04eeb3b101385087754b18+gzip"
Last-Modified: Thu, 03 Nov 2022 19:46:26 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F708)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 299281

platform.twitter.com/_next/static/chunks/0.ad6e60829dfc07776f5e.js

192.229.233.25

200 OK

2.6 kB

URL HTTP/1.1
platform.twitter.com/_next/static/chunks/0.ad6e60829dfc07776f5e.js
IP
192.229.233.25:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (6721), with no line terminators
Size
2.6 kB (2624 bytes)
Hash
49f5b55936cdab12275a31750ba532c6
e7319555785aae707edd8fe90066a8c047cf0e8d
e1e93c439ee51eb31aa6adcc7cc267331b66b6d5d16c3ce0463b167e947edbcd

HTTP Headers

GET /_next/static/chunks/0.ad6e60829dfc07776f5e.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 441117
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 08 Nov 2022 22:20:45 GMT
Etag: "f8a649284ac45133fc2c0b92defbd7b3+gzip"
Last-Modified: Thu, 03 Nov 2022 19:46:28 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F711)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 187307

platform.twitter.com/_next/static/chunks/vendors~ondemand.LottieWeb.84a69543ec64b75cae2a.js

192.229.233.25

200 OK

42 kB

URL HTTP/1.1
platform.twitter.com/_next/static/chunks/vendors~ondemand.LottieWeb.84a69543ec64b75cae2a.js
IP
192.229.233.25:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (65536), with no line terminators
Size
42 kB (41941 bytes)
Hash
7d62fb224e618094ce4d3e0e5052d16e
867b72ca2f006158db3c520eb3a2532d63746b92
f5d821fa38dc57edfe84c505b14245d8d03a8553c55383ea3aabb688c1a1d21a

HTTP Headers

GET /_next/static/chunks/vendors~ondemand.LottieWeb.84a69543ec64b75cae2a.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 518393
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 08 Nov 2022 22:20:46 GMT
Etag: "72929dff5e574c1b877555fd36c7683a+gzip"
Last-Modified: Wed, 28 Sep 2022 17:24:15 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F711)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 41941

abs.twimg.com/sticky/animations/like.4.json

152.199.21.141

200 OK

1.9 kB

URL HTTP/2
abs.twimg.com/sticky/animations/like.4.json
IP
152.199.21.141:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (24291)
Size
1.9 kB (1897 bytes)
Hash
c5203df5bd1440c2fdf4b44f0eb3116a
6b928e79e59b281eb5b9f5c2ad608f81078b5869
0b638ce107a37db0734fcd82af97d1dd575c246d737949c5414aa1dc549540e3

HTTP Headers

GET /sticky/animations/like.4.json HTTP/1.1
Host: abs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://syndication.twitter.com/
Origin: https://syndication.twitter.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 1661367
content-type: application/json
date: Tue, 08 Nov 2022 22:20:46 GMT
etag: "YKYmOkwIx9KztN7bQT7x8g=="
expires: Wed, 08 Nov 2023 22:20:46 GMT
last-modified: Thu, 20 Oct 2022 16:50:56 GMT
perf: 7626143928
server: ECAcc (ska/F695)
strict-transport-security: max-age=631138519
surrogate-key: twitter-assets
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
vary: Accept-Encoding
x-cache: HIT
x-connection-hash: 00620de26479f72103b0d6f4ca0873a782dd4164b4c1379a9b6b21190ad4a58b
x-content-type-options: nosniff
x-response-time: 10
x-ton-expected-size: 24292
x-transaction-id: 80afab27525733bc
content-length: 1897
X-Firefox-Spdy: h2

syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1667946043164%2C%22event_namespace%22%3A%7B%22action%22%3A%22results%22%2C%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline-profile%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fcedofarmers.org%2Findex.php%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%223a64761%3A1667500028145%22%2C%22widget_data_source%22%3A%22screen-name%3ACEDO_Ug%22%7D&session_id=44a52223fb01c79465fa12ad00be41b01af606a1

104.244.42.200

200 OK

43 B

URL HTTP/2
syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1667946043164%2C%22event_namespace%22%3A%7B%22action%22%3A%22results%22%2C%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline-profile%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fcedofarmers.org%2Findex.php%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%223a64761%3A1667500028145%22%2C%22widget_data_source%22%3A%22screen-name%3ACEDO_Ug%22%7D&session_id=44a52223fb01c79465fa12ad00be41b01af606a1
IP
104.244.42.200:0
ASN
#13414 TWITTER

