cedofarmers.org/tmiu/qakbot.zip
192.185.57.117301 Moved Permanently 241 B URL HTTP/1.1 cedofarmers.org/tmiu/qakbot.zip
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 143e857dedbeba8a9afd5e4b6a4ec3c7
739291f581c628a095ae9dbb766b86c3f971ef7c
42f51bd1ae4ade0a86552ab214350f8a4f8c8de6645618d8d96cc41f47d37bbe
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /tmiu/qakbot.zip HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 08 Nov 2022 22:20:40 GMT
Server: Apache
Location: https://cedofarmers.org/index.php
Content-Length: 241
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c7a8ba48383a0e56baca8c8c41b81a04
b04c1f1e730a71f17ff639c9db697c532d4e5421
7860552382285e6eddddc5226c6f6400caa3f6fc3cb4b8a2d550c6fc653f78bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7860552382285E6EDDDDC5226C6F6400CAA3F6FC3CB4B8A2D550C6FC653F78BB"
Last-Modified: Sun, 06 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2446
Expires: Tue, 08 Nov 2022 23:01:26 GMT
Date: Tue, 08 Nov 2022 22:20:40 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7908acd0c083145e2b454aaeb063c236
0696647bb0a4118327f637a50ebcc21bac39d592
ffc30b68df0b33d67f31e37bbf5ae5cf4c23e1c8b8197bf76a95ee06bec4cd36
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4425
Cache-Control: max-age=134656
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 22:20:40 GMT
Etag: "636a2fef-1d7"
Expires: Thu, 10 Nov 2022 11:44:56 GMT
Last-Modified: Tue, 08 Nov 2022 10:31:11 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9a21dcd6794c5ba4178522096f695511
d731cf49db5e048d0d820d5cee03417cdd8c1c7b
c4981ce849fcfce045d1c9eeb2978767d87fcbf6087626f3d6541ec8b1938a37
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C4981CE849FCFCE045D1C9EEB2978767D87FCBF6087626F3D6541EC8B1938A37"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9200
Expires: Wed, 09 Nov 2022 00:54:00 GMT
Date: Tue, 08 Nov 2022 22:20:40 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 8F3RjqYKDx7AAbK6zGNeLWpXa5lt+OqtZ3HdqrKniPrkcBrjB5gbPwJ5OL0NmFAdoEUbYkqyym8=
x-amz-request-id: 0SCNW9NZ080566R4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 08 Nov 2022 22:11:28 GMT
age: 552
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 08 Nov 2022 22:20:40 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 17a694f272f175c24d486240fe3fbeb8
d9d41d9e1024dcd836c2b2fd95341736d539c606
7c99cf1bf90d0425556667f9a7c6dc7319d013a9d0f6c94baa8bc0deb49d22c7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7C99CF1BF90D0425556667F9A7C6DC7319D013A9D0F6C94BAA8BC0DEB49D22C7"
Last-Modified: Tue, 08 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21548
Expires: Wed, 09 Nov 2022 04:19:48 GMT
Date: Tue, 08 Nov 2022 22:20:40 GMT
Connection: keep-alive
cedofarmers.org/index.php
192.185.57.117200 OK 6.1 kB URL HTTP/2 cedofarmers.org/index.php
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (535), with CRLF, LF line terminators
Hash 029b32b1c044a1137c3278212e0ebc26
a87198ef26fc15df2cc5d3c40fb45f3199cd1d97
edcb2372b5af7ec52e60e688e373910580cf796aa693e440cfad177381268c1c
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /index.php HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
cache-control: no-cache, private
date: Tue, 08 Nov 2022 22:20:40 GMT
set-cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; expires=Wed, 09-Nov-2022 00:20:41 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D; expires=Wed, 09-Nov-2022 00:20:41 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
content-encoding: gzip
content-length: 6098
content-type: text/html; charset=UTF-8
server: Apache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2a47d129a3af5f02c654faf925c60273
9ad27ed9f4500c939260a677c12e702599b00fa9
0e031af077bf7009ffefada782407a247bbd31bddc96994c68de7bfe902bf992
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6333
Cache-Control: max-age=131498
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 22:20:41 GMT
Etag: "636a1c26-1d7"
Expires: Thu, 10 Nov 2022 10:52:19 GMT
Last-Modified: Tue, 08 Nov 2022 09:06:46 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.25.14200 OK 5.6 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 08 Nov 2022 22:20:41 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 539585
expires: Sun, 29 Oct 2023 22:20:41 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aahRd60ghO8AmfZV0F6tGHMj0AdIT9Dfn%2FLLIKAdV7rcDzjh4GwQlRbYAA0xHi1kuerkMyuYQRa%2FYPj4rvdqpAmwKOjqHQYEPaF9qJ6FjezO%2BTy7kcR2Jisl0rq%2BkPB3%2F%2F10ePzM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7671b2868fc11bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cedofarmers.org/css/slide.css
192.185.57.117200 OK 516 B URL HTTP/2 cedofarmers.org/css/slide.css
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 026248c5259afb78149df842131c47ab
0a8a946962d23bb631fe7d4d192f7b7539dbf3b7
92f5e24d85a907f8ad1ba478ba86c417c5fca3a06719481adacea0bce3431656
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/slide.css HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 19 Jun 2021 18:42:50 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 516
content-type: text/css
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/css/open-iconic-bootstrap.min.css
192.185.57.117200 OK 2.0 kB URL HTTP/2 cedofarmers.org/css/open-iconic-bootstrap.min.css
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (9467), with no line terminators
Hash 1a49150e9f9aec5c1fe7943c7368e096
065b59678676666e6509b064bcc576eb4bec6aa1
6e94ff0f08e65917674594e6e5b98d707a96a427003598c26f0ab537318abac7
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/open-iconic-bootstrap.min.css HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2034
content-type: text/css
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/css/owl.carousel.min.css
192.185.57.117200 OK 1.1 kB URL HTTP/2 cedofarmers.org/css/owl.carousel.min.css
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3350)
Hash e95f3bc7f5a4daefb4a7c59bf8f346d6
393cd6eb55cb32c8932a8c6d1a6c2b249ae51629
9e27608f367fb404f42a20c441190981860399a8efbb54b30cdb56a8e7e191da
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/owl.carousel.min.css HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1098
content-type: text/css
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/css/animate.css
192.185.57.117200 OK 7.3 kB URL HTTP/2 cedofarmers.org/css/animate.css
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash c7a2b713e689dcbcba933282930c18df
07d6bab3d164902128825ea44e6c408b1b9f1bcc
ba217008e30851184739f646cb37a0a9a8e8b0b5ccd9a426c4a8a6a7c5ea6105
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/animate.css HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7310
content-type: text/css
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/css/owl.theme.default.min.css
192.185.57.117200 OK 446 B URL HTTP/2 cedofarmers.org/css/owl.theme.default.min.css
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 829abaf1a058dee8d1c923200a574f17
8acb6c114c4650ffa90f120d35061545c09b64e0
380a836084c2489b0ba6266d630d9cd26b12a2f3151ce0d7ce11f7de5377d0f3
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/owl.theme.default.min.css HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 446
content-type: text/css
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/css/aos.css
192.185.57.117200 OK 2.2 kB URL HTTP/2 cedofarmers.org/css/aos.css
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (25948)
Hash 42e52dc8ebb4e86a83acbe2e3a433a2d
c102f5a5756bd293cfbd890706560f924a8b2dad
3430e9404526e3626b63dbde1ee828089ef07bb73852df0eadff5f403d078762
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/aos.css HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2196
content-type: text/css
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.214.64.191101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.214.64.191:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: C0YW7I0iOVs9XrNfPROL2g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: iaesKn33yaAzXRoq9g0fdeNRHQ4=
cedofarmers.org/css/ionicons.min.css
192.185.57.117200 OK 8.9 kB URL HTTP/2 cedofarmers.org/css/ionicons.min.css
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (46353)
Hash 30e1e5b3be98130dc13f66e3d5d4a4dd
16945c3b91fe3b7e84c83789c3a7158be4cf3f9c
e4979dc06bca7b944980d478d583e27d530931eb6e9f560822ad3049cfc70643
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/ionicons.min.css HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8872
content-type: text/css
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/css/bootstrap-datepicker.css
192.185.57.117200 OK 3.6 kB URL HTTP/2 cedofarmers.org/css/bootstrap-datepicker.css
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 14373813f111ee36904a15a3b750b0c9
2b0edd4a5bd61060da384d04424f83e2dd644c56
90e8499185ca0fd4d32fb2088117f7b9ce4e399b7d876070c3669b0c64ac4404
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/bootstrap-datepicker.css HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3576
content-type: text/css
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/css/magnific-popup.css
192.185.57.117200 OK 2.2 kB URL HTTP/2 cedofarmers.org/css/magnific-popup.css
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 757c165194bdd1de4ca4a38bfea220f7
c1d4a88790cd476995d9a5ff7db8de77cc39c5d0
772675dc2c0403949be38fc53d785d9124fad348324d0be6a75c174800afa8ea
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/magnific-popup.css HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2191
content-type: text/css
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/css/jquery.timepicker.css
192.185.57.117200 OK 456 B URL HTTP/2 cedofarmers.org/css/jquery.timepicker.css
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash c310f69ed9a3cd6ce699c5df769a7e28
dec2efbf8cbf89cecfece91877b361f23356dd57
edd2492f889f995428231e2c07a819831840294fef6a9d59cea7e54c8932dff2
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/jquery.timepicker.css HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 456
content-type: text/css
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/css/flaticon.css
192.185.57.117200 OK 466 B URL HTTP/2 cedofarmers.org/css/flaticon.css
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 745c2e66a7681f81fecd0399f16054e0
d36db54699951ea73000ece2604a5c1f1ee4d932
5f9c839e836adefc596f4a675ab9b59f49f6d13c0670e11eb18bbf44841bb41d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/flaticon.css HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 466
content-type: text/css
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/css/icomoon.css
192.185.57.117200 OK 14 kB URL HTTP/2 cedofarmers.org/css/icomoon.css
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 7a704ee33ed7777f856bd19a6d54c133
1706b2c62d08a8b48d71e6e46e9cc18e03d9f040
0089a5b5cd9f1d273312b6a6a73ab075e0a28a2d1b11681570ce39d5286837eb
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/icomoon.css HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 13989
content-type: text/css
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/js/jquery-migrate-3.0.1.min.js
192.185.57.117200 OK 3.9 kB URL HTTP/2 cedofarmers.org/js/jquery-migrate-3.0.1.min.js
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 5eb86a89a29cbbdf4c50ed77ecdbea34
e0f8e06212fb706648209755fab270b7ba804caa
072d17e2f98fa8124dda17d0e874f4e9225164193ac304fd29a489e35f57d051
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/jquery-migrate-3.0.1.min.js HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3888
content-type: application/javascript
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/js/popper.min.js
192.185.57.117200 OK 8.1 kB URL HTTP/2 cedofarmers.org/js/popper.min.js
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (18860)