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

HTTP Headers

GET /i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1667946043164%2C%22event_namespace%22%3A%7B%22action%22%3A%22results%22%2C%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline-profile%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fcedofarmers.org%2Findex.php%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%223a64761%3A1667500028145%22%2C%22widget_data_source%22%3A%22screen-name%3ACEDO_Ug%22%7D&session_id=44a52223fb01c79465fa12ad00be41b01af606a1 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/srv/timeline-profile/screen-name/CEDO_Ug?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&limit=2&origin=https%3A%2F%2Fcedofarmers.org%2Findex.php&sessionId=44a52223fb01c79465fa12ad00be41b01af606a1&showHeader=true&showReplies=false&transparent=false&widgetsVersion=a3525f077c700%3A1667415560940
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 08 Nov 2022 22:20:46 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: image/gif
cache-control: must-revalidate, max-age=600
last-modified: Tue, 08 Nov 2022 22:20:46 GMT
content-length: 43
x-transaction-id: ae9b821ad07a55a0
strict-transport-security: max-age=631138519
x-response-time: 108
x-connection-hash: e2270441904909b917f36cbb0ea322527f317e7dae0aafe9778b4444cb1c74e4
X-Firefox-Spdy: h2

cedofarmers.org/uploads/sliders/1604145998-OSProots.png

192.185.57.117

200 OK

1.3 MB

URL HTTP/2
cedofarmers.org/uploads/sliders/1604145998-OSProots.png
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 1300 x 500, 8-bit/color RGBA, non-interlaced\012- data
Size
1.3 MB (1320099 bytes)
Hash
1081f5f35b1e307676729746f45041a6
9d1aeec335360caf2122c0b7c466a42a720b9d6b
e3f73b69c696ebff8d4427270851d702def72afa5d308e08137a227b00bba086

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/sliders/1604145998-OSProots.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 31 Oct 2020 12:06:38 GMT
accept-ranges: bytes
content-length: 1320099
content-type: image/png
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

cedofarmers.org/uploads/partners/1604226229-unigeorg_logo.png

192.185.57.117

200 OK

1.4 MB

URL HTTP/2
cedofarmers.org/uploads/partners/1604226229-unigeorg_logo.png
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 8309 x 1569, 8-bit/color RGBA, non-interlaced\012- data
Size
1.4 MB (1387462 bytes)
Hash
01187bb8a6418a114c91d623982c6c7d
9e78a01bb4c04f308a10d76a394f8312633399c7
572e7533f0458f13afa966be453343262e9b2a9075926f9ba332f966cc41d009

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/partners/1604226229-unigeorg_logo.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:23:50 GMT
accept-ranges: bytes
content-length: 1387462
content-type: image/png
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

pbs.twimg.com/profile_images/1565337007949111298/J3XBI68t_normal.jpg

151.101.84.159

200 OK

1.8 kB

URL HTTP/2
pbs.twimg.com/profile_images/1565337007949111298/J3XBI68t_normal.jpg
IP
151.101.84.159:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 48x48, components 3\012- data
Size
1.8 kB (1807 bytes)
Hash
ba251a21f21f0928d156d55dbc679b2c
db146ae08d57f8cf9e808fc85c5bb4309078aeaa
a0b0942af23e8083d6630784e64339ec68b0bb2de890d5bc68165ed46492957c

HTTP Headers

GET /profile_images/1565337007949111298/J3XBI68t_normal.jpg HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
perf: 7626143928
cache-control: max-age=604800, must-revalidate
last-modified: Thu, 01 Sep 2022 13:51:19 GMT
x-transaction-id: 5315594f0989e9d6
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
content-type: image/jpeg
accept-ranges: bytes
date: Tue, 08 Nov 2022 22:20:46 GMT
x-cache: HIT, HIT
x-tw-cdn: FT
x-served-by: cache-lhr7343-LHR, cache-bma1661-BMA, cache-tw-ZZZ1
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 1807
X-Firefox-Spdy: h2

cedofarmers.org/uploads/sliders/1604146647-cedomarketing.png

192.185.57.117

200 OK

1.5 MB

URL HTTP/2
cedofarmers.org/uploads/sliders/1604146647-cedomarketing.png
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 1300 x 500, 8-bit/color RGBA, non-interlaced\012- data
Size
1.5 MB (1464925 bytes)
Hash
4d9deb6f6f7bd10382e63e50fe268144
e05262ff47ad84b82f0ee8e2a07927dfaddbe5a4
19ad01029437355fefa18bdd8db45ad96bcf5daae7a772aaab5907fa55bd3365