Hash 5996341f0746435a8fa35e664d9d66a4
29f2b76dad23c3dd64a8a86924bbb8e1b6dc8782
0bcca1c908b2eaf5de34371c31e7976e95f4b38e09764be3ce6330df72d6be3c
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/popper.min.js HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8080
content-type: application/javascript
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/js/jquery.animateNumber.min.js
192.185.57.117200 OK 747 B URL HTTP/2 cedofarmers.org/js/jquery.animateNumber.min.js
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (527)
Hash 40bca4537ed2129cb598f9ffbf29141c
68ad9269449269e54fd761b91d58a0e947ea21f7
6749cb11f6ec74583b49f9b5ff2f75929d78c22af7184a008796ba377dc7fb8b
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/jquery.animateNumber.min.js HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 747
content-type: application/javascript
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/js/jquery.easing.1.3.js
192.185.57.117200 OK 2.8 kB URL HTTP/2 cedofarmers.org/js/jquery.easing.1.3.js
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d393d9f57ac1e235965f6a8115bc497f
28b5b3eb6dafc4bf8f3f27e209bdb62931470de2
02bf96fb3412a080cc6f155e8952e10d3f1d204a581e1aa08d4d3c095096a27e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/jquery.easing.1.3.js HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2789
content-type: application/javascript
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/js/jquery.waypoints.min.js
192.185.57.117200 OK 3.2 kB URL HTTP/2 cedofarmers.org/js/jquery.waypoints.min.js
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (8668)
Hash fb0f2e418324ef4b2ccef62b8460160d
9e1a7fd820cb33d4cbf8620dfa28e284fdfc6a8e
d458a5bdf76d7529e89e204b4d6de5d4c36d25f78e4e5ad1db0b6aef4f53851b
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/jquery.waypoints.min.js HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3151
content-type: application/javascript
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/js/main.js
192.185.57.117200 OK 2.3 kB URL HTTP/2 cedofarmers.org/js/main.js
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash b2f80211a529090e618b1f35f30f1d4d
0fb79a31eb9f7512452cfba90208632a5131c5e9
988394aa7d1206bc442db463165ef47cc253826aac2488861a8718b367cc2170
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/main.js HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 29 Jun 2019 03:45:10 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2305
content-type: application/javascript
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/img/cedo_logo.png
192.185.57.117200 OK 16 kB URL HTTP/2 cedofarmers.org/img/cedo_logo.png
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 300 x 94, 8-bit/color RGBA, non-interlaced\012- data
Hash b651660d68c75f78e3978f00936cb68c
a7f21fe219c254e2ae32bffdb8a6dada4d22818c
2ed1f32cd719b7a33baaa6e83983e9f3359f6a14004ad0b7b879f605f1567959
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /img/cedo_logo.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 02 May 2019 04:07:06 GMT
accept-ranges: bytes
content-length: 15783
content-type: image/png
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/js/aos.js
192.185.57.117200 OK 6.8 kB URL HTTP/2 cedofarmers.org/js/aos.js
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (14212)
Hash 479cdf80b809326d4db924af9c776aed
19a6c5f3d7d22dabc779ca8211c9b77e46be2ba6
c297112630880d8480a1659d77b2a72afc346de97dab6826bda00903732b7da7
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/aos.js HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 6766
content-type: application/javascript
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/js/index.js
192.185.57.117200 OK 467 B URL HTTP/2 cedofarmers.org/js/index.js
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 73fd203856751378aeb85a6f208f323e
40050647cc618d020743a5b763a5daca3c5d10e1
dbbf9922f8df175089acdbeae683e19d990ac333922a37bea45332170571f960
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/index.js HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 05 Jun 2019 08:05:04 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 467
content-type: application/javascript
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/js/scrollax.min.js
192.185.57.117200 OK 3.5 kB URL HTTP/2 cedofarmers.org/js/scrollax.min.js
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (567)
Hash 86a4f5314ead33144666591358283dbf
e96f5ee479f0acd04dc7f05e81bd1b17dd045a78
d214654b8c08d790c05d134b7d00ddee5616b96400c5ab79ef21bbc95312156a
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/scrollax.min.js HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3479
content-type: application/javascript
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/main.js
192.185.57.117404 Not Found 2.4 kB IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Hash 2cdccc9eccc72b2742298d87caffaad1
6edb66f8bee92447167a98055ae225ee85945647
a4033c6180cf444d30d417f543c3c7b28b291d28169557e02269168f4ce20678
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /main.js HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: no-cache, private
date: Tue, 08 Nov 2022 22:20:41 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 2401
content-type: text/html; charset=UTF-8
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/js/google-map.js
192.185.57.117404 Not Found 2.4 kB URL HTTP/2 cedofarmers.org/js/google-map.js
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Hash 2cdccc9eccc72b2742298d87caffaad1
6edb66f8bee92447167a98055ae225ee85945647
a4033c6180cf444d30d417f543c3c7b28b291d28169557e02269168f4ce20678
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/google-map.js HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: no-cache, private
date: Tue, 08 Nov 2022 22:20:41 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 2401
content-type: text/html; charset=UTF-8
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/js/jquery.timepicker.min.js
192.185.57.117200 OK 6.3 kB URL HTTP/2 cedofarmers.org/js/jquery.timepicker.min.js
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (15516)
Hash 08067ede5d206b26fccbb23d95361eb2
c64f0b991ed0460e73f4d84ef656960b3686f15e
3bf889f378d89317e9f7eeca4a4c9eab04c50a9c684e3bc6920bf5aa6db96d69
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/jquery.timepicker.min.js HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 6300
content-type: application/javascript
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/js/jquery.stellar.min.js
192.185.57.117200 OK 4.1 kB URL HTTP/2 cedofarmers.org/js/jquery.stellar.min.js
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (12453)
Hash 3525f2201b4f09032255aa580b5ffb6f
00b2c0b860cdc0a4d466575d57b6f3d9b748decc
700f7e51cd1033335fd0dff2838e02e9cbf3fd206eb4635de5fd07ccaa92dfaa
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/jquery.stellar.min.js HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4109
content-type: application/javascript
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/js/jquery.magnific-popup.min.js
192.185.57.117200 OK 9.2 kB URL HTTP/2 cedofarmers.org/js/jquery.magnific-popup.min.js
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (20087)
Hash 7a10ae63b238729dc4da7f7bd8986219
654c47168dca0ec7080f6c57e8c4482b57f879d4
b782185399b361358f7c409d6f23f22d45f695dcbb63876c35752c7b1de72db3
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/jquery.magnific-popup.min.js HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 9204
content-type: application/javascript
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/js/bootstrap-datepicker.js
192.185.57.117200 OK 15 kB URL HTTP/2 cedofarmers.org/js/bootstrap-datepicker.js
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 2b79093933df55bc5c7ef67c538716d6
dcd4c757ffb7e12e2fdcb79bfb63a89904ddcdb0
63c105faabd1a5e17ae5f3c9d38d2496e244b2f9eb212089a0370bc737006494
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/bootstrap-datepicker.js HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 15126
content-type: application/javascript
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/js/owl.carousel.min.js
192.185.57.117200 OK 16 kB URL HTTP/2 cedofarmers.org/js/owl.carousel.min.js
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (32035)
Hash ba718faf7d0b70331002a08b21cb59a9
e95351f57800bcccb528cba3f019b0ed71b7dd95
d4c7012b6c81af915538208c9ebab6a2d99ef16b57d411b74e3191b5ba8db169
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/owl.carousel.min.js HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 15509
content-type: application/javascript
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/js/bootstrap.min.js
192.185.57.117200 OK 21 kB URL HTTP/2 cedofarmers.org/js/bootstrap.min.js
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 4efc523f309b7df5fa5f0e1e5df40994
40c1184027ec7be4dd43e920d63cae60010b0d5a
4ad134447508147ad2ff3a9d4b1d38bf266869a730214c9541ae9b6cf1544acd
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/bootstrap.min.js HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604226138-LWR_logo.png
192.185.57.117200 OK 6.5 kB URL HTTP/2 cedofarmers.org/uploads/partners/1604226138-LWR_logo.png
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 202 x 105, 8-bit/color RGBA, non-interlaced\012- data
Hash 8e5beb848c845557339a3655c5739797
9f3e281eb8228e6b9e7e394ecf9c41d59de7f5fa
e22a121b4142e6b94b58f79e8e470c1b0a68f96e0df9ead4800c5f9c44cb4e9b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604226138-LWR_logo.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:22:18 GMT
accept-ranges: bytes
content-length: 6465
content-type: image/png
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604226064-farmradio_logo.png
192.185.57.117200 OK 8.5 kB URL HTTP/2 cedofarmers.org/uploads/partners/1604226064-farmradio_logo.png
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 260 x 83, 8-bit/color RGBA, non-interlaced\012- data
Hash acbc305b30b93c9cad8a0319bc83beb2
82ac01754fd55c3b2a8536c731705c3bb5370d01
0067638d649205450369e299ebe376323fe320748a60783a0696a59102ed5fc2
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604226064-farmradio_logo.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:21:04 GMT
accept-ranges: bytes
content-length: 8523
content-type: image/png
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604226130-KARLO_logo.jpg
192.185.57.117200 OK 8.0 kB URL HTTP/2 cedofarmers.org/uploads/partners/1604226130-KARLO_logo.jpg
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 90", baseline, precision 8, 150x107, components 3\012- data
Hash a70178ed43b38e68755a5d8151784977
82efa0ffc4c68bd719647ae2280f558fcaf8d3fc
49c0797da907ea1e62d3f25df9546275a097ebf1618f63b22b9b9e9e5571ce7c
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604226130-KARLO_logo.jpg HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:22:10 GMT
accept-ranges: bytes
content-length: 7970
content-type: image/jpeg
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCommunity-Enterprises-Development-Organisation-CEDO-103372861641737%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=556701741929541
31.13.72.36200 OK 15 kB URL HTTP/2 www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCommunity-Enterprises-Development-Organisation-CEDO-103372861641737%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=556701741929541
IP 31.13.72.36:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (18899)
Hash d3355591ff3ede374656e805ba7fabc0
6ea4aba76e32d110e5f3049c569401107c5b4836
ad7ffc3152fc71fab6b555cb6ffdd07294e0e8ca6c1a23ea1bdc7a2c07ead29c