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/sliders/1604146647-cedomarketing.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 31 Oct 2020 12:17:26 GMT
accept-ranges: bytes
content-length: 1464925
content-type: image/png
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

cedofarmers.org/uploads/sliders/1604145960-dreamsbgslider.png

192.185.57.117

200 OK

1.5 MB

URL HTTP/2
cedofarmers.org/uploads/sliders/1604145960-dreamsbgslider.png
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 1300 x 500, 8-bit/color RGBA, non-interlaced\012- data
Size
1.5 MB (1469608 bytes)
Hash
8251b8294782a8dba967804b3f313751
0c706d25ee53f93153b507061ec85be3542278d8
c43a6755f50ee2188afaa24c10ee9b124f34a50093da26eb621da1b8adb40f83

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/sliders/1604145960-dreamsbgslider.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 31 Oct 2020 12:06:00 GMT
accept-ranges: bytes
content-length: 1469608
content-type: image/png
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

pbs.twimg.com/card_img/1589695478404239360/p4gzWY-5?format=jpg&name=240x240

151.101.84.159

200 OK

7.0 kB

URL HTTP/2
pbs.twimg.com/card_img/1589695478404239360/p4gzWY-5?format=jpg&name=240x240
IP
151.101.84.159:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x135, components 3\012- data
Size
7.0 kB (7022 bytes)
Hash
64b25f2b64968577b1295c360015feca
e2835221c07e1240fe93d8fb4c1f2b30c04e6864
50b981ddacd0ec071c556edcd910d5848ef70a07fb8d0660a6a0e9b6f9154212

HTTP Headers

GET /card_img/1589695478404239360/p4gzWY-5?format=jpg&name=240x240 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
perf: 7626143928
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Mon, 07 Nov 2022 19:03:11 GMT
x-transaction-id: d889575012b294a1
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
accept-ranges: bytes
date: Tue, 08 Nov 2022 22:20:46 GMT
x-cache: MISS, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7344-LHR, cache-bma1661-BMA, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 7022
X-Firefox-Spdy: h2

cedofarmers.org/fonts/ionicons/fonts/ionicons.ttf?v=4.0.0-19

192.185.57.117

404 Not Found

2.4 kB

URL HTTP/2
cedofarmers.org/fonts/ionicons/fonts/ionicons.ttf?v=4.0.0-19
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Size
2.4 kB (2401 bytes)
Hash
2cdccc9eccc72b2742298d87caffaad1
6edb66f8bee92447167a98055ae225ee85945647
a4033c6180cf444d30d417f543c3c7b28b291d28169557e02269168f4ce20678

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /fonts/ionicons/fonts/ionicons.ttf?v=4.0.0-19 HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/css/ionicons.min.css
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
cache-control: no-cache, private
date: Tue, 08 Nov 2022 22:20:45 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 2401
content-type: text/html; charset=UTF-8
server: Apache
X-Firefox-Spdy: h2

pbs.twimg.com/media/E6zCuJYXMAEhuNy?format=jpg&name=120x120

151.101.84.159

200 OK

8.0 kB

URL HTTP/2
pbs.twimg.com/media/E6zCuJYXMAEhuNy?format=jpg&name=120x120
IP
151.101.84.159:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 120x80, components 3\012- data
Size
8.0 kB (8002 bytes)
Hash
a250933363c5c93bff3ef7da3a51b330
b312d2b1cc9011274bbba39788211979dda381af
6512d9ba534b789fe5951ca8a85a75bba10a3a0fa6cb24cd7d51b04091ccbdac