GET /plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCommunity-Enterprises-Development-Organisation-CEDO-103372861641737%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=556701741929541 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: OldIRVQHIK2IuVgYtaNHwfiiWf/UG9ivaMsi0N+mq2pBb1PFhnqgWds3C/4ab7cPvCtCU7iH0BV5JikcRyD4tw==
date: Tue, 08 Nov 2022 22:20:42 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604226049-concern_logo.png
192.185.57.117200 OK 13 kB URL HTTP/2 cedofarmers.org/uploads/partners/1604226049-concern_logo.png
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 554c7995c6fc7c2b5296488df5890258
5ddfb85c9140fb6154fd367517faab935e24ab57
754877b85cfc8583e983f4b4012570e6e7900e25ac72aaeb72b5393c73838b10
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604226049-concern_logo.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:20:48 GMT
accept-ranges: bytes
content-length: 12627
content-type: image/png
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604226020-AgVerify_logo.png
192.185.57.117200 OK 13 kB URL HTTP/2 cedofarmers.org/uploads/partners/1604226020-AgVerify_logo.png
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 102 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 3a77e0e97be8d382c49a0bea0e7b96ee
97e6ae8f29a688171daf8fb0ae76227a94748486
2f5bce4713af81495b4af3268b84565aa32675d402d7520ba3366cf0dbdfb1a3
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604226020-AgVerify_logo.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:20:20 GMT
accept-ranges: bytes
content-length: 13108
content-type: image/png
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604226123-ISSDUganda_logo.gif
192.185.57.117200 OK 14 kB URL HTTP/2 cedofarmers.org/uploads/partners/1604226123-ISSDUganda_logo.gif
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 280 x 108\012- data
Hash a91ea5feb010fc00dc507da48df2bb08
d8bb71422001c5e5b297384972836747804cabeb
85dda7d730462d957e02f093456c1490a0337de25ba19a2a06a24a82623f347d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604226123-ISSDUganda_logo.gif HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:22:02 GMT
accept-ranges: bytes
content-length: 13761
content-type: image/gif
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604226212-peacecorps_logo.png
192.185.57.117200 OK 13 kB URL HTTP/2 cedofarmers.org/uploads/partners/1604226212-peacecorps_logo.png
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- Minix filesystem, V1 (big endian), 1140 zones\012- data
Hash 36201ea364ca857180650ef26d4c261d
be94a53efc6cfaed7440e11c3e805d31952a7194
7a17429bfe71b4562c9bceae1f22f3f54567da2528778683c428ebb65a215e07
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604226212-peacecorps_logo.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:23:32 GMT
accept-ranges: bytes
content-length: 12921
content-type: image/png
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604226026-azuri_logo.png
192.185.57.117200 OK 15 kB URL HTTP/2 cedofarmers.org/uploads/partners/1604226026-azuri_logo.png
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 140 x 94, 8-bit/color RGBA, non-interlaced\012- data
Hash 66294f8bd37606f90bffc393fc904580
dc5157ff63ed21fcf0436418ee9f951b23b374c9
bd91ec976f613f95b085817dccd53abb9069a01e1acf27d36c36f50f534c9792
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604226026-azuri_logo.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:20:26 GMT
accept-ranges: bytes
content-length: 15194
content-type: image/png
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604226163-muk_logo.jpg
192.185.57.117200 OK 16 kB URL HTTP/2 cedofarmers.org/uploads/partners/1604226163-muk_logo.jpg
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 90", baseline, precision 8, 244x207, components 3\012- data
Hash 61b27a12a411b114288abec230530cea
fe28d81a4e39588110377c1daae4c1d3e1907334
d8709f607a3ba10f8cce62e8aed817b01560029503f8fc04654087039d4403f6
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604226163-muk_logo.jpg HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:22:42 GMT
accept-ranges: bytes
content-length: 16210
content-type: image/jpeg
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604226015-AgResults_logo.png
192.185.57.117200 OK 17 kB URL HTTP/2 cedofarmers.org/uploads/partners/1604226015-AgResults_logo.png
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 239 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash b940f566411a53bf2bcc5236296f4541
c433b0bd09151992a7fd93c4dd89231a73749558
40fcdd32c8646567df6634909a9ff559a7ef474f12f19c06bd2bb8578cecd66a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604226015-AgResults_logo.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:20:14 GMT
accept-ranges: bytes
content-length: 17025
content-type: image/png
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604226145-mamedicot_logo.jpg
192.185.57.117200 OK 17 kB URL HTTP/2 cedofarmers.org/uploads/partners/1604226145-mamedicot_logo.jpg
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 90", baseline, precision 8, 319x170, components 3\012- data
Hash f17dffa45410e3b7055e9b5c42db9887
c25736b1ff2d855ae9b667333c1265fd3ec7fb82
427e42a5cc5181d1b1ac27bec35c139578d4b3989cc4570a1c7aa147d6a34f8d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604226145-mamedicot_logo.jpg HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:22:24 GMT
accept-ranges: bytes
content-length: 16992
content-type: image/jpeg
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604667006-SDC.png
192.185.57.117200 OK 18 kB URL HTTP/2 cedofarmers.org/uploads/partners/1604667006-SDC.png
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 389 x 129, 8-bit/color RGBA, non-interlaced\012- data
Hash 5feaa2561972e1f1936d27afa46f8073
9a131c67f0cbdcdab6b68111d488f4ed470d19f5
4d4ac6c810b35e9bc899bbca7ea1945f34c1587b8d05de854afa1c96743fd0e0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604667006-SDC.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 06 Nov 2020 09:50:06 GMT
accept-ranges: bytes
content-length: 17630
content-type: image/png
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604226182-nutreal_logo.png
192.185.57.117200 OK 18 kB URL HTTP/2 cedofarmers.org/uploads/partners/1604226182-nutreal_logo.png
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 314 x 133, 8-bit/color RGBA, non-interlaced\012- data
Hash 1d0e4e690cd2fb73a223791f6927df16
806f6fdca255063da5403e63f947f44cf5918fa0
cabeb13a9695700c0597e6b33b223fce17a698ba5409637fb76489234d8f4f2e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604226182-nutreal_logo.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:23:02 GMT
accept-ranges: bytes
content-length: 17488
content-type: image/png
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604226099-idrc_logo.png
192.185.57.117200 OK 19 kB URL HTTP/2 cedofarmers.org/uploads/partners/1604226099-idrc_logo.png
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 600 x 138, 8-bit/color RGBA, non-interlaced\012- data
Hash b84e72d2691312625aec39da7e26b1c8
512d979aaafcb147e8da1ff27a202c83ce904690
f3630581290816968d46650aa3a4e6b87dd96cac7eb5ccf9ca513a7461c8f19f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604226099-idrc_logo.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:21:38 GMT
accept-ranges: bytes
content-length: 18864
content-type: image/png
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604667043-GAC.jpg
192.185.57.117200 OK 18 kB URL HTTP/2 cedofarmers.org/uploads/partners/1604667043-GAC.jpg
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 782x84, components 3\012- data
Hash 68860c558193b9c06ad87590544260c8
9301bb291f1b44834fa4e2b80b3ced0828fac9cc
d12bb2d859f25717a11a9f2bbed1f9659713ec98177e9743515a9ad759ba32ba
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604667043-GAC.jpg HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 06 Nov 2020 09:50:44 GMT
accept-ranges: bytes
content-length: 18426
content-type: image/jpeg
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/ScKYGqqHLxM.css?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 5.0 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/ScKYGqqHLxM.css?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (4431)
Hash 68b687b4bd9b8bc82a675dcc86c76b59
4e9194a9831c6c1b400ebe65e6be09661f0997cd
f7acf02cb9f1350a252391e55a8e577ea291aa212f3577aa15c8f0d963a12e5f
GET /rsrc.php/v3/yF/l/0,cross/ScKYGqqHLxM.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 08 Nov 2023 18:03:24 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: aLaHtL2bi8gqZ13MhsdrWQ==
x-fb-debug: U2NYlGCDC8vM6+H94gXuaKpd2vCIvO+cBEZrmO/ZCY/220x4aySHC0Vjdw8uuAPICOmRg5+Qwt5jx++CX+JF9Q==
priority: u=2
content-length: 5031
x-fb-trip-id: 1904183273
date: Tue, 08 Nov 2022 22:20:42 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y7/r/_jixirLUzY9.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 4.5 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y7/r/_jixirLUzY9.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (2186)
Hash 33ae46fb5ca5586b8eb684c440bdfde3
cc75ec00d4e015261cbc526606a7478ad72a9e43
c475fadc8a824492c8eeba78780349b668c4111794dcbe1a18fcd19bbee38de4
GET /rsrc.php/v3/y7/r/_jixirLUzY9.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 03 Nov 2023 06:15:25 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: M65G+1ylWGuOtoTEQL394w==
x-fb-debug: VQd+jiE/YM9O7IEUhklCp4iUczum/ERYFsBbEam6pexOxiTBzn2vBUxMsU53Ri0PbzNXpdK+OVkgLH6mDgWdqw==
content-length: 4455
x-fb-trip-id: 1904183273
date: Tue, 08 Nov 2022 22:20:42 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 338 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (327)
Hash 76f593e842677f73cd0a06232874b2c3
25a13f79478d5a0e286a2299dca2f3b296463079
74dcbe026002f10b703960a500b50dabe518862e568a9e689dec7afa243fa44d
GET /rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 03 Nov 2023 19:15:56 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: dvWT6EJnf3PNCgYjKHSyww==
x-fb-debug: vLp3dEeNhcWIuGGRPqFKvYa8/RiVMkyB/9NwkoeTDgEUdyaVtI7MghihesG4cqzA6RhJQmLNpI5ZEXFXA10BRw==
priority: u=3,i
content-length: 338
x-fb-trip-id: 1904183273
date: Tue, 08 Nov 2022 22:20:42 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yW/r/SigIl-WfFaj.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 4.6 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yW/r/SigIl-WfFaj.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type C source, ASCII text, with very long lines (10494)
Hash 2eb625206434356a5678c51841c11964
4ecd1c720cc21d03d6c5d68a3cfbe7636cccf23d
feab180e6aa77381b51329ed9391e05765ab1a7831691215010cce091f635781
GET /rsrc.php/v3/yW/r/SigIl-WfFaj.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 04 Nov 2023 06:52:20 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: LrYlIGQ0NWpWeMUYQcEZZA==
x-fb-debug: 7iGu7w468misanBoQha65sd9JUn7Fdp1ArgzwyEA/WmqsxntGFQ0+OsG24rQ7mU8zZ6R4kxfDbeNvU3kL2Ov+w==
priority: u=3,i
content-length: 4647
x-fb-trip-id: 1904183273
date: Tue, 08 Nov 2022 22:20:42 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yl/r/SuHirPIqipH.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 8.2 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yl/r/SuHirPIqipH.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (9885)
Hash 0eaa197a5c011011e1489f411b042249
9ba134dd641bbbc6ce70619ccd94f5d5ef47a899
145cfec975ec864e6589409173f8f9fee2a59faf0ce28c42889897e812ab9ac4
GET /rsrc.php/v3/yl/r/SuHirPIqipH.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 03 Nov 2023 05:50:55 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: DqoZelwBEBHhSJ9BGwQiSQ==
x-fb-debug: yMzCe1sdU6mg7klvggXuZjDYvUcaDAkJnsXnHCkzBQ/uvXgKylMoqhhpMHmyOsGd3IWLNB0nsY5GHPnHulUPqg==
content-length: 8222
x-fb-trip-id: 1904183273
date: Tue, 08 Nov 2022 22:20:42 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3iLl54/yH/l/en_US/9ceEMw7kTfT.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 7.1 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iLl54/yH/l/en_US/9ceEMw7kTfT.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (2905)
Hash 950c261533c6a05f36c3ec2562963ecb
65cbaffa72eb8dafe5b43aec833435170c02b15d
4c9b051d6cba504010fc8ebdba2ca7da807224e44ad7e9798bb25b90069a3e11
GET /rsrc.php/v3iLl54/yH/l/en_US/9ceEMw7kTfT.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 03 Nov 2023 20:30:36 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: lQwmFTPGoF82w+wlYpY+yw==
x-fb-debug: P3JsMJ/9sMIFIo2VQUKoMne1CwmEilUE+Zfo5097yjTjyJTLSoOUizTarRB96PEFk+mUfaDACax69E6NVl0l6w==
priority: u=3,i
content-length: 7089
x-fb-trip-id: 1904183273
date: Tue, 08 Nov 2022 22:20:42 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yC/l/en_US/I52F_owkvX4.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 23 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iEpO4/yC/l/en_US/I52F_owkvX4.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (41977)
Hash e5ac274375457b828912871811b4be94
3bbd528facf279eab4dc093a7fad9dbc837689eb
602f6ee48130b3bcb4e21f4307bd1c83d110182e1fb4cb8f118171d10c6f5ae4
GET /rsrc.php/v3iEpO4/yC/l/en_US/I52F_owkvX4.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 03 Nov 2023 16:03:29 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 5awnQ3VFe4KJEocYEbS+lA==
x-fb-debug: 4H7GOAumLJQE282v5rDuSHVRtBkCdstrQufEHymEpVhsV7z4jH4Xmqgn2nCrNS5LWg3guZG3NXBYmTIJUNUwzQ==
priority: u=3,i
content-length: 23273
x-fb-trip-id: 1904183273
date: Tue, 08 Nov 2022 22:20:42 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yV/r/oDVETVg4GJv.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 7.2 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yV/r/oDVETVg4GJv.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (4061)
Hash d1ba68f146b01f4aef60d79aadb926ea
c6b4703c25d07fd2363e5d67d11e4846d9979b26
abbff04acf96f39a3121ed97505b5a23cbeee9057dd7040c58c4e423c899805d
GET /rsrc.php/v3/yV/r/oDVETVg4GJv.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 03 Nov 2023 19:15:55 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 0bpo8UawH0rvYNearbkm6g==
x-fb-debug: 3JdQxyKLncFe1MouguIcs/yRhoAHmODDSMKAf7+37YE39XQlZOEzkpfV72QBviKdm8jhmFayla948PrKMqJNHQ==
content-length: 7236
x-fb-trip-id: 1904183273
date: Tue, 08 Nov 2022 22:20:42 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604226177-NARO_logo.png
192.185.57.117200 OK 22 kB URL HTTP/2 cedofarmers.org/uploads/partners/1604226177-NARO_logo.png
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 110 x 115, 8-bit/color RGBA, non-interlaced\012- data
Hash d88ead51d157daeb14f1fa4bef294888
3257637eccca18810f172d4b659d288c4b2565d6
b17ae365c55ef7ded5aa0a72cc42a8ce2c3330cae2d68f14b7af8e1f40ad4ba5
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604226177-NARO_logo.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:22:56 GMT
accept-ranges: bytes
content-length: 22156
content-type: image/png
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/4_8X-2u0CDc.css?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 827 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/4_8X-2u0CDc.css?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (724)
Hash 29973cf3b0ef9f16fe31ed981b2f6573
f22eb80b89b5e0ae9ace854aab6676d56eaef6a1
476822c80e0a0ee078edb7a74db59378f8b1d43d2de844e28a9e9c2f68a4c8d8
GET /rsrc.php/v3/ys/l/0,cross/4_8X-2u0CDc.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 03 Nov 2023 20:06:17 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: KZc887Dvnxb+Me2YGy9lcw==
x-fb-debug: U8RJgKUtHGLUiQk9HHpA+IRcULT5qX+DuwPkFrA1TVl4/mz6+76fzZ9YDejeZlR7UxuiL1amRZ0p3hU19KekzQ==
priority: u=3,i
content-length: 827
x-fb-trip-id: 1904183273
date: Tue, 08 Nov 2022 22:20:42 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604226170-naccri_logo.gif
192.185.57.117200 OK 23 kB URL HTTP/2 cedofarmers.org/uploads/partners/1604226170-naccri_logo.gif
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 363 x 215\012- data
Hash b1518cc05cd30d01c564d7b805477fcd
37befe6a7ee22438729b40c59e1b60883e70a493
6512e90f7eb83d3cb1cfcb5feaf0daf69d224a70ca18e1a1ea528223f1fd9797
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604226170-naccri_logo.gif HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:22:50 GMT
accept-ranges: bytes
content-length: 22584
content-type: image/gif
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 12 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (5542)
Hash 0765d76d746716156d53d36ee6f80836
17e1546f87cc6417615caa10dcbbcb699c59471a
f1e6af63ae9ff0385126b72a492b0d34709514dd4c00074a1be28272c253d4f8
GET /rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 08 Nov 2023 14:58:40 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: B2XXbXRnFhVtU9Nu5vgINg==
x-fb-debug: D5GS3x6wx04rycniYZY/0Xz+ksXYSSm92jqaYBfwJdNE2gVWZsHNSKS1Na1e4Jf9SQ8Wn6qjKZVunFivJgncuw==
priority: u=3,i
content-length: 12369
x-fb-trip-id: 1904183273
date: Tue, 08 Nov 2022 22:20:42 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604226009-aciar_logo.png
192.185.57.117200 OK 24 kB URL HTTP/2 cedofarmers.org/uploads/partners/1604226009-aciar_logo.png
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 300 x 74, 8-bit/color RGBA, non-interlaced\012- data
Hash 77445a24baf789dc455d546e9a648f27
4110ca088be4f164d509a845083e32006bdf8bf1
e87872696cbc1b239bcd07500d471f14decdb8b5b06f1f405c83fcac4a86f1dd
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604226009-aciar_logo.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:20:08 GMT
accept-ranges: bytes
content-length: 24150
content-type: image/png
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 1.7 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (1984)
Hash 16f083b23b565db9d2f20d1ad75933c1
6d74ad139c96b1e3fc9d541419788b5b4893ec9a
36b909cd9132a8996a1bbb221d05217c31506a6951bb408deeea6aa612dc4200
GET /rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 03 Nov 2023 05:04:25 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: FvCDsjtWXbnS8g0a11kzwQ==
x-fb-debug: 00IrCbBbnm9vzmEGDumL0sh3nuf2iWdTpefIOOCSnTUUmtz+z/FyUfmUD4SQEeD9WcEh83B1Vahq8P4hknaGTg==
content-length: 1657
x-fb-trip-id: 1904183273
date: Tue, 08 Nov 2022 22:20:42 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604226042-CIAT_logo.png
192.185.57.117200 OK 26 kB URL HTTP/2 cedofarmers.org/uploads/partners/1604226042-CIAT_logo.png
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 546 x 262, 8-bit/color RGBA, non-interlaced\012- data
Hash fa6fbaa6375ea882f3ed89b9873c54ef
6be564842ac991e86873875fbdbc5fe38d6d4f62
295dfb343ff16792b8e1c59a47ccbf77fde7a4481dcd2b78ca13a3a033a1ce3f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604226042-CIAT_logo.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:20:42 GMT
accept-ranges: bytes
content-length: 26151
content-type: image/png
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/ys/r/ojzICpVg5Kb.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 16 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/ys/r/ojzICpVg5Kb.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type C source, ASCII text, with very long lines (8749)
Hash c2b0fc32b893b1c243b3a27bcc5799cd
a9a85686e79bf7bba56cf1a7883b89447096eb54
f84f8dc2511cfbed3abe4ae7dd9c8e02c02260e0824eddaf69f2d54f3994a726
GET /rsrc.php/v3/ys/r/ojzICpVg5Kb.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 05 Nov 2023 03:23:46 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: wrD8MriTscJDs6J7zFeZzQ==
x-fb-debug: ZeaG4nczRFV9qJrZM59ZmYklxtldDRvk75b6fH34gkz1gMCEFsaTtetQwAT3aF82JRPYbxFDD5vVyCK2+3MHGg==
priority: u=3,i
content-length: 16259
x-fb-trip-id: 1904183273
date: Tue, 08 Nov 2022 22:20:42 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604226242-unihoffen_logo.png
192.185.57.117200 OK 32 kB URL HTTP/2 cedofarmers.org/uploads/partners/1604226242-unihoffen_logo.png
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1200 x 630, 8-bit/color RGBA, non-interlaced\012- data
Hash 274488a5926f3abd2d033b657a1ca661
cb36c76e5a984a14ea5098fbb46b15e390560cd0
c28e456d7421c182180b7e0b04d8813609cf9abaf30e44c5dd4cfb790420aa94
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604226242-unihoffen_logo.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:24:02 GMT
accept-ranges: bytes
content-length: 31987
content-type: image/png
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yM/r/WNuD0ewp6xQ.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 91 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yM/r/WNuD0ewp6xQ.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (18630)
Hash 2735f6f13ab0e68d5d21650e8d76d90d
fac3c804bd2c335c0c6aa615a0f6bd9197d5ed87
1744afaa9fc41238e9cfa2073844a8c1ed9c80093e5f1555fc93acfbec268b5d
GET /rsrc.php/v3/yM/r/WNuD0ewp6xQ.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 08 Nov 2023 01:32:04 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: JzX28Tqw5o1dIWUOjXbZDQ==
x-fb-debug: bC5+aa5Je0InC3pf1rVrCdTR4TP6lFHLdvrsN0ce1Cc3jv3cHGvzYTQToVx8+qOeVfHGmJ0JfNlleTuHo1Q+uQ==
content-length: 91137
x-fb-trip-id: 1904183273
date: Tue, 08 Nov 2022 22:20:42 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604226057-crs_logo.jpg
192.185.57.117200 OK 48 kB URL HTTP/2 cedofarmers.org/uploads/partners/1604226057-crs_logo.jpg
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 90", baseline, precision 8, 617x403, components 3\012- data
Hash 00497e3754e0461e122b841ff253af40
fe1c146a43e5498a83f3d3117e5ff56be27ce29c
b2b28b1a937ef62a9b7bae09257b7833f589f45b163ea3cfe6128e110c3dbe81
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604226057-crs_logo.jpg HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:20:56 GMT
accept-ranges: bytes
content-length: 47794
content-type: image/jpeg
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604226154-mastercardlabs_logo.png
192.185.57.117200 OK 54 kB URL HTTP/2 cedofarmers.org/uploads/partners/1604226154-mastercardlabs_logo.png
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 640 x 360, 8-bit/color RGBA, non-interlaced\012- data
Hash 22d28b31b56b34ed09c57cc0f5e05a3c
fb50da88db4b7c460a6b935ad1aef6e33701230a
9dc8b3fa8f1cf2b1fc9799c2fa996e646db1fb81760a0bd023fa250ade4e0943
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604226154-mastercardlabs_logo.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:22:34 GMT
accept-ranges: bytes
content-length: 54162
content-type: image/png
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604226204-pabra_logo.jpg
192.185.57.117200 OK 78 kB URL HTTP/2 cedofarmers.org/uploads/partners/1604226204-pabra_logo.jpg
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 90", baseline, precision 8, 773x452, components 3\012- data
Hash c766d10face8900cde72ee0e9bd9aa69
9f05c6f3fad7a28d5ebf92572e59ce54a58d7fad
99cbb2054889f4bef94863f0060f9ef9bce8af13486fac7122143dfcfffbb055
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604226204-pabra_logo.jpg HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:23:24 GMT
accept-ranges: bytes
content-length: 77922
content-type: image/jpeg
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604226034-bmz_logo.png
192.185.57.117200 OK 79 kB URL HTTP/2 cedofarmers.org/uploads/partners/1604226034-bmz_logo.png
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 481 x 347, 8-bit/color RGBA, non-interlaced\012- data
Hash 0c81df3683571159de721680f05c8da9
49da33674e6db8b872ecd0d298369bce1035bedc
126b903c6ae4dc921808baa17129b8da90c7dd365b431523bbc3b4d9d81fbb4c
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604226034-bmz_logo.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:20:34 GMT
accept-ranges: bytes
content-length: 78907
content-type: image/png
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604226219-RHSP_logo.jpg
192.185.57.117200 OK 72 kB URL HTTP/2 cedofarmers.org/uploads/partners/1604226219-RHSP_logo.jpg
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 72112, version 329.31064\012- data
Hash 4b115e1153a9ea339d6a0bb284cc8ed3
f988b2efe9434b0af28943708d33dd3afad9a5ba
d5f471476e1636e23b00991ae8a85d3703ada55bc6d6162472a28aa94fa64d4e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604226219-RHSP_logo.jpg HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:23:38 GMT
accept-ranges: bytes
content-length: 9556
content-type: image/jpeg
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604226071-ford-foundation_logo.jpg
192.185.57.117200 OK 102 kB URL HTTP/2 cedofarmers.org/uploads/partners/1604226071-ford-foundation_logo.jpg
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 90", baseline, precision 8, 1920x484, components 3\012- data
Size 102 kB (101564 bytes)
Hash 13a75153ca015117d661e470a1416894
b985631fc048fb90c4e693b05b627e01d97b716a
5e5c0074da04ac82c1516265c5dad2c2e880fd60d0caa6938394877afd632ca5
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604226071-ford-foundation_logo.jpg HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:21:10 GMT
accept-ranges: bytes
content-length: 101564
content-type: image/jpeg
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604226079-harvestplus.png
192.185.57.117200 OK 107 kB URL HTTP/2 cedofarmers.org/uploads/partners/1604226079-harvestplus.png
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 593 x 519, 8-bit/color RGBA, non-interlaced\012- data
Size 107 kB (106875 bytes)
Hash a9ad0e607c4e32a45915f53bd05754bf
7879d95a905ba82922f6a68f016a9a918cf2c40a
640750935f7ee4cc8afe436bbe1f86b28ea13435fcce59dc4061b04bcb394442
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604226079-harvestplus.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:21:18 GMT
accept-ranges: bytes
content-length: 106875
content-type: image/png
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604666872-Alliance%20Bioversity%20%20CIAT.png
192.185.57.117200 OK 117 kB URL HTTP/2 cedofarmers.org/uploads/partners/1604666872-Alliance%20Bioversity%20%20CIAT.png
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1999 x 1113, 8-bit/color RGBA, non-interlaced\012- data
Size 117 kB (116714 bytes)
Hash 0ac3d05c98924409a2e4b4a84984a808
eab6bbd62e8db544b715da2b8dba536bbaa165ce
b48528ca84652ac77d70371f5243cd75f2255890a56880b9f4df0e10150be5dc
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604666872-Alliance%20Bioversity%20%20CIAT.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 06 Nov 2020 09:47:54 GMT
accept-ranges: bytes
content-length: 116714
content-type: image/png
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9342
Expires: Wed, 09 Nov 2022 00:56:24 GMT
Date: Tue, 08 Nov 2022 22:20:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9342
Expires: Wed, 09 Nov 2022 00:56:24 GMT
Date: Tue, 08 Nov 2022 22:20:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 602 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6f1c35518a7e607830c0b0da05eb8143
e98b9cc7afb57557c29ffcdc1eb787d8cff90dbb
c8e36b52a34fcf04c0f8e1f522f55240f057f81d0862424a0d939d2c393eb748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9342
Expires: Wed, 09 Nov 2022 00:56:24 GMT
Date: Tue, 08 Nov 2022 22:20:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9342
Expires: Wed, 09 Nov 2022 00:56:24 GMT
Date: Tue, 08 Nov 2022 22:20:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9342
Expires: Wed, 09 Nov 2022 00:56:24 GMT
Date: Tue, 08 Nov 2022 22:20:42 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ec06e64-918f-480d-ac05-7fea783ee61f.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ec06e64-918f-480d-ac05-7fea783ee61f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 251feed4603d868ab84aa13c9b8edbdb
381a81a8dcff741612c76f5fdfb42bc13372a119
2dc3848fa2917b3b909e39104657601f41876935b217371a50ee15f778e5a9f5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ec06e64-918f-480d-ac05-7fea783ee61f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11723
x-amzn-requestid: 955f8ec3-9815-48ff-aa6a-250956377cdf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTVLFo5oAMF2UA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc20-70e216d808330566039aee89;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:37:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: hcOJnYBsbAtMobcAC_q19cCoOChDcKs-oIspAtNKskbYnoSHz2NmEg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:43:31 GMT
etag: "381a81a8dcff741612c76f5fdfb42bc13372a119"
content-type: image/jpeg
age: 2231
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 43480a38-fd89-4c47-b8c4-e6ba90b1321c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aMF6oEz_oAMF8Hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e5043-6617fd2e59cab00135301cdd;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 07:05:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: C7GYpM3mXSf0hVyGO9Zzlxa3IHXHdyPlXsvr3i0GoQnaPZF6lO-OwA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 06:28:01 GMT
age: 57161
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b1448b9-c14a-494a-b2b3-d4d430f83cd7.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b1448b9-c14a-494a-b2b3-d4d430f83cd7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash da90dc6a5f2fc0c07e1e3d7ac0f1a67c
131acddbc0fefa19de876f5254d21370691b4653
60a17b9d4f66a571b54b17bcdd5ae19942bd8540569663611a3a64c07734417c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b1448b9-c14a-494a-b2b3-d4d430f83cd7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7108
x-amzn-requestid: bf8302ba-8138-4b4a-8821-fe1c1d1864fc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bMYDHEoFoAMFqVA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636806e0-7b5856224000122233ad81ea;Sampled=0
x-amzn-remapped-date: Sun, 06 Nov 2022 19:11:28 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4BaZ-LMJyYy_6UTMKjwjUulT4nAc0pxyJvmTmsy-M_WGXw9doIO0Vg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 22:03:36 GMT
age: 1026
etag: "131acddbc0fefa19de876f5254d21370691b4653"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b197dc2-1415-4c19-8d36-1fa334168ba5.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b197dc2-1415-4c19-8d36-1fa334168ba5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 29429581f8dc762c69c5916009f70080
9265cae98aa663a5498925b70079abdd8e7031fd
c3deee74c80905a1e92b84868b9987cb30ad7a210dca066b97c325cc2c83872e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b197dc2-1415-4c19-8d36-1fa334168ba5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9313
x-amzn-requestid: be3f6b0f-cf61-4bec-ad1a-87abdbc45d73
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTTwF5AoAMFZAw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc17-5ca45b5b1065a4ea492f2ac6;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:37:27 GMT
x-amz-cf-pop: SEA19-C3, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 9lVY7YgQQ0FAP3ItgCSWePY0Msd4RIyBz4eNPc-K51BtnWUjOObv6g==
via: 1.1 31dfa94142c6eaf975b0e5454c00340a.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:43:31 GMT
etag: "9265cae98aa663a5498925b70079abdd8e7031fd"
content-type: image/jpeg
age: 2231
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d4ddd67-c616-4121-a20d-93a46ca683a5.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d4ddd67-c616-4121-a20d-93a46ca683a5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b52a8b78f7273b02455e93107edb9633
7a09033d8e92af7e492e5ec41d6d90c473b848f6
b239606b1c37e680536a899808e845ccf270b1eadec03476e0cbfdf9911c149b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d4ddd67-c616-4121-a20d-93a46ca683a5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7620
x-amzn-requestid: 4938029b-6e40-4549-8404-63ca28e79961
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTU_WEQgIAMFU2w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acec8-2bda1b015e94c4127df2b052;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:48:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: N-7W40j1csZhuoQvk_awKDRBjxJukydzyRVHvJNBSBx-AqYJQrUYGg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 22:02:26 GMT
age: 1096
etag: "7a09033d8e92af7e492e5ec41d6d90c473b848f6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0adf10c-d2d8-4768-a99e-671dd205fa5f.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0adf10c-d2d8-4768-a99e-671dd205fa5f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 10699bfbe3966b42cce253bfd3c09d0d
dd74707d8871dd800aa29bda2edc6105bd00adf6
26b571dbe9c885db2a2a6ae4e4a432b843a2815fb34ec976db7a3e6148a4dc8e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0adf10c-d2d8-4768-a99e-671dd205fa5f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9741
x-amzn-requestid: 19706043-9952-4148-bf73-815d2b80f88a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bKom8FixIAMFjzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63675492-26d889196e698552262b0ef6;Sampled=0
x-amzn-remapped-date: Sun, 06 Nov 2022 06:30:42 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 30pGKplOuXFYhdd8rDJhmKimfi5RdviDma-8hJ6Bf6zrwO8KgVhODw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 22:03:53 GMT
age: 1009
etag: "dd74707d8871dd800aa29bda2edc6105bd00adf6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cedofarmers.org/js/google-map.js
192.185.57.117404 Not Found 2.4 kB URL HTTP/2 cedofarmers.org/js/google-map.js
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Hash 2cdccc9eccc72b2742298d87caffaad1
6edb66f8bee92447167a98055ae225ee85945647
a4033c6180cf444d30d417f543c3c7b28b291d28169557e02269168f4ce20678
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/google-map.js HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: no-cache, private
date: Tue, 08 Nov 2022 22:20:42 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 2401
content-type: text/html; charset=UTF-8
server: Apache
X-Firefox-Spdy: h2
scontent-arn2-2.xx.fbcdn.net/v/t39.30808-1/308009677_406387218318479_7887056903145320551_n.jpg?stp=c1.0.50.50a_cp0_dst-jpg_p50x50&_nc_cat=108&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=AF4olkElq2UAX-cgmYK&_nc_ht=scontent-arn2-2.xx&oh=00_AfAba7cdRPHinAdz5eXe6Aaam63J3uuPZV6KGeRPycboFg&oe=6370217E
157.240.194.27200 OK 2.2 kB URL HTTP/2 scontent-arn2-2.xx.fbcdn.net/v/t39.30808-1/308009677_406387218318479_7887056903145320551_n.jpg?stp=c1.0.50.50a_cp0_dst-jpg_p50x50&_nc_cat=108&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=AF4olkElq2UAX-cgmYK&_nc_ht=scontent-arn2-2.xx&oh=00_AfAba7cdRPHinAdz5eXe6Aaam63J3uuPZV6KGeRPycboFg&oe=6370217E
IP 157.240.194.27:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Hash 2dc2b52940d4885637e6e4097f6cfb94
f9f70a65aab76ad9ff18216f6c05563f63775a88
5c5b484596b6266c93c3540e573c174561a16c6cc61985ed3750ffeb2c82d185
GET /v/t39.30808-1/308009677_406387218318479_7887056903145320551_n.jpg?stp=c1.0.50.50a_cp0_dst-jpg_p50x50&_nc_cat=108&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=AF4olkElq2UAX-cgmYK&_nc_ht=scontent-arn2-2.xx&oh=00_AfAba7cdRPHinAdz5eXe6Aaam63J3uuPZV6KGeRPycboFg&oe=6370217E HTTP/1.1
Host: scontent-arn2-2.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Wed, 28 Sep 2022 02:14:43 GMT
x-haystack-needlechecksum: 2226211856
x-needle-checksum: 185997496
content-type: image/jpeg
content-digest: adler32=2948273709
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 2152
x-fb-trip-id: 1904183273
date: Tue, 08 Nov 2022 22:20:43 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604226105-iowauni_logo.png
192.185.57.117200 OK 350 kB URL HTTP/2 cedofarmers.org/uploads/partners/1604226105-iowauni_logo.png
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1200 x 1200, 8-bit/color RGBA, non-interlaced\012- data
Size 350 kB (349764 bytes)
Hash 4490e0ee79edc5a8109a3a95d306940b
191d8c923a15ecec846936650999bc790256faf5
05cdfc5684753f7f0cbc94b3c475335b3bfb2bef02bd25fb772916e3b5593ac7
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604226105-iowauni_logo.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:21:46 GMT
accept-ranges: bytes
content-length: 349764
content-type: image/png
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/ckuploads/files/background1(1).jpg
192.185.57.117200 OK 410 kB URL HTTP/2 cedofarmers.org/ckuploads/files/background1(1).jpg
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 80", baseline, precision 8, 1600x900, components 3\012- data
Size 410 kB (410126 bytes)
Hash 98b4dff5eeaf048b4b535f9d5b7c30f2
453a68269b7a783484c03d0496df847b58e619e7
dfa95a7073b8216fa92434b28ddd47bee5bf6ef0f6810964e467e43dc806c464
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /ckuploads/files/background1(1).jpg HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 06:39:12 GMT
accept-ranges: bytes
content-length: 410126
content-type: image/jpeg
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
platform.twitter.com/widgets.js
192.229.233.25200 OK 29 kB URL HTTP/1.1 platform.twitter.com/widgets.js
IP 192.229.233.25:0
File type Unicode text, UTF-8 text, with very long lines (33915)
Hash 7899fffaf0046efb7f9be2495d9dc928
d4c60d88e8deea577a50f9d20e1b6b3a20cba2cf
07d50450f22df0588cc1b67f5a124cb91d99a032a229586eb7dc490cce9f7f30
GET /widgets.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Age: 1460
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Date: Tue, 08 Nov 2022 22:20:43 GMT
Etag: "6633f9603c759c40d9b200995454f17c+gzip"
Last-Modified: Wed, 02 Nov 2022 19:43:37 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71E)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
x-amzn-internal-status: 304
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 29221
platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fcedofarmers.org
192.229.233.25200 OK 105 kB URL HTTP/1.1 platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fcedofarmers.org
IP 192.229.233.25:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (56168)
Size 105 kB (105445 bytes)
Hash 2b4968b185495eddda0d85b2351ebb71
c665785ca0f4039f8c71d94631cd50a879d866b5
eb8af089d8082a58a6e90fedc23007f17a9e89ddbc6a29b6e535e4847ba94160
GET /widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fcedofarmers.org HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 518390
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 08 Nov 2022 22:20:43 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:59 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105445
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash ec8b93692d2bc1822021c436019d515d
aa4b30802f6167f004bcae84b5ab86a2f92c5e40
21a41caa4636c24c1048a93cc0ea80a8ad41f9686f6a08f9a6e41e797e3e3b8c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5203
Cache-Control: max-age=115945
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 22:20:44 GMT
Etag: "6369e3d2-139"
Expires: Thu, 10 Nov 2022 06:33:09 GMT
Last-Modified: Tue, 08 Nov 2022 05:06:26 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 313
syndication.twitter.com/settings?session_id=44a52223fb01c79465fa12ad00be41b01af606a1
104.244.42.200200 OK 375 B URL HTTP/2 syndication.twitter.com/settings?session_id=44a52223fb01c79465fa12ad00be41b01af606a1
IP 104.244.42.200:0
File type JSON data\012- , ASCII text, with very long lines (914), with no line terminators
Hash 22ba4030aabb3e3f64bbbcb1148617f0
2fc6418de8aeb4439351672d396dc8823b3e9357
db89caae1654117a1d9191db8633b6da5cde5deebf238bbd1800616cfc8f4254
GET /settings?session_id=44a52223fb01c79465fa12ad00be41b01af606a1 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://platform.twitter.com/
Origin: https://platform.twitter.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 08 Nov 2022 22:20:43 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: application/json; charset=utf-8
cache-control: must-revalidate, max-age=600
last-modified: Tue, 08 Nov 2022 22:20:44 GMT
content-length: 375
content-encoding: gzip
x-transaction-id: 6475a9cd5b9b7073
strict-transport-security: max-age=631138519
access-control-allow-origin: https://platform.twitter.com
access-control-allow-credentials: true
x-response-time: 110
x-connection-hash: e2270441904909b917f36cbb0ea322527f317e7dae0aafe9778b4444cb1c74e4
X-Firefox-Spdy: h2
platform.twitter.com/js/horizon_timeline.5b32f06df3f1186af2ebf11024b09726.js
192.229.233.25200 OK 3.0 kB URL HTTP/1.1 platform.twitter.com/js/horizon_timeline.5b32f06df3f1186af2ebf11024b09726.js
IP 192.229.233.25:0
File type Unicode text, UTF-8 text, with very long lines (8274), with no line terminators
Hash 9dcf6c8cba8fe3e8cb99b94ee63af2d5
ec132eb470954fdf2ff629d8344942b47ce4a5d1
2783e866faf68e4f6bc1775136ac1fa7b05d4adc7522f350763eb09a0e91b80d
GET /js/horizon_timeline.5b32f06df3f1186af2ebf11024b09726.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 518391
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 08 Nov 2022 22:20:44 GMT
Etag: "be517337a860b30e72096680d8dde0eb+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:52 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71C)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 2977
syndication.twitter.com/i/jot/embeds?l=%7B%22experiment_key%22%3A%22tfw_horizon_timeline_12034%22%2C%22bucket%22%3A%22treatment%22%2C%22version%22%3Anull%2C%22data%22%3A%7B%7D%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1667946041212%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22widget_origin%22%3A%22%22%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22ddg%22%2C%22section%22%3A%22tfw_horizon_timeline_12034%22%2C%22action%22%3A%22experiment%22%7D%7D&session_id=44a52223fb01c79465fa12ad00be41b01af606a1
104.244.42.200200 OK 43 B URL HTTP/2 syndication.twitter.com/i/jot/embeds?l=%7B%22experiment_key%22%3A%22tfw_horizon_timeline_12034%22%2C%22bucket%22%3A%22treatment%22%2C%22version%22%3Anull%2C%22data%22%3A%7B%7D%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1667946041212%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22widget_origin%22%3A%22%22%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22ddg%22%2C%22section%22%3A%22tfw_horizon_timeline_12034%22%2C%22action%22%3A%22experiment%22%7D%7D&session_id=44a52223fb01c79465fa12ad00be41b01af606a1
IP 104.244.42.200:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/jot/embeds?l=%7B%22experiment_key%22%3A%22tfw_horizon_timeline_12034%22%2C%22bucket%22%3A%22treatment%22%2C%22version%22%3Anull%2C%22data%22%3A%7B%7D%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1667946041212%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22widget_origin%22%3A%22%22%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22ddg%22%2C%22section%22%3A%22tfw_horizon_timeline_12034%22%2C%22action%22%3A%22experiment%22%7D%7D&session_id=44a52223fb01c79465fa12ad00be41b01af606a1 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 08 Nov 2022 22:20:44 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: image/gif
cache-control: must-revalidate, max-age=600
last-modified: Tue, 08 Nov 2022 22:20:44 GMT
content-length: 43
x-transaction-id: 78dab29a5b7ad2e0
strict-transport-security: max-age=631138519
x-response-time: 119
x-connection-hash: e2270441904909b917f36cbb0ea322527f317e7dae0aafe9778b4444cb1c74e4
X-Firefox-Spdy: h2
cedofarmers.org/images/favicon/usikate.ico
192.185.57.117404 Not Found 2.4 kB URL HTTP/2 cedofarmers.org/images/favicon/usikate.ico
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Hash 2cdccc9eccc72b2742298d87caffaad1
6edb66f8bee92447167a98055ae225ee85945647
a4033c6180cf444d30d417f543c3c7b28b291d28169557e02269168f4ce20678
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /images/favicon/usikate.ico HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: no-cache, private
date: Tue, 08 Nov 2022 22:20:43 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 2401
content-type: text/html; charset=UTF-8
server: Apache
X-Firefox-Spdy: h2
syndication.twitter.com/srv/timeline-profile/screen-name/CEDO_Ug?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&limit=2&origin=https%3A%2F%2Fcedofarmers.org%2Findex.php&sessionId=44a52223fb01c79465fa12ad00be41b01af606a1&showHeader=true&showReplies=false&transparent=false&widgetsVersion=a3525f077c700%3A1667415560940
104.244.42.200200 OK 5.6 kB URL HTTP/2 syndication.twitter.com/srv/timeline-profile/screen-name/CEDO_Ug?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&limit=2&origin=https%3A%2F%2Fcedofarmers.org%2Findex.php&sessionId=44a52223fb01c79465fa12ad00be41b01af606a1&showHeader=true&showReplies=false&transparent=false&widgetsVersion=a3525f077c700%3A1667415560940
IP 104.244.42.200:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (26488), with no line terminators
Hash d9a7fb951f68b0f431dba0a8fc4a1831
5d4aede5ea929f3e86d8b8362e5f033cfd332a05
7dd267ee2776d0ec601c322acd811113a8da64d7fdacaa5c43bf365015d3788c
GET /srv/timeline-profile/screen-name/CEDO_Ug?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&limit=2&origin=https%3A%2F%2Fcedofarmers.org%2Findex.php&sessionId=44a52223fb01c79465fa12ad00be41b01af606a1&showHeader=true&showReplies=false&transparent=false&widgetsVersion=a3525f077c700%3A1667415560940 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 08 Nov 2022 22:20:45 GMT
etag: "6782-c+BzzEt7AmBoq6YxcVa+JF41opY"
perf: 7626143928
server: tsa_o
content-type: text/html; charset=utf-8
cache-control: must-revalidate, max-age=60
x-transaction-id: e3e33d46c77dd4f6
x-xss-protection: 0
strict-transport-security: max-age=631138519
content-encoding: gzip
content-length: 5648
x-response-time: 456
x-connection-hash: e2270441904909b917f36cbb0ea322527f317e7dae0aafe9778b4444cb1c74e4
X-Firefox-Spdy: h2
platform.twitter.com/_next/static/chunks/runtime-a148fbcbc5efcd91d3a7.js
192.229.233.25200 OK 2.1 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/runtime-a148fbcbc5efcd91d3a7.js
IP 192.229.233.25:0
File type ASCII text, with very long lines (3835), with no line terminators
Hash a7a94df486e306b619ab921142d234e2
1386bcf32860c146b6b7d912b92a540662cc7361
f4de548de8d166e7872adeefa8e8345f952b9001b40ca56622cd40033a34bf22
GET /_next/static/chunks/runtime-a148fbcbc5efcd91d3a7.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 441118
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 08 Nov 2022 22:20:45 GMT
Etag: "581beb14123ea389fe5c0fe24167fe0a+gzip"
Last-Modified: Thu, 03 Nov 2022 19:46:26 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71B)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 2097
cedofarmers.org/fonts/ionicons/fonts/ionicons.woff?v=4.0.0-19
192.185.57.117404 Not Found 102 kB URL HTTP/2 cedofarmers.org/fonts/ionicons/fonts/ionicons.woff?v=4.0.0-19
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
Size 102 kB (102328 bytes)
Hash 46a3f89f7cdbb73d367f0aaaab237686
549840b65c61265031adee0623127924cb507460
c0b62806138408c5e9901875e4ad4168d90de256d800da59db12ac775cffd7f4
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /fonts/ionicons/fonts/ionicons.woff?v=4.0.0-19 HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://cedofarmers.org/css/ionicons.min.css
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: no-cache, private
date: Tue, 08 Nov 2022 22:20:44 GMT
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
server: Apache
X-Firefox-Spdy: h2
platform.twitter.com/_next/static/chunks/main-e9db78f5e7b3d83edd5e.js
192.229.233.25200 OK 90 B URL HTTP/1.1 platform.twitter.com/_next/static/chunks/main-e9db78f5e7b3d83edd5e.js
IP 192.229.233.25:0
File type ASCII text, with no line terminators
Hash 8e33207e7b788da9abde5b6d33da0b00
23e48f1b412b3a0a406639f297fb6f4c4740efe8
80534a6e1ec41d37acec8be383f8d1112dbbeea31dd51ead47463095c13bff3a
GET /_next/static/chunks/main-e9db78f5e7b3d83edd5e.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 518392
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 08 Nov 2022 22:20:45 GMT
Etag: "8e33207e7b788da9abde5b6d33da0b00"
Last-Modified: Wed, 28 Sep 2022 17:24:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71A)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 90
platform.twitter.com/_next/static/chunks/pages/_app-446fb4a338b215deec8c.js
192.229.233.25200 OK 668 B URL HTTP/1.1 platform.twitter.com/_next/static/chunks/pages/_app-446fb4a338b215deec8c.js
IP 192.229.233.25:0
File type ASCII text, with very long lines (1338), with no line terminators
Hash 79fd032d8d5d9fa6b966e0a2b0e5a3e1
092828885b8721858c80381d92622760aa6b2188
d08463c097b4b77e9db4acb6fdf01a44f3b80db66cd368c76185a363c9bf0863
GET /_next/static/chunks/pages/_app-446fb4a338b215deec8c.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 518392
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 08 Nov 2022 22:20:45 GMT
Etag: "be3e428d416daa9027cecf70b5f26bf9+gzip"
Last-Modified: Wed, 28 Sep 2022 17:24:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 668
platform.twitter.com/_next/static/chunks/pages/timeline-profile/screen-name/%5BscreenName%5D-c8b4c96951cf24f547b4.js
192.229.233.25200 OK 1.3 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/pages/timeline-profile/screen-name/%5BscreenName%5D-c8b4c96951cf24f547b4.js
IP 192.229.233.25:0
File type ASCII text, with very long lines (13043), with no line terminators
Hash 9a40466b77e5f5f4a525cf508afee546
410eb7a6ee4ee31950b33844fd21efcc8850e3e0
aae2810ee062cd3d5a1d770d2f1b287c84d5ae6276c90914ab21c9cce6686538
GET /_next/static/chunks/pages/timeline-profile/screen-name/%5BscreenName%5D-c8b4c96951cf24f547b4.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 518391
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 08 Nov 2022 22:20:45 GMT
Etag: "1efc61e416c7f4f293501e877fbec836+gzip"
Last-Modified: Wed, 28 Sep 2022 17:24:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F714)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 1285
platform.twitter.com/_next/static/octaUlqc-A_Am4qAPnvU1/_buildManifest.js
192.229.233.25200 OK 414 B URL HTTP/1.1 platform.twitter.com/_next/static/octaUlqc-A_Am4qAPnvU1/_buildManifest.js
IP 192.229.233.25:0
File type ASCII text, with very long lines (1208), with no line terminators
Hash 19e50b016c2418a8b7178a219a9fe03d
68c691a19558f28e9111b35f0c0f182addd31e3f
ff39afa732cf28797d8c7d8170b9e4dcc5ab8bcbd688b44be3dc0d82a5b3bbe4
GET /_next/static/octaUlqc-A_Am4qAPnvU1/_buildManifest.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 441118
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 08 Nov 2022 22:20:45 GMT
Etag: "12a5a08767706f15b6b316996cd057c1+gzip"
Last-Modified: Thu, 03 Nov 2022 19:46:26 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F70D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 414
platform.twitter.com/_next/static/octaUlqc-A_Am4qAPnvU1/_ssgManifest.js
192.229.233.25200 OK 76 B URL HTTP/1.1 platform.twitter.com/_next/static/octaUlqc-A_Am4qAPnvU1/_ssgManifest.js
IP 192.229.233.25:0
File type ASCII text, with no line terminators
Hash abee47769bf307639ace4945f9cfd4ff
c0a0dc51ee8a2852baf5ff30c33b1478ff302585
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479
GET /_next/static/octaUlqc-A_Am4qAPnvU1/_ssgManifest.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 441117
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 08 Nov 2022 22:20:45 GMT
Etag: "abee47769bf307639ace4945f9cfd4ff"
Last-Modified: Thu, 03 Nov 2022 19:46:26 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F716)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 76
platform.twitter.com/_next/static/chunks/13.65c62863b5d1aec3d279.js
192.229.233.25200 OK 12 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/13.65c62863b5d1aec3d279.js
IP 192.229.233.25:0
File type ASCII text, with very long lines (38097), with no line terminators
Hash 6f1f49e728d9b878cfa056a239c32cb1
43e501c9bcafe56b859f414521ae48e8d81ce658
39392ba895d16fed8dda86e09ab0ae9f443895fda3036f50384308e59b5e98bc
GET /_next/static/chunks/13.65c62863b5d1aec3d279.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 441117
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 08 Nov 2022 22:20:45 GMT
Etag: "03a11df781dcaecf36e41e0b44708344+gzip"
Last-Modified: Thu, 03 Nov 2022 19:46:26 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71C)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 12015
platform.twitter.com/_next/static/chunks/2.691622e4391d1973cb65.js
192.229.233.25200 OK 7.7 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/2.691622e4391d1973cb65.js
IP 192.229.233.25:0
File type ASCII text, with very long lines (23122), with no line terminators
Hash 47db702890e40ec11a744a885b6724b9
8ad88841d05dc05ce69ee8d430728214dd82e981
c8f11861cf29a4bc87a1f04f8add61885cc2627e6fd35a0ad12c48acddbaecb6
GET /_next/static/chunks/2.691622e4391d1973cb65.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 518392
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 08 Nov 2022 22:20:45 GMT
Etag: "942b5b928a24465d1906b4716131d896+gzip"
Last-Modified: Wed, 28 Sep 2022 17:24:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F712)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 7674
platform.twitter.com/_next/static/chunks/4.87a72bcd1cc186518122.js
192.229.233.25200 OK 1.3 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/4.87a72bcd1cc186518122.js
IP 192.229.233.25:0
File type ASCII text, with very long lines (2558), with no line terminators
Hash 385597e7610afe03d76680534f29c35d
12280b5eef389f1e5a45b2b6ff7b21d1ca0b2f8f
ba66755ab4b673c2c028ddc2540308742f6287ae47243b6424df833c4ccd1be3
GET /_next/static/chunks/4.87a72bcd1cc186518122.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 441116
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 08 Nov 2022 22:20:45 GMT
Etag: "ff2a4a029f711ed6f7dcb3f1f834609a+gzip"
Last-Modified: Thu, 03 Nov 2022 19:46:26 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F717)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 1276
platform.twitter.com/_next/static/chunks/1.f4b5d6e5e8dcb4c6aa7f.js
192.229.233.25200 OK 299 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/1.f4b5d6e5e8dcb4c6aa7f.js
IP 192.229.233.25:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 299 kB (299281 bytes)
Hash 37911f421b8b06c74a625ce6d756bf02
e46b6ad082f67fdbbe9a580c5101389142f67ccb
4a8884b498676dbc1d2eb772bc28b6fab7abef976c997b46667c53b41e47c633
GET /_next/static/chunks/1.f4b5d6e5e8dcb4c6aa7f.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 441117
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 08 Nov 2022 22:20:45 GMT
Etag: "5a0c374fae04eeb3b101385087754b18+gzip"
Last-Modified: Thu, 03 Nov 2022 19:46:26 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F708)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 299281
platform.twitter.com/_next/static/chunks/0.ad6e60829dfc07776f5e.js
192.229.233.25200 OK 2.6 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/0.ad6e60829dfc07776f5e.js
IP 192.229.233.25:0
File type ASCII text, with very long lines (6721), with no line terminators
Hash 49f5b55936cdab12275a31750ba532c6
e7319555785aae707edd8fe90066a8c047cf0e8d
e1e93c439ee51eb31aa6adcc7cc267331b66b6d5d16c3ce0463b167e947edbcd
GET /_next/static/chunks/0.ad6e60829dfc07776f5e.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 441117
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 08 Nov 2022 22:20:45 GMT
Etag: "f8a649284ac45133fc2c0b92defbd7b3+gzip"
Last-Modified: Thu, 03 Nov 2022 19:46:28 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F711)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 187307
platform.twitter.com/_next/static/chunks/vendors~ondemand.LottieWeb.84a69543ec64b75cae2a.js
192.229.233.25200 OK 42 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/vendors~ondemand.LottieWeb.84a69543ec64b75cae2a.js
IP 192.229.233.25:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7d62fb224e618094ce4d3e0e5052d16e
867b72ca2f006158db3c520eb3a2532d63746b92
f5d821fa38dc57edfe84c505b14245d8d03a8553c55383ea3aabb688c1a1d21a
GET /_next/static/chunks/vendors~ondemand.LottieWeb.84a69543ec64b75cae2a.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 518393
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 08 Nov 2022 22:20:46 GMT
Etag: "72929dff5e574c1b877555fd36c7683a+gzip"
Last-Modified: Wed, 28 Sep 2022 17:24:15 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F711)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 41941
abs.twimg.com/sticky/animations/like.4.json
152.199.21.141200 OK 1.9 kB URL HTTP/2 abs.twimg.com/sticky/animations/like.4.json
IP 152.199.21.141:0
File type ASCII text, with very long lines (24291)
Hash c5203df5bd1440c2fdf4b44f0eb3116a
6b928e79e59b281eb5b9f5c2ad608f81078b5869
0b638ce107a37db0734fcd82af97d1dd575c246d737949c5414aa1dc549540e3
GET /sticky/animations/like.4.json HTTP/1.1
Host: abs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://syndication.twitter.com/
Origin: https://syndication.twitter.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 1661367
content-type: application/json
date: Tue, 08 Nov 2022 22:20:46 GMT
etag: "YKYmOkwIx9KztN7bQT7x8g=="
expires: Wed, 08 Nov 2023 22:20:46 GMT
last-modified: Thu, 20 Oct 2022 16:50:56 GMT
perf: 7626143928
server: ECAcc (ska/F695)
strict-transport-security: max-age=631138519
surrogate-key: twitter-assets
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
vary: Accept-Encoding
x-cache: HIT
x-connection-hash: 00620de26479f72103b0d6f4ca0873a782dd4164b4c1379a9b6b21190ad4a58b
x-content-type-options: nosniff
x-response-time: 10
x-ton-expected-size: 24292
x-transaction-id: 80afab27525733bc
content-length: 1897
X-Firefox-Spdy: h2
syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1667946043164%2C%22event_namespace%22%3A%7B%22action%22%3A%22results%22%2C%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline-profile%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fcedofarmers.org%2Findex.php%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%223a64761%3A1667500028145%22%2C%22widget_data_source%22%3A%22screen-name%3ACEDO_Ug%22%7D&session_id=44a52223fb01c79465fa12ad00be41b01af606a1
104.244.42.200200 OK 43 B URL HTTP/2 syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1667946043164%2C%22event_namespace%22%3A%7B%22action%22%3A%22results%22%2C%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline-profile%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fcedofarmers.org%2Findex.php%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%223a64761%3A1667500028145%22%2C%22widget_data_source%22%3A%22screen-name%3ACEDO_Ug%22%7D&session_id=44a52223fb01c79465fa12ad00be41b01af606a1
IP 104.244.42.200:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1667946043164%2C%22event_namespace%22%3A%7B%22action%22%3A%22results%22%2C%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline-profile%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fcedofarmers.org%2Findex.php%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%223a64761%3A1667500028145%22%2C%22widget_data_source%22%3A%22screen-name%3ACEDO_Ug%22%7D&session_id=44a52223fb01c79465fa12ad00be41b01af606a1 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/srv/timeline-profile/screen-name/CEDO_Ug?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&limit=2&origin=https%3A%2F%2Fcedofarmers.org%2Findex.php&sessionId=44a52223fb01c79465fa12ad00be41b01af606a1&showHeader=true&showReplies=false&transparent=false&widgetsVersion=a3525f077c700%3A1667415560940
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 08 Nov 2022 22:20:46 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: image/gif
cache-control: must-revalidate, max-age=600
last-modified: Tue, 08 Nov 2022 22:20:46 GMT
content-length: 43
x-transaction-id: ae9b821ad07a55a0
strict-transport-security: max-age=631138519
x-response-time: 108
x-connection-hash: e2270441904909b917f36cbb0ea322527f317e7dae0aafe9778b4444cb1c74e4
X-Firefox-Spdy: h2
cedofarmers.org/uploads/sliders/1604145998-OSProots.png
192.185.57.117200 OK 1.3 MB URL HTTP/2 cedofarmers.org/uploads/sliders/1604145998-OSProots.png
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1300 x 500, 8-bit/color RGBA, non-interlaced\012- data
Size 1.3 MB (1320099 bytes)
Hash 1081f5f35b1e307676729746f45041a6
9d1aeec335360caf2122c0b7c466a42a720b9d6b
e3f73b69c696ebff8d4427270851d702def72afa5d308e08137a227b00bba086
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/sliders/1604145998-OSProots.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 31 Oct 2020 12:06:38 GMT
accept-ranges: bytes
content-length: 1320099
content-type: image/png
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604226229-unigeorg_logo.png
192.185.57.117200 OK 1.4 MB URL HTTP/2 cedofarmers.org/uploads/partners/1604226229-unigeorg_logo.png
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 8309 x 1569, 8-bit/color RGBA, non-interlaced\012- data
Size 1.4 MB (1387462 bytes)
Hash 01187bb8a6418a114c91d623982c6c7d
9e78a01bb4c04f308a10d76a394f8312633399c7
572e7533f0458f13afa966be453343262e9b2a9075926f9ba332f966cc41d009
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604226229-unigeorg_logo.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:23:50 GMT
accept-ranges: bytes
content-length: 1387462
content-type: image/png
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
pbs.twimg.com/profile_images/1565337007949111298/J3XBI68t_normal.jpg
151.101.84.159200 OK 1.8 kB URL HTTP/2 pbs.twimg.com/profile_images/1565337007949111298/J3XBI68t_normal.jpg
IP 151.101.84.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 48x48, components 3\012- data
Hash ba251a21f21f0928d156d55dbc679b2c
db146ae08d57f8cf9e808fc85c5bb4309078aeaa
a0b0942af23e8083d6630784e64339ec68b0bb2de890d5bc68165ed46492957c
GET /profile_images/1565337007949111298/J3XBI68t_normal.jpg HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
perf: 7626143928
cache-control: max-age=604800, must-revalidate
last-modified: Thu, 01 Sep 2022 13:51:19 GMT
x-transaction-id: 5315594f0989e9d6
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
content-type: image/jpeg
accept-ranges: bytes
date: Tue, 08 Nov 2022 22:20:46 GMT
x-cache: HIT, HIT
x-tw-cdn: FT
x-served-by: cache-lhr7343-LHR, cache-bma1661-BMA, cache-tw-ZZZ1
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 1807
X-Firefox-Spdy: h2
cedofarmers.org/uploads/sliders/1604146647-cedomarketing.png
192.185.57.117200 OK 1.5 MB URL HTTP/2 cedofarmers.org/uploads/sliders/1604146647-cedomarketing.png
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1300 x 500, 8-bit/color RGBA, non-interlaced\012- data
Size 1.5 MB (1464925 bytes)
Hash 4d9deb6f6f7bd10382e63e50fe268144
e05262ff47ad84b82f0ee8e2a07927dfaddbe5a4
19ad01029437355fefa18bdd8db45ad96bcf5daae7a772aaab5907fa55bd3365
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/sliders/1604146647-cedomarketing.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 31 Oct 2020 12:17:26 GMT
accept-ranges: bytes
content-length: 1464925
content-type: image/png
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/uploads/sliders/1604145960-dreamsbgslider.png
192.185.57.117200 OK 1.5 MB URL HTTP/2 cedofarmers.org/uploads/sliders/1604145960-dreamsbgslider.png
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1300 x 500, 8-bit/color RGBA, non-interlaced\012- data
Size 1.5 MB (1469608 bytes)
Hash 8251b8294782a8dba967804b3f313751
0c706d25ee53f93153b507061ec85be3542278d8
c43a6755f50ee2188afaa24c10ee9b124f34a50093da26eb621da1b8adb40f83
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/sliders/1604145960-dreamsbgslider.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 31 Oct 2020 12:06:00 GMT
accept-ranges: bytes
content-length: 1469608
content-type: image/png
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
pbs.twimg.com/card_img/1589695478404239360/p4gzWY-5?format=jpg&name=240x240
151.101.84.159200 OK 7.0 kB URL HTTP/2 pbs.twimg.com/card_img/1589695478404239360/p4gzWY-5?format=jpg&name=240x240
IP 151.101.84.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x135, components 3\012- data
Hash 64b25f2b64968577b1295c360015feca
e2835221c07e1240fe93d8fb4c1f2b30c04e6864
50b981ddacd0ec071c556edcd910d5848ef70a07fb8d0660a6a0e9b6f9154212
GET /card_img/1589695478404239360/p4gzWY-5?format=jpg&name=240x240 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
perf: 7626143928
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Mon, 07 Nov 2022 19:03:11 GMT
x-transaction-id: d889575012b294a1
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
accept-ranges: bytes
date: Tue, 08 Nov 2022 22:20:46 GMT
x-cache: MISS, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7344-LHR, cache-bma1661-BMA, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 7022
X-Firefox-Spdy: h2
cedofarmers.org/fonts/ionicons/fonts/ionicons.ttf?v=4.0.0-19
192.185.57.117404 Not Found 2.4 kB URL HTTP/2 cedofarmers.org/fonts/ionicons/fonts/ionicons.ttf?v=4.0.0-19
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Hash 2cdccc9eccc72b2742298d87caffaad1
6edb66f8bee92447167a98055ae225ee85945647
a4033c6180cf444d30d417f543c3c7b28b291d28169557e02269168f4ce20678
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /fonts/ionicons/fonts/ionicons.ttf?v=4.0.0-19 HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/css/ionicons.min.css
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: no-cache, private
date: Tue, 08 Nov 2022 22:20:45 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 2401
content-type: text/html; charset=UTF-8
server: Apache
X-Firefox-Spdy: h2
pbs.twimg.com/media/E6zCuJYXMAEhuNy?format=jpg&name=120x120
151.101.84.159200 OK 8.0 kB URL HTTP/2 pbs.twimg.com/media/E6zCuJYXMAEhuNy?format=jpg&name=120x120
IP 151.101.84.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 120x80, components 3\012- data
Hash a250933363c5c93bff3ef7da3a51b330
b312d2b1cc9011274bbba39788211979dda381af
6512d9ba534b789fe5951ca8a85a75bba10a3a0fa6cb24cd7d51b04091ccbdac
GET /media/E6zCuJYXMAEhuNy?format=jpg&name=120x120 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
perf: 7626143928
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Wed, 21 Jul 2021 05:42:18 GMT
x-transaction-id: ef19c29d689271cb
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
accept-ranges: bytes
date: Tue, 08 Nov 2022 22:20:46 GMT
x-cache: MISS, MISS
x-tw-cdn: FT
x-served-by: cache-lhr6629-LHR, cache-bma1661-BMA, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 8002
X-Firefox-Spdy: h2
pbs.twimg.com/media/E6zCuJYXMAEhuNy?format=jpg&name=small
151.101.84.159200 OK 132 kB URL HTTP/2 pbs.twimg.com/media/E6zCuJYXMAEhuNy?format=jpg&name=small
IP 151.101.84.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 680x451, components 3\012- data
Size 132 kB (132336 bytes)
Hash 07871238f9f15ed20f184ce7289738a9
d588b1a60e51f3e2f4a3cb3b5677c228be929869
ec6dab6aa685bae8a5284f747e84b7e508a88916b0e004c208dc15cc697a11a1
GET /media/E6zCuJYXMAEhuNy?format=jpg&name=small HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Wed, 21 Jul 2021 05:42:18 GMT
x-transaction-id: 8944d861ebb2c5cc
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
accept-ranges: bytes
date: Tue, 08 Nov 2022 22:20:46 GMT
x-cache: MISS, HIT
x-tw-cdn: FT
x-served-by: cache-lhr7364-LHR, cache-bma1661-BMA, cache-tw-ZZZ1
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 132336
X-Firefox-Spdy: h2
cedofarmers.org/css/style.css
192.185.57.117200 OK 0 B URL HTTP/2 cedofarmers.org/css/style.css
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/style.css HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 19 Jun 2021 15:50:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/js/jquery.min.js
192.185.57.117200 OK 0 B URL HTTP/2 cedofarmers.org/js/jquery.min.js
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/jquery.min.js HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Tue, 08 Nov 2022 22:20:41 GMT
server: Apache
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.7.2/webfonts/fa-solid-900.woff2
172.64.133.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.7.2/webfonts/fa-solid-900.woff2
IP 172.64.133.15:0
GET /releases/v5.7.2/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cedofarmers.org
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 08 Nov 2022 22:20:42 GMT
content-type: font/woff2
content-length: 74348
x-amz-id-2: k2k/Odc7ufgx7xt4NReAoaKGKq7Qm8880w9gQgHdxORnqAyGehwqO3g/qnF5DRWtQDWhmOPvJiA=
x-amz-request-id: 1ERGBTQCZRTXNKQD
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:46:18 GMT
etag: "462806316fea535a6a57651bc2b000b0"
cache-control: max-age=31556926
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QzFsBa2uc4WrGjzbzT5OepEx7Pv8OJHqb99MPeNfmusip%2BCsdROu1h5ZYKntBm1rXRrzeXc9Z6cpuFblQWzHCVbWNB6IaAQfhY2zU0%2F4SdfAOlYrmirW%2Fy89WRwvxElSLrRp5pMC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7671b289abdc7714-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cedofarmers.org/fonts/ionicons/fonts/ionicons.woff2?v=4.0.0-19
192.185.57.117404 Not Found 0 B URL HTTP/2 cedofarmers.org/fonts/ionicons/fonts/ionicons.woff2?v=4.0.0-19
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /fonts/ionicons/fonts/ionicons.woff2?v=4.0.0-19 HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://cedofarmers.org/css/ionicons.min.css
Cookie: XSRF-TOKEN=eyJpdiI6InJ2UzBlc0ZyKzBnYS9jVlY2SGVoblE9PSIsInZhbHVlIjoiY3NNTVBoSjVwZkJsamRSK0dBaUY0TGcvdXY0Qml5ajdvNytyMWJRR2RnUkk5UXVVRlF4QkhJWEt4M1pFeDZCY2oyaWdSVXhOLzhHMHN5UTJVa0tLdHpNMmxweXRTYkp0cW9WdDluRnRvQVFQOElpWXZ2cFRWUVEwekFSc3drM0YiLCJtYWMiOiIxODNjMjQ1MDZmZjI3MGZiNjI1NjMxYWMzZjVjZWIwYmI0OWY0NGZjY2VlNWM3MDM3NjQzNjA1ZGQxMzE5N2FkIn0%3D; laravel_session=eyJpdiI6IlVuVk11MHMzWUUycjU3ZXVwdXdYWXc9PSIsInZhbHVlIjoiSGh4ZUk3RmFXQlA2YjZ5RUdXc0ttSkRaZVNWWVlXUmZuTWZCcGRVRGJObE5pRlExU3AxSytRL3FaNVZNZmNKMGNiaFZ1VEZ0aHRYNFloUkpXQ1czU2ViSTY1ajFCYVJPK1FING9tZmlVakNVZ1F0RWV0VlRMQ2ZTSFFFL3oxbmEiLCJtYWMiOiJlZTkyY2VjMTQxZWRmMGU0NDcyMDUwMjI5OWU3ZDVlZTc5NDUyMTIxOTgxMWVjYzNlYTJjNWRhZDE3YzhkMmRhIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: no-cache, private
date: Tue, 08 Nov 2022 22:20:43 GMT
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
server: Apache
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.7.2/css/all.css
172.64.133.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.7.2/css/all.css
IP 172.64.133.15:0
GET /releases/v5.7.2/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cedofarmers.org
Connection: keep-alive
Referer: https://cedofarmers.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 08 Nov 2022 22:20:41 GMT
content-type: text/css
x-amz-id-2: EBfxMhcvIvfMGdzOT8IFp0KyPTNJERfmxBSA0veLoFqKapdLK0NxteDZAa43YSTYSmQtV7vKnlM=
x-amz-request-id: 1ERVS3RYHG83AS8G
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:57 GMT
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
cache-control: max-age=31556926
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aL7hlw%2BpIRO%2B8p1ZPUy0S%2Fe75oKi3hI19uVYmPhdPMg2YDz8do5jRvXWYBrg8lBoyrui1ncs%2F4G1%2FraL7zBPAP2ccMgvsiUUKQyCM30iumRS4KvLINjTwtI9R2wZcddiiuxEAJHO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7671b286be347714-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2