HTTP Headers

GET /media/E6zCuJYXMAEhuNy?format=jpg&name=120x120 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
perf: 7626143928
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Wed, 21 Jul 2021 05:42:18 GMT
x-transaction-id: ef19c29d689271cb
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
accept-ranges: bytes
date: Tue, 08 Nov 2022 22:20:46 GMT
x-cache: MISS, MISS
x-tw-cdn: FT
x-served-by: cache-lhr6629-LHR, cache-bma1661-BMA, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 8002
X-Firefox-Spdy: h2

pbs.twimg.com/media/E6zCuJYXMAEhuNy?format=jpg&name=small

151.101.84.159

200 OK

132 kB

URL HTTP/2
pbs.twimg.com/media/E6zCuJYXMAEhuNy?format=jpg&name=small
IP
151.101.84.159:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 680x451, components 3\012- data
Size
132 kB (132336 bytes)
Hash
07871238f9f15ed20f184ce7289738a9
d588b1a60e51f3e2f4a3cb3b5677c228be929869
ec6dab6aa685bae8a5284f747e84b7e508a88916b0e004c208dc15cc697a11a1

HTTP Headers

GET /media/E6zCuJYXMAEhuNy?format=jpg&name=small HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
perf: 7626143928
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Wed, 21 Jul 2021 05:42:18 GMT
x-transaction-id: 8944d861ebb2c5cc
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
accept-ranges: bytes
date: Tue, 08 Nov 2022 22:20:46 GMT
x-cache: MISS, HIT
x-tw-cdn: FT
x-served-by: cache-lhr7364-LHR, cache-bma1661-BMA, cache-tw-ZZZ1
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 132336
X-Firefox-Spdy: h2

cedofarmers.org/css/style.css

192.185.57.117

200 OK

0 B

URL HTTP/2
cedofarmers.org/css/style.css
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /css/style.css HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 19 Jun 2021 15:50:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

cedofarmers.org/js/jquery.min.js

192.185.57.117

200 OK

0 B

URL HTTP/2
cedofarmers.org/js/jquery.min.js
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /js/jquery.min.js HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.7.2/webfonts/fa-solid-900.woff2

172.64.133.15

200 OK

0 B

URL HTTP/2
use.fontawesome.com/releases/v5.7.2/webfonts/fa-solid-900.woff2
IP
172.64.133.15:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/v5.7.2/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cedofarmers.org
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 08 Nov 2022 22:20:42 GMT
content-type: font/woff2
content-length: 74348
x-amz-id-2: k2k/Odc7ufgx7xt4NReAoaKGKq7Qm8880w9gQgHdxORnqAyGehwqO3g/qnF5DRWtQDWhmOPvJiA=
x-amz-request-id: 1ERGBTQCZRTXNKQD
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:46:18 GMT
etag: "462806316fea535a6a57651bc2b000b0"
cache-control: max-age=31556926
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QzFsBa2uc4WrGjzbzT5OepEx7Pv8OJHqb99MPeNfmusip%2BCsdROu1h5ZYKntBm1rXRrzeXc9Z6cpuFblQWzHCVbWNB6IaAQfhY2zU0%2F4SdfAOlYrmirW%2Fy89WRwvxElSLrRp5pMC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7671b289abdc7714-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cedofarmers.org/fonts/ionicons/fonts/ionicons.woff2?v=4.0.0-19

192.185.57.117

404 Not Found

0 B

URL HTTP/2
cedofarmers.org/fonts/ionicons/fonts/ionicons.woff2?v=4.0.0-19
IP
192.185.57.117:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /fonts/ionicons/fonts/ionicons.woff2?v=4.0.0-19 HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://cedofarmers.org/css/ionicons.min.css
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
cache-control: no-cache, private
date: Tue, 08 Nov 2022 22:20:43 GMT
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
server: Apache
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.7.2/css/all.css

172.64.133.15

200 OK

0 B

URL HTTP/2
use.fontawesome.com/releases/v5.7.2/css/all.css
IP
172.64.133.15:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/v5.7.2/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cedofarmers.org
Connection: keep-alive
Referer: https://cedofarmers.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 08 Nov 2022 22:20:41 GMT
content-type: text/css
x-amz-id-2: EBfxMhcvIvfMGdzOT8IFp0KyPTNJERfmxBSA0veLoFqKapdLK0NxteDZAa43YSTYSmQtV7vKnlM=
x-amz-request-id: 1ERVS3RYHG83AS8G
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:57 GMT
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
cache-control: max-age=31556926
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aL7hlw%2BpIRO%2B8p1ZPUy0S%2Fe75oKi3hI19uVYmPhdPMg2YDz8do5jRvXWYBrg8lBoyrui1ncs%2F4G1%2FraL7zBPAP2ccMgvsiUUKQyCM30iumRS4KvLINjTwtI9R2wZcddiiuxEAJHO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7671b286be347714-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (60)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations