Report - cfiprovidencia.com/ta/index.php?QBOT.zip

Report Overview

Submitted URL
cfiprovidencia.com/ta/index.php?QBOT.zip
IP
167.114.11.220
ASN
#16276 OVH SAS
Submitted
2022-12-06 21:23:38
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
156

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	803 B	2.5 kB	142.250.74.106
cfiprovidencia.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	17 kB	483 kB	167.114.11.220
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	3.4 kB	93.184.220.29
yt3.ggpht.com	203	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	468 B	3.0 kB	142.250.74.65
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	37 kB	34.120.237.76
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
static.xx.fbcdn.net	661	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.4 kB	220 kB	31.13.72.12
app-blue-upload.s3.amazonaws.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	416 B	22 kB	54.231.130.129
unpkg.com	11693	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	469 B	578 B	104.16.126.175
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	963 B	172.64.155.188
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.7 kB	104.17.25.14
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.1 kB	10 kB	142.250.74.131
www.youtube.com	90	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	169 kB	216.58.207.206
connect.facebook.net	139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	813 B	91 kB	31.13.72.12
i.ytimg.com	109	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	400 B	3.9 kB	142.250.74.118
code.jquery.com	634	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	767 B	98 kB	69.16.175.10
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	402 B	54 kB	172.217.21.168
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	4.4 kB	23.33.119.27
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	64 kB	142.250.74.35
jnn-pa.googleapis.com	2640	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	34 kB	216.58.207.234
app.bluecaribu.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.5 kB	88 kB	54.236.131.203
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	648 B	757 B	142.250.74.131
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.42.74.230
www.facebook.com	99	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	55 kB	31.13.72.36
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	350 B	1.0 kB	108.157.217.47

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

Scan Date	Severity	Indicator	Alert
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed
2022-12-06	medium	cfiprovidencia.com	Sinkholed

JavaScript (177)

	URL	Size	First Seen	Last Seen
	cfiprovidencia.com/ta/index.php?QBOT.zip	134 B	2023-03-08	2023-03-08
Pretty URL cfiprovidencia.com/ta/index.php?QBOT.zip IP 167.114.11.220 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:44:04 Last Seen2023-03-08 20:29:49 Times Seen1 Hash ab423c97b288087a73335746efe27f21 954978c5ed55c46e4498fd6e74454b69b596f7bd 72a0bc7009a3aeb25b15259ce9644c83a0a5f6d2e5eaa7f8ca99843b296e8b54 Loading...

	cfiprovidencia.com/ta/index.php?QBOT.zip	359 B	2023-03-08	2023-03-08
Pretty URL cfiprovidencia.com/ta/index.php?QBOT.zip IP 167.114.11.220 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:44:04 Last Seen2023-03-08 20:29:49 Times Seen1 Hash 0d903d5b14120b8b9ce94f167edc604a c536a717338a6e5fdfd02e4e3108d1bfee201a44 289f252a3c9f3645aa8ec24da613e75244c8ef674b136fd33d32051cf6b6d3fa Loading...

	www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f52b232d3c6%26domain%3Dcfiprovidencia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcfiprovidencia.com%252Ff1804f7b969cef6%26relation%3Dparent.parent&container_width=486&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FCFIProvidencia%2F&locale=es_ES&sdk=joey&show_facepile=false&small_header=false&tabs=timeline&width=500	1.6 kB	2023-03-08	2023-03-08
Pretty URL www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f52b232d3c6%26domain%3Dcfiprovidencia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcfiprovidencia.com%252Ff1804f7b969cef6%26relation%3Dparent.parent&container_width=486&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FCFIProvidencia%2F&locale=es_ES&sdk=joey&show_facepile=false&small_header=false&tabs=timeline&width=500 IP 31.13.72.36 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:29:10 Last Seen2023-03-08 20:29:10 Times Seen1 Hash 97b04c442bb1791ad815c33d5330107d 3f312e76b78535cb566e7f29f82b944f5257d697 1ebb055a2916c5d81c7d56dfe610eeb5ec0d3f31501aa4e116f3df56a29a20af Loading...

	static.xx.fbcdn.net/rsrc.php/v3/y3/r/6J_QyvBL291.js?_nc_x=Ij3Wp8lg5Kz	354 kB	2023-03-08	2023-03-08
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/y3/r/6J_QyvBL291.js?_nc_x=Ij3Wp8lg5Kz IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:29:10 Last Seen2023-03-08 20:36:17 Times Seen1 Hash 62daa78106773fb49f2cbc7270901d20 57e3f0ce85d6f7b6b940d8f007223284f9333145 fbea946dcaf530732f5ae270a18ce748adcf87c0c8e175755e1a8f7cbbcbcabc Loading...

	app.bluecaribu.com/ScriptMatic/script/whatsapp.js	18 kB	2023-03-08	2023-03-08
Pretty URL app.bluecaribu.com/ScriptMatic/script/whatsapp.js IP 54.236.131.203 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:44:04 Last Seen2023-03-08 20:29:49 Times Seen1 Hash b55c625dccc1cc90242b0812ef6c96d5 f3dcc67714aa74ab4a5c2b0d9f0e9fbcf756a4c1 a1258b047cea65fccf3cb70b5abfc17318659df38e8a239b06b593ae3544e085 Loading...

	static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz	507 B	2023-03-08	2024-04-18
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26:59 Last Seen2024-04-18 12:13:35 Times Seen20657 Hash 759df6e181340ef0a76a1bab457ebb22 2afdfa1808428e97f7f8faea0624c8402956b04e 9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b Loading...

	code.jquery.com/ui/1.12.1/jquery-ui.min.js	254 kB	2023-03-07	2024-04-18
Pretty URL code.jquery.com/ui/1.12.1/jquery-ui.min.js IP 69.16.175.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:22 Last Seen2024-04-18 09:31:34 Times Seen5593 Hash 0a497d4661df7b82feee14332ce0bdaf f77d06b0c5dedef1f1db051a44a2b0d7f233ba3a 55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5 Loading...

	static.doubleclick.net/instream/ad_status.js	29 B	2023-03-07	2024-04-18
Pretty URL static.doubleclick.net/instream/ad_status.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:17 Last Seen2024-04-18 07:35:29 Times Seen2735 Hash 1fa71744db23d0f8df9cce6719defcb7 e4be9b7136697942a036f97cf26ebaf703ad2067 eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9 Loading...

	static.xx.fbcdn.net/rsrc.php/v3/yM/r/7aTLu0Wi8bl.js?_nc_x=Ij3Wp8lg5Kz	28 kB	2023-03-08	2023-03-08
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/yM/r/7aTLu0Wi8bl.js?_nc_x=Ij3Wp8lg5Kz IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:29:10 Last Seen2023-03-08 20:42:53 Times Seen1 Hash 76d4fe9b09f281be24e86344cfc5c312 a53ff1a7236942ad3cd72b78d8c58d6cdb8e6943 2d268a0a57dab7928f4585aae4bcdf71ac0c8aa1208fa6c7d86f5425c5553ddf Loading...

	app.bluecaribu.com/ScriptMatic/script/chatbot.js	29 kB	2023-03-08	2023-03-08
Pretty URL app.bluecaribu.com/ScriptMatic/script/chatbot.js IP 54.236.131.203 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:44:04 Last Seen2023-03-08 20:29:49 Times Seen1 Hash 2c7536b47bc5139f9203678bcddc507d eeb38ad742b607463cabfa8a5d5a3e06887e4a68 59fb31b289415a39b6ec379c1067225197f01d82a529082691758adcdff36ee5 Loading...

	www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df33fd64522925%26domain%3Dcfiprovidencia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcfiprovidencia.com%252Ff1804f7b969cef6%26relation%3Dparent.parent&container_width=486&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FCFIProvidencia%2F&locale=es_ES&sdk=joey&show_facepile=false&small_header=false&tabs=timeline&width=250	18 kB	2023-03-08	2023-03-08
Pretty URL www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df33fd64522925%26domain%3Dcfiprovidencia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcfiprovidencia.com%252Ff1804f7b969cef6%26relation%3Dparent.parent&container_width=486&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FCFIProvidencia%2F&locale=es_ES&sdk=joey&show_facepile=false&small_header=false&tabs=timeline&width=250 IP 31.13.72.36 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:29:10 Last Seen2023-03-08 20:29:10 Times Seen1 Hash 7ba875ea2892728a4986ba11996b1e0a 71811618f64a159e890bf036acacb3b687912167 d307b05a8a73e17bc3c8b8f71d0968bd94f7d54dfb4ca88aa898b32abf0233e5 Loading...

	www.youtube.com/embed/FoZr0BboCBA	134 B	2023-03-07	2024-04-19
Pretty URL www.youtube.com/embed/FoZr0BboCBA IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:14 Last Seen2024-04-19 13:28:14 Times Seen34016 Hash e18eb9d0972d240f1a5456179bb6523b 65255f106adcff2907a98e295a8e7a38fe2884c4 3d68db2b85d5a2915743399f09dc438963f0c50f68b02df05d47a372661603e8 Loading...

	cfiprovidencia.com/ta/index.php?QBOT.zip	279 B	2023-03-08	2023-03-08
Pretty URL cfiprovidencia.com/ta/index.php?QBOT.zip IP 167.114.11.220 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:44:04 Last Seen2023-03-08 20:29:49 Times Seen1 Hash 667031e16f3ca898627f64e4823a667f 4a956dea7fcd540de01c04bde57f73b9f1b03de7 b359cd5018fcfe3f52952e752805e68d61347e80f0681b682ea1ee910350f687 Loading...

	cfiprovidencia.com/ta/index.php?QBOT.zip	453 B	2023-03-08	2023-03-08
Pretty URL cfiprovidencia.com/ta/index.php?QBOT.zip IP 167.114.11.220 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:44:04 Last Seen2023-03-08 20:29:49 Times Seen1 Hash c94d2bc69705b15beca6ac3d815cc195 8aab28e6fb4db1c36ad40e027355c4af48cbf64f b8ff3b7d41e1d9d551d507ddf1818f5ccc8610292084d6d670c98f70ebb19639 Loading...

	www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df33fd64522925%26domain%3Dcfiprovidencia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcfiprovidencia.com%252Ff1804f7b969cef6%26relation%3Dparent.parent&container_width=486&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FCFIProvidencia%2F&locale=es_ES&sdk=joey&show_facepile=false&small_header=false&tabs=timeline&width=250	7.8 kB	2023-03-08	2023-03-08
Pretty URL www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df33fd64522925%26domain%3Dcfiprovidencia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcfiprovidencia.com%252Ff1804f7b969cef6%26relation%3Dparent.parent&container_width=486&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FCFIProvidencia%2F&locale=es_ES&sdk=joey&show_facepile=false&small_header=false&tabs=timeline&width=250 IP 31.13.72.36 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:29:10 Last Seen2023-03-08 20:29:10 Times Seen1 Hash 1f5f383aae3b4bb3ae4426ad5c89dfb9 716d7ce3bb8f4647e911bfa40c25e94533490534 1904701bc098031f78fe499adf627874066f17842f2a362141ff6359c613efd4 Loading...

	www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f52b232d3c6%26domain%3Dcfiprovidencia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcfiprovidencia.com%252Ff1804f7b969cef6%26relation%3Dparent.parent&container_width=486&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FCFIProvidencia%2F&locale=es_ES&sdk=joey&show_facepile=false&small_header=false&tabs=timeline&width=500	15 kB	2023-03-08	2023-03-08
Pretty URL www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f52b232d3c6%26domain%3Dcfiprovidencia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcfiprovidencia.com%252Ff1804f7b969cef6%26relation%3Dparent.parent&container_width=486&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FCFIProvidencia%2F&locale=es_ES&sdk=joey&show_facepile=false&small_header=false&tabs=timeline&width=500 IP 31.13.72.36 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:29:10 Last Seen2023-03-08 20:29:10 Times Seen1 Hash f2e1cd8ebf6fe3e9e886df701ae6c1a9 12b20fa6336cadd016e967d2748a629464d96e2a 804e291c9083f15b7da3ea25b90837aa45c17b69b684a71b0957c6450911ce7d Loading...

	www.youtube.com/embed/FoZr0BboCBA	13 B	2023-03-07	2024-04-19
Pretty URL www.youtube.com/embed/FoZr0BboCBA IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:14 Last Seen2024-04-19 13:28:15 Times Seen33908 Hash d8fb965e7ead2924508e97e5326bd3b1 fae376d0cb54d4433b7bdc9aba04690cd6cb5d27 57bb660c2fdf4369ff8e37f99b26963dba87c120b80c443ff3d31e030ab3a0f5 Loading...

	connect.facebook.net/es_ES/sdk.js#xfbml=1&version=v2.7	3.1 kB	2023-03-08	2023-03-08
Pretty URL connect.facebook.net/es_ES/sdk.js#xfbml=1&version=v2.7 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:29:10 Last Seen2023-03-08 20:29:10 Times Seen1 Hash ecebeaada3c1d1d49973027b207e03dc 3923f089e3828a555aec6e3c8734a34293829d13 cb361b9012fc26261bb53cafe13cd7ba3514cc93b60bf00b05f6bac27b83115e Loading...

	www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df33fd64522925%26domain%3Dcfiprovidencia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcfiprovidencia.com%252Ff1804f7b969cef6%26relation%3Dparent.parent&container_width=486&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FCFIProvidencia%2F&locale=es_ES&sdk=joey&show_facepile=false&small_header=false&tabs=timeline&width=250	391 B	2023-03-08	2023-03-08
Pretty URL www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df33fd64522925%26domain%3Dcfiprovidencia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcfiprovidencia.com%252Ff1804f7b969cef6%26relation%3Dparent.parent&container_width=486&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FCFIProvidencia%2F&locale=es_ES&sdk=joey&show_facepile=false&small_header=false&tabs=timeline&width=250 IP 31.13.72.36 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:29:10 Last Seen2023-03-08 20:29:10 Times Seen1 Hash 7fb167a206c5b73d362687b9bc5cfa02 999579f3fa13e5c88c48515f0ab0663e2ce8103a 2b455d1c913615f2b2e83017868a90271342241ed1ab4ec6036ac39e0a56851b Loading...

	static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz	39 kB	2023-03-08	2023-04-02
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26:59 Last Seen2023-04-02 21:25:26 Times Seen2 Hash d0096b3780248d2d053b1826ffa2e991 cb82a7cd24e2afb463141954d925ca118db6000a f93df2735d94cf2ebfc2f07b0f8038e4c9e177d89e3e8b7cd1604e23c556f63b Loading...

	static.xx.fbcdn.net/rsrc.php/v3iLA-4/yy/l/es_ES/m3C9wUm7Rze.js?_nc_x=Ij3Wp8lg5Kz	30 kB	2023-03-08	2023-03-11
Pretty URL static.xx.fbcdn.net/rsrc.php/v3iLA-4/yy/l/es_ES/m3C9wUm7Rze.js?_nc_x=Ij3Wp8lg5Kz IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:44:04 Last Seen2023-03-11 14:16:58 Times Seen1 Hash c17c0dcfbaecb5d197475d8a4a8f2a61 1f45ddbab5ebece435f6ced3adcc572ff1bdd970 2768b9f28578e1c5d3c324a98119af755d5e5fce6da558665a2f98d689f222fa Loading...

	static.xx.fbcdn.net/rsrc.php/v3/yo/r/LWFrgKrNwhY.js?_nc_x=Ij3Wp8lg5Kz	320 kB	2023-03-08	2023-03-08
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/yo/r/LWFrgKrNwhY.js?_nc_x=Ij3Wp8lg5Kz IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:10:28 Last Seen2023-03-08 21:20:18 Times Seen1 Hash 31ef0cf6247175e711e84fd2114227c2 38e5f03063bf68ea0fc1c1a8f6f24df914290b5b cefa581d3b902675e571b90c35af48e58de931f2e547f7ba4ea6bf203054eb98 Loading...

	www.youtube.com/s/player/ac058a09/player_ias.vflset/en_US/embed.js	26 kB	2023-03-08	2023-03-08
Pretty URL www.youtube.com/s/player/ac058a09/player_ias.vflset/en_US/embed.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:04:20 Last Seen2023-03-08 21:43:50 Times Seen1 Hash 06c73e79651b39ebf4e317e65cbfaf7f 09bef305dc2df9a0dcf4f7382b3b697f19c1a174 8ed295179e986e6e46211aaab24b23b7223e04a97f89219eed8ad8173ab366d0 Loading...

	connect.facebook.net/es_ES/sdk.js?hash=5fce3cb9af2a4fea3a2a3d818c0b4dc8	308 kB	2023-03-08	2023-03-08
Pretty URL connect.facebook.net/es_ES/sdk.js?hash=5fce3cb9af2a4fea3a2a3d818c0b4dc8 IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:29:10 Last Seen2023-03-08 20:29:10 Times Seen1 Hash fb5ab6ba4a769aea95e8fcbe5f1606eb 3b4e01302eb97e4b002fd82e2adaf10b16c70768 6352a319c197e152fb4de5502911c465f81da79a98bb6ad89bfce8e43fd8451e Loading...

	www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f52b232d3c6%26domain%3Dcfiprovidencia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcfiprovidencia.com%252Ff1804f7b969cef6%26relation%3Dparent.parent&container_width=486&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FCFIProvidencia%2F&locale=es_ES&sdk=joey&show_facepile=false&small_header=false&tabs=timeline&width=500	218 B	2023-03-07	2024-04-19
Pretty URL www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f52b232d3c6%26domain%3Dcfiprovidencia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcfiprovidencia.com%252Ff1804f7b969cef6%26relation%3Dparent.parent&container_width=486&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FCFIProvidencia%2F&locale=es_ES&sdk=joey&show_facepile=false&small_header=false&tabs=timeline&width=500 IP 31.13.72.36 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-04-19 02:09:51 Times Seen12490 Hash 23731f926ba1b7856c53bf9c572f9e96 52618c2e6dd1bce8956fd2e2872c524eb1fd59d6 dbf6a6f99233910115437a7d602f004b1287d55441d4f751d152bf216375c07a Loading...

	static.xx.fbcdn.net/rsrc.php/v3/yH/r/att8vh4fKZW.js?_nc_x=Ij3Wp8lg5Kz	5.9 kB	2023-03-08	2023-03-11
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/yH/r/att8vh4fKZW.js?_nc_x=Ij3Wp8lg5Kz IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:29:30 Last Seen2023-03-11 23:53:02 Times Seen1 Hash e2629e00ff52c9be47641a586f08f82c 08d588734a11705c824070ef8f83468aea62609e eb3c7dcaabfe03ac2d7d3c41bb630dd73587b3f119962c536377e502e47f5df4 Loading...

	www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df33fd64522925%26domain%3Dcfiprovidencia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcfiprovidencia.com%252Ff1804f7b969cef6%26relation%3Dparent.parent&container_width=486&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FCFIProvidencia%2F&locale=es_ES&sdk=joey&show_facepile=false&small_header=false&tabs=timeline&width=250	252 B	2023-03-07	2024-03-07
Pretty URL www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df33fd64522925%26domain%3Dcfiprovidencia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcfiprovidencia.com%252Ff1804f7b969cef6%26relation%3Dparent.parent&container_width=486&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FCFIProvidencia%2F&locale=es_ES&sdk=joey&show_facepile=false&small_header=false&tabs=timeline&width=250 IP 31.13.72.36 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-03-07 18:38:30 Times Seen2234 Hash dfc334cd5201ae3c020f43848b1646c4 b951863e53fd874757a2d5a21c8739a4d3640947 6e28b909a82bf42f6a2b51d7bbdc3ecafc47cd43cd52d1a3b584250c2ae579fe Loading...

	cfiprovidencia.com/ta/index.php?QBOT.zip	105 B	2023-03-08	2023-03-08
Pretty URL cfiprovidencia.com/ta/index.php?QBOT.zip IP 167.114.11.220 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:44:04 Last Seen2023-03-08 20:29:49 Times Seen1 Hash 08a5fe2e17db12f7e8339d445c0dd553 205778ff1b87e57ce155a60494349690242a0f18 543dc89824d29979866ed8651dbef890ebe3fd6ea5289d2d88b71db222ac00b8 Loading...

	app.bluecaribu.com/conversion/integration/eb4ae45110e2b750dfa0f19525dfcb77	23 kB	2023-03-08	2023-03-08
Pretty URL app.bluecaribu.com/conversion/integration/eb4ae45110e2b750dfa0f19525dfcb77 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:29:10 Last Seen2023-03-08 20:29:10 Times Seen1 Hash d023e51a5921c59ed0daf6f4949e0ecf b737d00282888f5e54a3a471a763448da2e18c9a 15b6947a8303dd3f736efc2e6eacc5be3f2ef325e6f0d0a36467f3fc4efaf79e Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.16.0/jquery.validate.min.js	23 kB	2023-03-07	2024-04-18
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.16.0/jquery.validate.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:39 Last Seen2024-04-18 12:47:13 Times Seen779 Hash 9346ec27896981bc4c0b146cf327727a 21486194baa22eb1155fe98bf7af6314e7773cc7 50e497b00818378dcffe856b994f89947b620c66163768879c9b8a63d583f898 Loading...

	www.youtube.com/embed/FoZr0BboCBA	61 kB	2023-03-08	2023-03-08
Pretty URL www.youtube.com/embed/FoZr0BboCBA IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:29:10 Last Seen2023-03-08 20:29:10 Times Seen1 Hash 2ba0ebdb90715454d2af4ec18edefe39 b2ca6776a8e42a2dcfb1868f1e187799b2ee3e3d bad424019b08d470ccb7aa994d502bcbf321dfaa3059321c16528a15f149cc86 Loading...

	cdnjs.cloudflare.com/ajax/libs/intl-tel-input/16.1.0/js/utils.js	245 kB	2023-03-08	2024-02-12
Pretty URL cdnjs.cloudflare.com/ajax/libs/intl-tel-input/16.1.0/js/utils.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 11:47:53 Last Seen2024-02-12 23:14:19 Times Seen123 Hash 12855fe710661551c42e95a9c9290600 72c56f9f3584405934289059ccd5ed678ddcb00c df0797876b146528f534dc356f34fd6408384ca47baae6ecdfcdf0463294f142 Loading...

	www.googletagmanager.com/gtag/js?id=AW-633734239&_=1670361811191	138 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=AW-633734239&_=1670361811191 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:29:10 Last Seen2023-03-08 20:29:10 Times Seen1 Hash 6bf6c7c2496a77aef04ae620b36c8c0e a6b54f9d7c35d0d80f9281b929bf066ef5232387 4ba3e2d05e6f9a6d3994cb4030e5757d356f6a8d675327a3aab2d472cfc87d9a Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/633734239/?random=1670361811543&cv=11&fst=1670361811543&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fcfiprovidencia.com%2Fta%2Findex.php%3FQBOT.zip&auid=450745039.1670361811&data=event%3Dgtag.config&rfmt=3&fmt=4	1.8 kB	2023-03-08	2023-03-08
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/633734239/?random=1670361811543&cv=11&fst=1670361811543&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fcfiprovidencia.com%2Fta%2Findex.php%3FQBOT.zip&auid=450745039.1670361811&data=event%3Dgtag.config&rfmt=3&fmt=4 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:29:10 Last Seen2023-03-08 20:29:10 Times Seen1 Hash 0704ee5967064ee7401e86d5cab3b4c8 2eacf91483be65284a4ab8a5d6f63831f4f080de c135592ce4deeac89515009847efa8572db23670c03e41e019c6359042daa668 Loading...

	static.xx.fbcdn.net/rsrc.php/v3/ya/r/OZcLupMIkEN.js?_nc_x=Ij3Wp8lg5Kz	198 B	2023-03-08	2023-08-04
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/ya/r/OZcLupMIkEN.js?_nc_x=Ij3Wp8lg5Kz IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:32:36 Last Seen2023-08-04 20:26:51 Times Seen18 Hash 822c7301c1c0fe10418f38cef44cfcb5 221c974c23f5a3c67f29a9cd6f7fad476d60beb7 31f2f76d99d19fe98a0917f2b785a37c683b85fae29d66dd476ffa84c9a999fb Loading...

	cfiprovidencia.com/ta/index.php?QBOT.zip	367 B	2023-03-08	2023-03-08
Pretty URL cfiprovidencia.com/ta/index.php?QBOT.zip IP 167.114.11.220 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:44:04 Last Seen2023-03-08 20:29:49 Times Seen1 Hash a407e7429aacf24c4f340b99fa66ec85 91e58f39303a4d2dbec040acf0cb5c6b5afbbe9c fc879fe64c4d8fb0db5a83841023fa68b4bf0ff61b74a92296f281774c04e41d Loading...

	www.youtube.com/embed/FoZr0BboCBA	2.0 kB	2023-03-07	2024-01-05
Pretty URL www.youtube.com/embed/FoZr0BboCBA IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:14 Last Seen2024-01-05 16:27:33 Times Seen7664 Hash 6a73bc1d6d65579cd4d0e4ac0f0bbc4a 81de5599ae45f49e93a23f53833d3dc9c27c7a1e bf473ebe5e6ccb16d5b1df9579ac0666659badd85ee14dbb4669531ca0e226b1 Loading...

	www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f52b232d3c6%26domain%3Dcfiprovidencia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcfiprovidencia.com%252Ff1804f7b969cef6%26relation%3Dparent.parent&container_width=486&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FCFIProvidencia%2F&locale=es_ES&sdk=joey&show_facepile=false&small_header=false&tabs=timeline&width=500	7.9 kB	2023-03-08	2023-03-08
Pretty URL www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f52b232d3c6%26domain%3Dcfiprovidencia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcfiprovidencia.com%252Ff1804f7b969cef6%26relation%3Dparent.parent&container_width=486&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FCFIProvidencia%2F&locale=es_ES&sdk=joey&show_facepile=false&small_header=false&tabs=timeline&width=500 IP 31.13.72.36 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:29:10 Last Seen2023-03-08 20:29:10 Times Seen1 Hash 1aa9cb7c7ba1019cf5130b63175b9c30 68270b53130896e90a78a9980b9d21f1664dc962 1d1e75fc4d0116b0f9ba5b42141623822084aeda0e6693aaf409b6762f511554 Loading...

	static.xx.fbcdn.net/rsrc.php/v3iZsU4/yi/l/es_ES/sdLyto6-v_-.js?_nc_x=Ij3Wp8lg5Kz	85 kB	2023-03-08	2023-03-08
Pretty URL static.xx.fbcdn.net/rsrc.php/v3iZsU4/yi/l/es_ES/sdLyto6-v_-.js?_nc_x=Ij3Wp8lg5Kz IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:44:04 Last Seen2023-03-08 20:29:49 Times Seen1 Hash 80b61b31ce73de5f77caf856ff393d46 964961a9fe7a01c7a61ca32ae089093067d1f1b1 1f3d889b38c63176f42da98412f41034dba42c352d8257d3133f281cefc9a036 Loading...

	cdnjs.cloudflare.com/ajax/libs/tinycolor/1.4.1/tinycolor.min.js	15 kB	2023-03-08	2024-02-21
Pretty URL cdnjs.cloudflare.com/ajax/libs/tinycolor/1.4.1/tinycolor.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:44:04 Last Seen2024-02-21 22:28:28 Times Seen9 Hash 6a4ffbe1fb2a9ad6fa864973a7b0f1fe c1048c4a4d75198e4f115a3506073838a3f9cd2f 9688be1c8cc6dfb654dc28761dd9a7bb3f94acf1ce57e9a0fe21a824ce02235f Loading...

	code.jquery.com/jquery-2.2.4.min.js	86 kB	2023-03-07	2024-04-19
Pretty URL code.jquery.com/jquery-2.2.4.min.js IP 69.16.175.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-19 13:37:22 Times Seen380094 Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Loading...

	www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f52b232d3c6%26domain%3Dcfiprovidencia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcfiprovidencia.com%252Ff1804f7b969cef6%26relation%3Dparent.parent&container_width=486&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FCFIProvidencia%2F&locale=es_ES&sdk=joey&show_facepile=false&small_header=false&tabs=timeline&width=500	391 B	2023-03-08	2023-03-08
Pretty URL www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f52b232d3c6%26domain%3Dcfiprovidencia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcfiprovidencia.com%252Ff1804f7b969cef6%26relation%3Dparent.parent&container_width=486&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FCFIProvidencia%2F&locale=es_ES&sdk=joey&show_facepile=false&small_header=false&tabs=timeline&width=500 IP 31.13.72.36 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:29:10 Last Seen2023-03-08 20:29:10 Times Seen1 Hash f33cfe5d35371f5ea87b8abb6dca9794 2797e0ac53c42e299aff29cf72f830ed0a942ae9 4614ff5bad77bd4c6d65d830653376d556c8b2b88830cedad6a1be4fdd3920fc Loading...

	cdnjs.cloudflare.com/ajax/libs/intl-tel-input/16.0.0/js/intlTelInput.min.js	28 kB	2023-03-08	2024-02-21
Pretty URL cdnjs.cloudflare.com/ajax/libs/intl-tel-input/16.0.0/js/intlTelInput.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:44:04 Last Seen2024-02-21 09:31:12 Times Seen18 Hash cc546fd36b3250a9aa6500c1cf731799 438576eb431851117492ef505dd049e02ff483c7 cc43f24d17e53906d84037c99c68333365b8a5a375f73efb7c33de509b6e9102 Loading...

	static.xx.fbcdn.net/rsrc.php/v3/yR/r/bPhRbIw5d4Y.js?_nc_x=Ij3Wp8lg5Kz	53 kB	2023-03-08	2023-03-13
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/yR/r/bPhRbIw5d4Y.js?_nc_x=Ij3Wp8lg5Kz IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26:59 Last Seen2023-03-13 02:53:11 Times Seen1 Hash 73a0b1ff652307a0c4f80eefedf0674a 4972c74d05c51b1a6509ad59c145e9575efee260 dc07d382f00a25c7cab4993b3675027b7ba9fdf978474e9611aadde6383d9a57 Loading...

	static.xx.fbcdn.net/rsrc.php/v3/yX/r/JYOpIVwZVr3.js?_nc_x=Ij3Wp8lg5Kz	22 kB	2023-03-08	2023-03-11
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/yX/r/JYOpIVwZVr3.js?_nc_x=Ij3Wp8lg5Kz IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26:59 Last Seen2023-03-11 23:53:02 Times Seen1 Hash 9e7e32972f12d00feacb921846906ac6 f292ce3f81ffaaba10e8ac24458407d627e02b1a f2ca33864034e9249b711caf35f10c615d64a1a7b1fae36c96e150c502d5df2f Loading...

	www.googletagmanager.com/gtag/js?id=AW-633734239&_=1670361810726	138 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=AW-633734239&_=1670361810726 IP 172.217.21.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:29:10 Last Seen2023-03-08 20:29:10 Times Seen1 Hash f976d2e80fbc37879d39a54f573d8f62 514fecd654c9b27240de8ecbb41f9f2fe8eba977 f333caeb40b41c390f101657fb8bf886916f5989f6fc324251a57b4dd023dde2 Loading...

	www.youtube.com/embed/FoZr0BboCBA	26 B	2023-03-07	2024-04-19
Pretty URL www.youtube.com/embed/FoZr0BboCBA IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:14 Last Seen2024-04-19 13:28:14 Times Seen33949 Hash 173a08c5d6adc5c93611a599bcb2c717 735a7301e66ae2c3584357f7bf0bf09eefb62df0 271e6368679a21c3416e2a0325db33d6bc445d601c72a49914081b5efd0cdf3f Loading...

	www.youtube.com/embed/FoZr0BboCBA	25 B	2023-03-07	2023-11-29
Pretty URL www.youtube.com/embed/FoZr0BboCBA IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:42:37 Last Seen2023-11-29 10:16:14 Times Seen704 Hash 811cf37d35ecf4c7989e90e2ae417d42 b0e07024bdc24de1025ded22b0233c6250397808 f50cd7abf6ec0c3a2bc6c1f920a3608cfa7292ac9d0e43ad42938b59f575dbcf Loading...

	www.youtube.com/s/player/ac058a09/player_ias.vflset/en_US/remote.js	122 kB	2023-03-08	2023-03-08
Pretty URL www.youtube.com/s/player/ac058a09/player_ias.vflset/en_US/remote.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:04:20 Last Seen2023-03-08 21:43:05 Times Seen1 Hash 3790ea2ab5cadf248fab208c068fc23f e5763c9d765a927f7177aa2716093cc8a06bcee9 cb77dd9941ac19d276e403fdba06cb7bb0eef4df80eb526eba76b5ec274cf370 Loading...

	www.youtube.com/s/player/ac058a09/fetch-polyfill.vflset/fetch-polyfill.js	9.6 kB	2023-03-07	2024-01-08
Pretty URL www.youtube.com/s/player/ac058a09/fetch-polyfill.vflset/fetch-polyfill.js IP 216.58.207.206 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:14 Last Seen2024-01-08 01:35:01 Times Seen16862 Hash 99c2f70a68b9105e6de1d8aaecda635f 1c58a7f05d5d8579f6f1a6f73a9919e941c67dd8 498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9 Loading...

	www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f52b232d3c6%26domain%3Dcfiprovidencia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcfiprovidencia.com%252Ff1804f7b969cef6%26relation%3Dparent.parent&container_width=486&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FCFIProvidencia%2F&locale=es_ES&sdk=joey&show_facepile=false&small_header=false&tabs=timeline&width=500	18 kB	2023-03-08	2023-03-08
Pretty URL www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f52b232d3c6%26domain%3Dcfiprovidencia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcfiprovidencia.com%252Ff1804f7b969cef6%26relation%3Dparent.parent&container_width=486&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FCFIProvidencia%2F&locale=es_ES&sdk=joey&show_facepile=false&small_header=false&tabs=timeline&width=500 IP 31.13.72.36 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:29:10 Last Seen2023-03-08 20:29:10 Times Seen1 Hash ebb93c7e817aeeb2bec8e487a38e5f38 08fae0ce1d93b9f1029db38cc76fd15675eab93e f16f9d24f2c85e235bad641f49a064c46d89958ab09bddd5d5a624a9630023e3 Loading...

	unknown	0 B	2023-03-07	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 14:15:59 Times Seen36960786 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df33fd64522925%26domain%3Dcfiprovidencia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcfiprovidencia.com%252Ff1804f7b969cef6%26relation%3Dparent.parent&container_width=486&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FCFIProvidencia%2F&locale=es_ES&sdk=joey&show_facepile=false&small_header=false&tabs=timeline&width=250	15 kB	2023-03-08	2023-03-08
Pretty URL www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df33fd64522925%26domain%3Dcfiprovidencia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcfiprovidencia.com%252Ff1804f7b969cef6%26relation%3Dparent.parent&container_width=486&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FCFIProvidencia%2F&locale=es_ES&sdk=joey&show_facepile=false&small_header=false&tabs=timeline&width=250 IP 31.13.72.36 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:29:10 Last Seen2023-03-08 20:29:10 Times Seen1 Hash e8b4be1d621ca0c10c47d749f8e5e333 fc6cd9522b9f607a8002619fa54bd483eaed973c d26d04de77d682c6673070719d835d4ab21ef81ee1e82518ef746043f70eed59 Loading...

	www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df33fd64522925%26domain%3Dcfiprovidencia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcfiprovidencia.com%252Ff1804f7b969cef6%26relation%3Dparent.parent&container_width=486&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FCFIProvidencia%2F&locale=es_ES&sdk=joey&show_facepile=false&small_header=false&tabs=timeline&width=250	115 B	2023-03-08	2023-03-11
Pretty URL www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df33fd64522925%26domain%3Dcfiprovidencia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcfiprovidencia.com%252Ff1804f7b969cef6%26relation%3Dparent.parent&container_width=486&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FCFIProvidencia%2F&locale=es_ES&sdk=joey&show_facepile=false&small_header=false&tabs=timeline&width=250 IP 31.13.72.36 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:45:18 Last Seen2023-03-11 23:38:44 Times Seen1 Hash 48a35f8d0bafa70d7a557df471edca07 1f0fdbea685db9bdee2805bdd49cb4245d046b98 1f58770cb4b1ba23e53065a0a2d2561b8b8e4a1f015935811ee2a5ea138dd22f Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/633734239/?random=1670361811162&cv=11&fst=1670361811162&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fcfiprovidencia.com%2Fta%2Findex.php%3FQBOT.zip&auid=450745039.1670361811&data=event%3Dgtag.config&rfmt=3&fmt=4	1.8 kB	2023-03-08	2023-03-08
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/633734239/?random=1670361811162&cv=11&fst=1670361811162&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fcfiprovidencia.com%2Fta%2Findex.php%3FQBOT.zip&auid=450745039.1670361811&data=event%3Dgtag.config&rfmt=3&fmt=4 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:29:10 Last Seen2023-03-08 20:29:10 Times Seen1 Hash 2087a7823822ba7262298d4c6f4539d3 f238e6a71c265dc5cab5bcec1fe687e745a08985 7c4919ba0eab8faa6a59a8df8fccca076d5e664d17b7d40e3aabf30c08a3b705 Loading...

	www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df33fd64522925%26domain%3Dcfiprovidencia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcfiprovidencia.com%252Ff1804f7b969cef6%26relation%3Dparent.parent&container_width=486&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FCFIProvidencia%2F&locale=es_ES&sdk=joey&show_facepile=false&small_header=false&tabs=timeline&width=250	1.6 kB	2023-03-08	2023-03-08
Pretty URL www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df33fd64522925%26domain%3Dcfiprovidencia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcfiprovidencia.com%252Ff1804f7b969cef6%26relation%3Dparent.parent&container_width=486&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FCFIProvidencia%2F&locale=es_ES&sdk=joey&show_facepile=false&small_header=false&tabs=timeline&width=250 IP 31.13.72.36 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:29:10 Last Seen2023-03-08 20:29:10 Times Seen1 Hash f955e74a25768bae8ca9827c7e44daf7 23c1e1550e3cf5e8e3587ffbc27e6a624d74088a a3bfd31d871456b111188ddf8ad78997f38ec327f42e4858f7bd9f669d7309b4 Loading...

	cfiprovidencia.com/ta/index.php?QBOT.zip	343 B	2023-03-08	2023-03-08
Pretty URL cfiprovidencia.com/ta/index.php?QBOT.zip IP 167.114.11.220 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:44:04 Last Seen2023-03-08 20:29:49 Times Seen1 Hash e3a1fc53c4cbec3cb8462ff4dcdafed6 75697404e217436cac64f250e6918228733916f6 da2c462082e54d227437b9fc7dfe06a7e7b2cc0d491b5b6bf602315092a740a1 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-19
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-19 07:47:47 Times Seen1515 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	www.google.com/js/th/98eZ1SvQKncrIy_uxRv1pSvbmSGZ50EV24E3eut_s2o.js	37 kB	2023-03-08	2023-03-12
Pretty URL www.google.com/js/th/98eZ1SvQKncrIy_uxRv1pSvbmSGZ50EV24E3eut_s2o.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:52 Times Seen1 Hash 41a1716077a0ad33bf47a0cc6bf3ba18 bcadfab445062dcbb04175f10d3399e0d697776b f7c799d52bd02a772b232feec51bf5a52bdb992199e74115db81377aeb7fb36a Loading...

	www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f52b232d3c6%26domain%3Dcfiprovidencia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcfiprovidencia.com%252Ff1804f7b969cef6%26relation%3Dparent.parent&container_width=486&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FCFIProvidencia%2F&locale=es_ES&sdk=joey&show_facepile=false&small_header=false&tabs=timeline&width=500	10 B	2023-03-07	2024-04-19
Pretty URL www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f52b232d3c6%26domain%3Dcfiprovidencia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcfiprovidencia.com%252Ff1804f7b969cef6%26relation%3Dparent.parent&container_width=486&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FCFIProvidencia%2F&locale=es_ES&sdk=joey&show_facepile=false&small_header=false&tabs=timeline&width=500 IP 31.13.72.36 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:18 Last Seen2024-04-19 02:09:51 Times Seen14071 Hash 91b3d54bc665b27a303ea5103da4f0b5 1ea644a3b2b1e427686c79e379e4074d576e732a 8c946addeada771d3dc6866cc23be2d1ef3f84b0ae6a98989cbf25b1a9249a61 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 50f207163fcc448ca1c92f0684d7ca53	2 B	2023-03-07	2024-04-16
Pretty Observations First Seen2023-03-07 01:15:11 Last Seen2024-04-16 18:25:21 Times Seen1230 Hash 50f207163fcc448ca1c92f0684d7ca53 a65129e26960d650838473633e7c4f9bf9eee41b 2041a4c8854be18e6434440fafda85e2d16c967ff8f2ddefca20217c9f45cf30 Loading...

	#2 Eval - f19797e47ed421f0d1c8cbb8055b1278	95 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:54 Times Seen1 Hash f19797e47ed421f0d1c8cbb8055b1278 5dbcff9c8c9adcee062aa9fe0f389f255eada72d 2ee8f0689eb9bb0e3b623abe8e1b1e5d2247794004b8e4d8828d24a80440eb5d Loading...

	#3 Eval - dfd5b430bc4db2c2836d0227ad9ac0c4	2 B	2023-03-08	2024-04-05
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2024-04-05 19:39:34 Times Seen462 Hash dfd5b430bc4db2c2836d0227ad9ac0c4 26e1e07ebe1c5aba542576bd0d7a1f16c8cc937e eadede9d5c7ef2070ac8fb231dea0d84c4e11cd6d8f7ca801c687cf73c5ff5ca Loading...

	#4 Eval - 69d09b266c5aa342cddbae70e8d7b526	22 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:53 Times Seen1 Hash 69d09b266c5aa342cddbae70e8d7b526 078479867d1832c079a086ef9a07bee710b8326d 0f00d01e28d6182b46220ab67825632a4379073d1c43710693d1f7db37dd29a3 Loading...

	#5 Eval - 6ff581eaa7682be3aedcca1819a30e67	257 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:53 Times Seen1 Hash 6ff581eaa7682be3aedcca1819a30e67 99b31df35a38197a947ebdb4eec8a7422cdef615 539d1ce5db00dea4a2e0dfc77d6b82477fb6191876172acbddc6757446b04ebb Loading...

	#6 Eval - a1487e63d570fcac697ecfe447458797	79 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:54 Times Seen1 Hash a1487e63d570fcac697ecfe447458797 5497bb40d7ecfea0a4f5050370f7a827a4431ac7 d6a2fd6fb9e278cf8f11d7f038b59f5e0b2ead72aa43d10afc6366bfa1cd98e8 Loading...

	#7 Eval - 81043f8c681575bca3e4eff6afbd9db9	2 B	2023-03-08	2024-04-04
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2024-04-04 19:56:30 Times Seen367 Hash 81043f8c681575bca3e4eff6afbd9db9 4d6474389c691e30e03e8aca6cdcbe36b9c89491 c690f114c997123e2ebadb17c59d6a04591cb27785812b615b793b97096190eb Loading...

	#8 Eval - 828eaaf2abc3f463c812ac6dc099c09a	269 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:53 Times Seen1 Hash 828eaaf2abc3f463c812ac6dc099c09a c6949ae05ec772d634e438ce1073e8d098ad73e4 8675a2048c1a225d027f38349beeb4eb96078f7b5b4167a137f8e5364455b1db Loading...

	#9 Eval - 8f7e3789663a4c201398be1272709591	47 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:54 Times Seen1 Hash 8f7e3789663a4c201398be1272709591 b3c1ded0a0edfcd6ce2d75693bee361f43189cff 416c3981c086163a4907284e1d60df0e1e416f1afb88c5da8c551ada78fdd9fe Loading...

	#10 Eval - 63aaa104874885b9ebea6d036f4214e7	136 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:53 Times Seen1 Hash 63aaa104874885b9ebea6d036f4214e7 fe25a59abe122d3e13b74bf3ee1c5c1c6c61464b 68020534f1daac1559922fc5cefeb14601b2171dc3eb5b1adf44647c9c5a5ee1 Loading...

	#11 Eval - d48a24ae9672ee573050e4d3aeeebe4d	29 B	2023-03-07	2024-04-19
Pretty Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-19 13:28:15 Times Seen52918 Hash d48a24ae9672ee573050e4d3aeeebe4d 8f8c4d27852980a1ec5a8b1aba30769001314ec8 53e5b7d706a350fe98d52499058624e15cddc1541f17370f94a899a386c50255 Loading...

	#12 Eval - a931635074a5017da74948b67e16c76f	206 B	2023-03-07	2024-04-19
Pretty Observations First Seen2023-03-07 01:02:15 Last Seen2024-04-19 13:28:15 Times Seen39164 Hash a931635074a5017da74948b67e16c76f a6799582ad16a7c1ab8221c166268130df6691d2 1fb437ac78114eda813a7c4d5771b6d3aa34908a5ca3b743d5eb5c79088cf82c Loading...

	#13 Eval - f0e976b756b6afe7f40bca206a2d7150	29 B	2023-03-07	2024-04-19
Pretty Observations First Seen2023-03-07 01:02:14 Last Seen2024-04-19 13:28:16 Times Seen33955 Hash f0e976b756b6afe7f40bca206a2d7150 db9bee9a7bba93a60330ec5ef1334d9c164fcd56 029b84af88c5d6ced58173997a15fa47011e198e5449027d87e2f7b871f332c2 Loading...

	#14 Eval - 8c2279895f14b83375ee19b55ba2e89e	53 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:53 Times Seen1 Hash 8c2279895f14b83375ee19b55ba2e89e 5743c769c5b149420a6aa72c9fa24855f9a179dc 96343fe7b6abd932301a38e8741ff635d727f1354b8447ea0d92ce771d2e9c70 Loading...

	#15 Eval - 851065101b881443e25d972f4edc5d64	75 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:52 Times Seen1 Hash 851065101b881443e25d972f4edc5d64 c7e37452bd688be4e105755a36db60994e0a5bf9 89f1527b73b7439c5ef286728141a72cb8bb1f61e4edba23efbcf6e82d8287a2 Loading...

	#16 Eval - 5bce3019019c7154dce27c19fc3fe97b	253 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:54 Times Seen1 Hash 5bce3019019c7154dce27c19fc3fe97b 957ec06636d9fe60d9de28c8521ddfa7d9aed339 24f115977a85f0e1cf515164fa4e8ad127b4dcffd0be1675d88f8678130248ea Loading...

	#17 Eval - dd7536794b63bf90eccfd37f9b147d7f	1 B	2023-03-07	2024-04-19
Pretty Observations First Seen2023-03-07 01:02:15 Last Seen2024-04-19 08:14:54 Times Seen11776 Hash dd7536794b63bf90eccfd37f9b147d7f ca73ab65568cd125c2d27a22bbd9e863c10b675d a83dd0ccbffe39d071cc317ddf6e97f5c6b1c87af91919271f9fa140b0508c6c Loading...

	#18 Eval - 08e96e3d654ff18d0c089a84ae0fc5e2	199 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:53 Times Seen1 Hash 08e96e3d654ff18d0c089a84ae0fc5e2 0db554fe804ac00161e78209eee862f8d3416ba6 85b66c4d8c97271c59fd8f02e5e0d4fb3e04f4c2ff88b334d8cae3d131144996 Loading...

	#19 Eval - a03984284fa40b59b33bcd5358f73934	400 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:53 Times Seen1 Hash a03984284fa40b59b33bcd5358f73934 154964a2b8e34425cb7926669600c105ab79d259 b7f64082f0f019d80412e7bed23fc3b25d120d5179e52ba57a3e96311db701df Loading...

	#20 Eval - 44c29edb103a2872f519ad0c9a0fdaaa	1 B	2023-03-07	2024-04-19
Pretty Observations First Seen2023-03-07 01:20:09 Last Seen2024-04-19 09:51:54 Times Seen9226 Hash 44c29edb103a2872f519ad0c9a0fdaaa 511993d3c99719e38a6779073019dacd7178ddb9 5c62e091b8c0565f1bafad0dad5934276143ae2ccef7a5381e8ada5b1a8d26d2 Loading...

	#21 Eval - 1b1a5312f8e2ad17beae94b2e24e9dce	79 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:53 Times Seen1 Hash 1b1a5312f8e2ad17beae94b2e24e9dce 34ee13f68d54baf6a20e6ab24ba27f816bb4de30 35b6bca22119acfdd16a2992f68c35002b282b44656d8390f29e894d09d89352 Loading...

	#22 Eval - 960fa20fbf4bff6c6e274dd37c24ac05	149 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 19:44:04 Last Seen2023-03-08 20:29:49 Times Seen1 Hash 960fa20fbf4bff6c6e274dd37c24ac05 46d96d7f18e1535d89c486aa0b1bc482ec132e1d a766f20fd49b6cb30b51ae5416312122108bb65dcb6dbf8e12a86acf961425a9 Loading...

	#23 Eval - 8315ff7dac97ffcfa399e9e128493446	79 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:54 Times Seen1 Hash 8315ff7dac97ffcfa399e9e128493446 25dbf90625014853b5b9507f12430293fff37c9e dd3dc50a055cbb5f1dba5ba3df61caa35011120e3dc578abc590d603d008873c Loading...

	#24 Eval - c01c13c762b2aa0459b0b2f84731c37d	26 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:53 Times Seen1 Hash c01c13c762b2aa0459b0b2f84731c37d a538853ab6dd453250204c99d4da8b419b673560 842ec9adb40d18ead69c02333344662af7616891e0bee8364fbc84a457a0a4b2 Loading...

	#25 Eval - 64fd82841144e294654909dd3beea644	604 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:54 Times Seen1 Hash 64fd82841144e294654909dd3beea644 a9d3ecf38b0553dc7fdca764e44a0ba19098647a 77f2886dde2c84718f56643291de46e47f512b50fd67109054277e2db12eca97 Loading...

	#26 Eval - 7dd7b4b64cecd1911bcffb7a11c75115	26 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:54 Times Seen1 Hash 7dd7b4b64cecd1911bcffb7a11c75115 9c4a7ee07e72cbc25d259868790c0028c556575e c596ebba5428be04fcadc5c375d725a7f03b0cc1ca105c561b695ee84961b124 Loading...

	#27 Eval - b8c0191e81da13cfc19b94ce4e8c34c9	130 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:53 Times Seen1 Hash b8c0191e81da13cfc19b94ce4e8c34c9 7348813ddf90c9da47011b0a54478828a9e0f613 3cacbc604b229d85f4d3455430394afba031f759a8feab82e9f45f9dccada2c8 Loading...

	#28 Eval - 6b76324b6cf6be5d2a50324f75745000	101 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:54 Times Seen1 Hash 6b76324b6cf6be5d2a50324f75745000 ab903cbb8b087b943da7fda089f2a8d174154f5f 1fe27166aa2ca63a679b65aa20c87302c022829adb6f7510f2245db549978619 Loading...

	#29 Eval - ca1b82891207d24e2f542667eb36002a	587 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:54 Times Seen1 Hash ca1b82891207d24e2f542667eb36002a a602d090ead835dd9778fc3f443d0c7434c73034 ab27412791793e2f1d6d375604b76ddc431b79c4414d392fdcf663ead145f0a1 Loading...

	#30 Eval - 24cc3dc813f384fde380df619f1525cb	19 B	2023-03-07	2024-04-19
Pretty Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-19 13:28:16 Times Seen48548 Hash 24cc3dc813f384fde380df619f1525cb 56399e3ce57ff98d68c7de98a563e572230dff6b 5421715bbdaf2550e31d10fc28d444310a8fe7147bbddecf0abb490358a1553b Loading...

	#31 Eval - b24a6f3ddc220d962d9d32e54c4aa501	42 kB	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 20:29:10 Last Seen2023-03-08 20:29:10 Times Seen1 Hash b24a6f3ddc220d962d9d32e54c4aa501 579bfda86088735fb222452713b9271c6c4f8d49 5b85bb7b5726838e5d042a5a96a64991244145e6241228824c5aa652dad67165 Loading...

	#32 Eval - 2510c39011c5be704182423e3a695e91	1 B	2023-03-07	2024-04-19
Pretty Observations First Seen2023-03-07 01:15:11 Last Seen2024-04-19 10:35:58 Times Seen9445 Hash 2510c39011c5be704182423e3a695e91 27d5482eebd075de44389774fce28c69f45c8a75 aaa9402664f1a41f40ebbc52c9993eb66aeb366602958fdfaa283b71e64db123 Loading...

	#33 Eval - 0b3f09a3ff7a283f3bd09b654d7c61b5	22 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:53 Times Seen1 Hash 0b3f09a3ff7a283f3bd09b654d7c61b5 bd864f8cd23035f4201434d38c84181e4fa4034a f1fe70bd432c1460daf992465d04cb318c6ceb1807e5593b631e21dd2d895796 Loading...

	#34 Eval - ac960e98257b09d6356d50d6029098e0	2 B	2023-03-08	2024-04-02
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2024-04-02 07:36:53 Times Seen569 Hash ac960e98257b09d6356d50d6029098e0 a5833e6d85f848fc24e6106f34ca5c4804e4e163 4a71a08f98af4453be70fa70647f4b561062a03fb15827bdcbf3098bad8880c4 Loading...

	#35 Eval - 8451517bf6ea7fd4c772de2f6d38b12b	76 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:53 Times Seen1 Hash 8451517bf6ea7fd4c772de2f6d38b12b 10823f97d0c93438a329973e12ff4f105c203862 3d1d2740f1451dd739d3e4ec110129e163ed22d029bc0790f6a17bd15d73c886 Loading...

	#36 Eval - be01be3eb315037741cb140bc60a29fc	26 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:53 Times Seen1 Hash be01be3eb315037741cb140bc60a29fc 98facb12541838c73cd4d92ddaf4292cd0806f0f 1f8dbd74dbbc1b4252819c7f39a1946171ef1eef509c945ae5147f55ef50f5bf Loading...

	#37 Eval - f07c02d1127eda3514db1cf1fcf23bee	198 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:54 Times Seen1 Hash f07c02d1127eda3514db1cf1fcf23bee 49fa85c758c2d0f5e078e442f48b7ad770bf7309 00deb0b6e69e2fd6152e1e7dcbdfd66248d679dcbbdb65f2e7e52bc191311d48 Loading...

	#38 Eval - b9f0677ee21b6a054afb34c5b6e1bd38	200 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:54 Times Seen1 Hash b9f0677ee21b6a054afb34c5b6e1bd38 f07ae45162df6d6e538a1ab653d9965d3635377d 8b35eff55dbe7c6e95299cd161742cfa146fd6b879124d1367ddd9743935c62d Loading...

	#39 Eval - 632aaf161989c5feabedcce5436b3640	96 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:53 Times Seen1 Hash 632aaf161989c5feabedcce5436b3640 18f1a1d35a34ae45145088d421ceda7cfcb50874 01c25bd8b3fa554ed2c910beb1c896e5bcbc7f0a7be631c1527833cecbc291a6 Loading...

	#40 Eval - d7146c2e5aba2e75b478fb866679629b	22 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:54 Times Seen1 Hash d7146c2e5aba2e75b478fb866679629b c52e792999cf711eddc703c7e2a0dede2a193eca db3a4e00521910cd27fbf7564dbd3ddc0d4cfc69a5f3d83c05a32c0ead7efd1b Loading...

	#41 Eval - 37a6259cc0c1dae299a7866489dff0bd	4 B	2023-03-07	2024-04-19
Pretty Observations First Seen2023-03-07 01:02:14 Last Seen2024-04-19 13:28:15 Times Seen49687 Hash 37a6259cc0c1dae299a7866489dff0bd 2be88ca4242c76e8253ac62474851065032d6833 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b Loading...

	#42 Eval - 58939dda674d048ec616f80383a71687	70 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:54 Times Seen1 Hash 58939dda674d048ec616f80383a71687 3ea982650c5ee7f27786245de1144c221871467c 82aaec3ee6edef93193a29dafe190495f3c6683e0361f1c509046f2c713e0856 Loading...

	#43 Eval - 0563fcd3c81eef58e50b984c70677036	159 B	2023-03-07	2024-02-29
Pretty Observations First Seen2023-03-07 01:02:14 Last Seen2024-02-29 10:56:21 Times Seen35304 Hash 0563fcd3c81eef58e50b984c70677036 297f56d56ec1918a65a72c146da33d3ffb468684 ed2b7d8395578b6813022e5d55ce8066479d2def9c664882260f1516472c1838 Loading...

	#44 Eval - 02129bb861061d1a052c592e2dc6b383	1 B	2023-03-07	2024-04-18
Pretty Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-18 15:43:26 Times Seen12307 Hash 02129bb861061d1a052c592e2dc6b383 c032adc1ff629c9b66f22749ad667e6beadf144b 4b68ab3847feda7d6c62c1fbcbeebfa35eab7351ed5e78f4ddadea5df64b8015 Loading...

	#45 Eval - 8d1cb360c86296aeda3c739dda112bc0	132 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:53 Times Seen1 Hash 8d1cb360c86296aeda3c739dda112bc0 9f30c21439938452c471ac1fcaf3c0bac5e04a98 3b7a60b3d60e73e472d6102c638dfbad68e3af28961d2a14482b6edd5c2cbb7a Loading...

	#46 Eval - 3f09566f9cd69decebb5043202be7f3e	604 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:54 Times Seen1 Hash 3f09566f9cd69decebb5043202be7f3e c042c57a343ef0e29d9315f7476e3785ac599860 1fee6b49edf249609e1c61e668a1e3274b3649255e2e247b2f83c7b3089f3750 Loading...

	#47 Eval - f465da03521180d47c811a98c793a2d6	9 B	2023-03-07	2024-04-19
Pretty Observations First Seen2023-03-07 01:02:14 Last Seen2024-04-19 13:28:15 Times Seen33013 Hash f465da03521180d47c811a98c793a2d6 9b76105ff4c8bb84cd630914d772f4cc73df0155 e8183224e440eb4578fd87c4c47735f9ede4c43b1c6ebbdcd7033e98aba6a009 Loading...

	#48 Eval - b6fedf4d8b41bcd6fdd00dc73afebbf0	186 B	2023-03-07	2023-06-20
Pretty Observations First Seen2023-03-07 01:02:15 Last Seen2023-06-20 22:42:19 Times Seen10985 Hash b6fedf4d8b41bcd6fdd00dc73afebbf0 cc79d9f18327c590bfbf582db80c8771dbfda9a8 b98b82c364cf0a1c34b8ecf1aa18a6bf51bbd21631dd3794dad96c8ad3082a5f Loading...

	#49 Eval - 30b612220828c66a6df801fde7147a10	929 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:53 Times Seen1 Hash 30b612220828c66a6df801fde7147a10 63b4baff1d8f4eebf15d52ca6e6d4485c4eb88d1 9a90efe84a4621dd7bf6d7d6f0891d8af026e6ce7e474d98b0c5e5a7f41e23af Loading...

	#50 Eval - 959848ca10cc8a60da818ac11523dc63	2 B	2023-03-07	2024-01-15
Pretty Observations First Seen2023-03-07 17:52:42 Last Seen2024-01-15 19:09:54 Times Seen1166 Hash 959848ca10cc8a60da818ac11523dc63 85c9baff15217366743dfbda4b499260c0cfffbb 3c42d9ac9807bbf91745b921d4887371b41b4a52e4e78f0dd127358e967dd4e0 Loading...

	#51 Eval - 9d0137bffa0f20d5e8e9f54f2c84cf0a	10 B	2023-03-07	2024-04-19
Pretty Observations First Seen2023-03-07 01:02:15 Last Seen2024-04-19 13:28:16 Times Seen33020 Hash 9d0137bffa0f20d5e8e9f54f2c84cf0a 39edf6d919f82b9692a2edfecc78427a82567c42 269d4d56785ffc82f3ed05d8ee3b84fc18d7474663ddd06c6fd285165190bb19 Loading...

	#52 Eval - 77a233a8936975b262cf51a211f06316	354 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:53 Times Seen1 Hash 77a233a8936975b262cf51a211f06316 d63c3ff12c751610fbcb20dcdeda9e7d03882f86 80b9d81e9e7240aa401567ae7de70c51be0ae58348e7287fb12e7ba0c2260d37 Loading...

	#53 Eval - 0d80d99d7f209071a284c9ab6d14accf	83 B	2023-03-07	2024-04-19
Pretty Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-19 13:28:15 Times Seen53211 Hash 0d80d99d7f209071a284c9ab6d14accf c91e7389c28a7b35eeb114484808a20cddb8c20e 0cb21d1de060008bab472c15c63e6f15828de601f85deff00d701d26c0f6819a Loading...

	#54 Eval - 23ff49ed815108d610c1a75d592488dd	2 B	2023-03-08	2023-09-07
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-09-07 08:32:47 Times Seen85 Hash 23ff49ed815108d610c1a75d592488dd 544e5034c341c588ba7c40ee39edaf4b841df02b 4ab811cbefec4e9599ff3e9ccf5030371ba1325cee1ab43f4bca924ad887a8c7 Loading...

	#55 Eval - 3fe3de84275c2edcd95efff999764322	2 B	2023-03-07	2023-12-02
Pretty Observations First Seen2023-03-07 01:15:11 Last Seen2023-12-02 08:16:04 Times Seen158 Hash 3fe3de84275c2edcd95efff999764322 4c43617abe086779660effcd34fb51a96fe4e05f 585f45ee4ce012e226f215a77a041b3bbf31ba949279f21c66978c44552b214c Loading...

	#56 Eval - 399271553c923eca6eddfddf7ba81022	93 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:54 Times Seen1 Hash 399271553c923eca6eddfddf7ba81022 f79878cad92a6041b58de82f4fc2025ce63d8e04 da03c7238b44ee4a5096bd442c493bbbcd4e6c3773e7cafaa1be87919ce665df Loading...

	#57 Eval - acc7658a6a276ecb78d10f3229181ae8	2 B	2023-03-08	2023-10-27
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-10-27 02:01:18 Times Seen185 Hash acc7658a6a276ecb78d10f3229181ae8 c1c8ab2fc806e1ab75dfe358934d70dc9856e9ae 547429225633a18d7eed80823b723ff1c70703f34ed653df1124942a0c7ddd9e Loading...

	#58 Eval - 8d8b85adc4d2474a84fbca1381afb3c7	83 B	2023-03-07	2024-04-19
Pretty Observations First Seen2023-03-07 01:02:15 Last Seen2024-04-19 13:28:15 Times Seen39129 Hash 8d8b85adc4d2474a84fbca1381afb3c7 3815645d5a8680fd3ed4ce5a3b82f8d432448698 3eb8abc484d33a620c974de75babdd2caae4fff7dc8daad7d860dd41c93ee611 Loading...

	#59 Eval - 4a5dd5ddfd75916a38367521677b7987	59 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:54 Times Seen1 Hash 4a5dd5ddfd75916a38367521677b7987 d705976cd57050ededfac35724f57cba7c1584d0 21e02e61cd6c51e009d802d8fbfabf2509fcf9b4ca5a46c3782f376bc4aabbab Loading...

	#60 Eval - 1151f24be3c63db056f10938a42ab0ea	27 B	2023-03-07	2024-02-29
Pretty Observations First Seen2023-03-07 01:02:14 Last Seen2024-02-29 10:56:20 Times Seen35314 Hash 1151f24be3c63db056f10938a42ab0ea 5284a27f38597741e877ab31328cc8178b005676 0bc774ed3674af6aae8dd2c83bf89261e13ee293742afeda5161156a54bfc8ee Loading...

	#61 Eval - 2713e2cd49d98681390822101605680d	51 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:53 Times Seen1 Hash 2713e2cd49d98681390822101605680d 7eb359109c0f5f31e52d35dc585f5434b970d2eb 7b0a2e047f1fccccc45b495cb25773d3e3988df0d341463a5cac8e4df9fcbe24 Loading...

	#62 Eval - 9ce0c57140df8c07a2e616478887c682	133 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:53 Times Seen1 Hash 9ce0c57140df8c07a2e616478887c682 8a699da7e5c6ff659ef91c3a92e2fd7aebc84374 26de35bca54dafcf077a4cdb2952d7cd295639470a9ec2e75ce72b1f1ff94bae Loading...

	#63 Eval - 2fc4ddaa1c378ef0a54726e992c707d4	2 B	2023-03-07	2023-10-14
Pretty Observations First Seen2023-03-07 01:02:15 Last Seen2023-10-14 05:32:22 Times Seen169 Hash 2fc4ddaa1c378ef0a54726e992c707d4 97a02664f35ad0c9cbf2121dceebca2d7373e34a fce2551fcc23040870d151006816cc39d3831abff948dc646a2f6cb076e08ce0 Loading...

	#64 Eval - 180a30092c17bcb843787e11add73d75	70 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:54 Times Seen1 Hash 180a30092c17bcb843787e11add73d75 6985d6ad424bd3bbd9b789ed31bb3d2f9a7f3ac0 dd8aedb66a99bb9aae55205b518fd40bf4c19f054c163c0f4f96766df6eb7706 Loading...

	#65 Eval - 2df9a7caf67b51bfd3fd49c563d69769	93 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:54 Times Seen1 Hash 2df9a7caf67b51bfd3fd49c563d69769 a2ba5a1658aa35330418ed12150fef2988f6dc4a 6fbd3dce844a159e4b93dd5a6fbbd2e7a00cfe722832283ef36ccb1dbe06c898 Loading...

	#66 Eval - 778953cd8caee176b7829677b7296678	215 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:52 Times Seen1 Hash 778953cd8caee176b7829677b7296678 0af833d584931d0dc1d59b927576d076def6bab0 f1b32d2d48c2f386035d35b914521577752b1df8882f0dedb5d5cd220e502740 Loading...

	#67 Eval - 764abf394b01092b112b06c883490b79	262 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:54 Times Seen1 Hash 764abf394b01092b112b06c883490b79 919bdece6ca7b6255ac30452104c22710f698bd3 4ae2961cedcd98b7fb8bf9d88822c88b196ed5dc2589074aa3bc91f6c5ff6546 Loading...

	#68 Eval - e358efa489f58062f10dd7316b65649e	1 B	2023-03-07	2024-04-19
Pretty Observations First Seen2023-03-07 12:02:51 Last Seen2024-04-19 10:35:57 Times Seen10972 Hash e358efa489f58062f10dd7316b65649e 8efd86fb78a56a5145ed7739dcb00c78581c5375 e3b98a4da31a127d4bde6e43033f66ba274cab0eb7eb1c70ec41402bf6273dd8 Loading...

	#69 Eval - 529db0d927b90d4cb76ecbc6a66edf5b	447 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:53 Times Seen1 Hash 529db0d927b90d4cb76ecbc6a66edf5b 4a612f8ce495089c942f0a7c7dafe6f1cdab6cb4 e4613ea243f50beaa66b05b100c8e782cccddf26552d3e33f5ff1747cd6f5145 Loading...

	#70 Eval - 6e9eb21019a69367629de78418f15124	302 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:54 Times Seen1 Hash 6e9eb21019a69367629de78418f15124 31b1e58388ceef43610dac5e6d8519f8d854ce19 55ccda437e67f9fe82ac72f79ec78b16ca4acac8da6072fef39cf17169363ce5 Loading...

	#71 Eval - bae3f90cb000352645e35fad60da411c	35 B	2023-03-07	2024-04-19
Pretty Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-19 13:28:15 Times Seen52955 Hash bae3f90cb000352645e35fad60da411c 00023f94c170125b979cb1914925d06ab1abfbce 1e3606d95ce27d593157594820335681a9380f51a96147303cd8000e60a95e12 Loading...

	#72 Eval - 8277e0910d750195b448797616e091ad	1 B	2023-03-07	2024-04-19
Pretty Observations First Seen2023-03-07 01:15:11 Last Seen2024-04-19 13:19:03 Times Seen8625 Hash 8277e0910d750195b448797616e091ad 3c363836cf4e16666669a25da280a1865c2d2874 18ac3e7343f016890c510e93f935261169d9e3f565436429830faf0934f4f8e4 Loading...

	#73 Eval - 92a870e23eaac7b3c576e91b807f2a60	2 B	2023-03-08	2023-06-11
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-06-11 03:25:31 Times Seen49 Hash 92a870e23eaac7b3c576e91b807f2a60 029a3fcb010f8f92628023b595f00551a85179ef 8f11221310ebce98d55424e769c823a68b011b7c41e8e226e61de37872b23cec Loading...

	#74 Eval - da16f2cb03094a7bacfd9c425df967dc	2 B	2023-03-07	2024-02-22
Pretty Observations First Seen2023-03-07 12:24:13 Last Seen2024-02-22 03:41:32 Times Seen537 Hash da16f2cb03094a7bacfd9c425df967dc faec254a2f9efc40011df583bc503ee48385ead2 83b598dd20fb3a6a1be61c266def83a15947973d6a63f5d2b92084d632cd9af3 Loading...

	#75 Eval - 825d935137af6698efa99e3dbeafc55d	142 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:53 Times Seen1 Hash 825d935137af6698efa99e3dbeafc55d 86c776b7d9b6b2774c7cb795c2626cb05086f7ba bf4012fbf08dbc68a4d1ef087413e17f587990dee5b852eb07e6c35b35f0690f Loading...

	#76 Eval - 707354872d4e8210a2a573b99721b1fb	2 B	2023-03-08	2024-04-15
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2024-04-15 08:48:36 Times Seen243 Hash 707354872d4e8210a2a573b99721b1fb 1060274bc90076809718cff9566db8eaab1abfb5 9ee3b7c03a22b0ebb8995404573bbdb70305786bb8456f147ad26d463e4aef6c Loading...

	#77 Eval - bf2e0f38df2de923beb9dbf817f71616	931 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:52 Times Seen1 Hash bf2e0f38df2de923beb9dbf817f71616 bc610ff096df5eeb22d555f7a248d7028d967ac6 c5f749f20ba64b7b484c0a76f93d4b0445d50784569dfc2b2df1f400f04ea450 Loading...

	#78 Eval - 2a4ca1578690c0ab96c2ca25212d65f0	212 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:54 Times Seen1 Hash 2a4ca1578690c0ab96c2ca25212d65f0 78c11b602fe01b5b8444672cdc98c6c0f64432ee 52a7f105b7d43961b11ae33cdaa3e8d15ddce279d5033ac740b4de92ab8fdb77 Loading...

	#79 Eval - b7f41b572ec7b594e20bbfa479856b38	194 B	2023-03-07	2023-03-18
Pretty Observations First Seen2023-03-07 01:02:15 Last Seen2023-03-18 04:22:56 Times Seen1 Hash b7f41b572ec7b594e20bbfa479856b38 fa479c73e85fd5cb563bdf256eea6204c1ffa5b8 23f010e071f4759be28de8b76acc566788f4c15db1fe7f6e4c020a63f139cfa3 Loading...

	#80 Eval - e421b4cbdb4eab6c4cb9a1c165486fca	130 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:53 Times Seen1 Hash e421b4cbdb4eab6c4cb9a1c165486fca fadab0693e83f1d76e54f2b5422a20b8602b7bcb eb4ab40da5b3983d4b859e6d245f3bd35dee333e456da062c338104be3bca7d1 Loading...

	#81 Eval - 2db95e8e1a9267b7a1188556b2013b33	1 B	2023-03-07	2024-04-18
Pretty Observations First Seen2023-03-07 01:15:12 Last Seen2024-04-18 15:43:24 Times Seen10559 Hash 2db95e8e1a9267b7a1188556b2013b33 07c342be6e560e7f43842e2e21b774e61d85f047 acac86c0e609ca906f632b0e2dacccb2b77d22b0621f20ebece1a4835b93f6f0 Loading...

	#82 Eval - 6a709cafbb79446cce05a8025bdf217c	126 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:53 Times Seen1 Hash 6a709cafbb79446cce05a8025bdf217c 6387631a0c48164b9c0daca368565f4b429bd6e0 6dd903d60f05c8eedd2772a82abebc2e4725e5b2ec8f57c4fea4f09525e31772 Loading...

	#83 Eval - a6d4a731235f5eeb348105c6e3928c3f	606 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:53 Times Seen1 Hash a6d4a731235f5eeb348105c6e3928c3f de390ab0903e6b4c828a4b0f5dd449488e461178 15d123ac6b6f37e668d536a261aa1c57a4557b89cde3a85180197aa242d5f5b7 Loading...

	#84 Eval - 183d51cbe0803aa29830e6b447dd6a82	251 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:54 Times Seen1 Hash 183d51cbe0803aa29830e6b447dd6a82 96ceafe5f93533a9d0ab01ce65e7aaff9da9c8bc e426c7d5d0d149ab9321fbc4f2a90815432a9cc912539f1004fa949205ae2413 Loading...

	#85 Eval - 343b2f4cc197f2143a6465f2912b681f	131 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:53 Times Seen1 Hash 343b2f4cc197f2143a6465f2912b681f 372cec3cbf628bb4b064601ab562eadda78b5eae 0f71c59776dbfcc7bc90f9d018e9d94f6d1838fee0cccdb2575a5593c6551845 Loading...

	#86 Eval - 8abc024a4b47730174f67fd21c7542ed	76 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:54 Times Seen1 Hash 8abc024a4b47730174f67fd21c7542ed 28f4dee701b318ff5fc1b8169ce9cb5c75010dd3 2932fdf1f26d1a9cbec1e1b1141fa55333d89721e962d44e0c59ec9bcd728274 Loading...

	#87 Eval - bd738389266e0d148278e5be82412f74	135 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:54 Times Seen1 Hash bd738389266e0d148278e5be82412f74 a54ad9a39847fce390eac96196b428bd116b2ec3 69c76cd8c1e6e0885870df8fc2ff82b0f5257167db6997c5b98ad9f0fb4f194b Loading...

	#88 Eval - 05b8c74cbd96fbf2de4c1a352702fbf4	6 B	2023-03-07	2024-04-19
Pretty Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-19 13:28:15 Times Seen54198 Hash 05b8c74cbd96fbf2de4c1a352702fbf4 320ad267d8d969f285eda5c184f5455bd29c8c95 44ff7b02c80d38b26dd6aa31d9470aed81b32e10331a3c994fb1a9945fd847ba Loading...

	#89 Eval - a818fb9d785091b67348e2549125e6b5	79 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:54 Times Seen1 Hash a818fb9d785091b67348e2549125e6b5 f29fc102a4715b04eb6d171aa1648eb3b6c63068 3f85d61c8d440400478a69acab97077ca0e01321c56b9a619f1c4cb2c3d3dca3 Loading...

	#90 Eval - dabb1d1f3b754301d4eb0a7e5f6876df	324 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:54 Times Seen1 Hash dabb1d1f3b754301d4eb0a7e5f6876df fb7b75a9e4cd45131905ba44b3eb69145dcb543c 0b4771de986015e70ccdd2c30d8809373dcbaa813e799c3255106a16896df356 Loading...

	#91 Eval - 296bd53ca3618cb342ac8dca2454ac39	76 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:54 Times Seen1 Hash 296bd53ca3618cb342ac8dca2454ac39 8e1c138934f742fe73844cc811ddb51a453ac649 2ec1981ba7597dd5d081cf2bc65a7d5e7388a574a4d5d594814f2f7620d512f4 Loading...

	#92 Eval - 73e4694e15560466c428aa998bc12bcb	2 B	2023-03-08	2024-04-04
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2024-04-04 19:56:30 Times Seen105 Hash 73e4694e15560466c428aa998bc12bcb 211bad317368f521692d298520c59a1343abf739 8370df5f5312d7ec30077ab0473a2c0b415f13a5c3cfed248a0f0164f20c26b4 Loading...

	#93 Eval - 669a0c8b6c675f199474785ef4cbb792	264 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:53 Times Seen1 Hash 669a0c8b6c675f199474785ef4cbb792 a123397b265ef884defe3f6f9ca9a6e8d7d86e63 67ca898c21024b33c17cdec018e3d591ba8e49c599d31fb1883fc59a008eeb3b Loading...

	#94 Eval - f42f1aca76f73cb11a1ddfa76b105e39	69 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:54 Times Seen1 Hash f42f1aca76f73cb11a1ddfa76b105e39 3d09c05b8a26b166982bfbb3143d33e8351549ff 0235bb4d06b760d9f8e0a4c8c5c57dd933de922776024ee525bcbbfc02110cd8 Loading...

	#95 Eval - 046f0d1db97ccb93165e8d9064666e20	22 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:54 Times Seen1 Hash 046f0d1db97ccb93165e8d9064666e20 557d480e57d2d7c20b83557efc22f1ca26fe8335 ecbd04215823a880af2e09648e16f1ffe4ca9183758f4f93be2e2109471c00b0 Loading...

	#96 Eval - 28dc5cdc45c527931886089ff67bd769	2 B	2023-03-08	2023-07-29
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-07-29 14:06:49 Times Seen242 Hash 28dc5cdc45c527931886089ff67bd769 b1c959ab8d5227efafb1f307196fbb650435901b fdbfc08753d32f6ed7f7e169ba9c7e9504fc2e46d243b683e049199067f6e3b7 Loading...

	#97 Eval - 79fc4e49be6f941740bcf78757be0450	22 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:53 Times Seen1 Hash 79fc4e49be6f941740bcf78757be0450 232ac8af68b02c46c1dc42f00781c946e91182c3 0c4ff87f009adde675bc72970ca6239349111a90b0a2688333e110ccf7714fbc Loading...

	#98 Eval - bb33d975b61fa15342248b8f4f28d3b8	2 B	2023-03-08	2024-04-05
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2024-04-05 19:39:34 Times Seen225 Hash bb33d975b61fa15342248b8f4f28d3b8 6b1416bc79b4110c5d6d97572e9d35d88cfb69da b1cf5a2d2fa2998a4d9e0ebe249c6632ebd055c77fcc19fbb162ada321f8cd4e Loading...

	#99 Eval - fca981ada69ab84f715b0505b379efe5	145 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:54 Times Seen1 Hash fca981ada69ab84f715b0505b379efe5 60e513da1d65ae0278576ecae70fc9c324e405ed ff9f1f147c4b1731341866e4641c59e5d732345d3c394663725461a538a4c1fb Loading...

	#100 Eval - 25037ba6100799e4863bfa3db5850f81	96 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:53 Times Seen1 Hash 25037ba6100799e4863bfa3db5850f81 7ebc263bfd5939f6f6e0e52225bf6d7bc27174f4 fcbba12cfb2aa274360670a9aabb5818c5e5eeb8ba816c9c3c6d853ed5f4c564 Loading...

	#101 Eval - 8f17cb23fd14ee882ebc5731eea09908	425 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:53 Times Seen1 Hash 8f17cb23fd14ee882ebc5731eea09908 ec1d4759fcd6d74ae838d012303f412ce28b2df0 88ed1fc3551fe18a2288f229f80d726e8faa7f5f296e6cba48efeba4b5e75fab Loading...

	#102 Eval - deb1fdbb8b3456ba9a5cb9c38527829c	118 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:53 Times Seen1 Hash deb1fdbb8b3456ba9a5cb9c38527829c 75cb7408b694a11bcf0c94a3f6ea444c71f52e47 d467d8b0b1e512ab78971b28a77388b8b04c87cfeb4835fa118aaa5557458d0c Loading...

	#103 Eval - df5a4e5cbf4efc2b42c22800ff61814f	22 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:53 Times Seen1 Hash df5a4e5cbf4efc2b42c22800ff61814f 50d1119bfe8bd67049e0e3b2ce23d5ebd78aa219 4bdbeabac33ad5cfcfeaccc78402bb0b9b375252a89e87343069f5aecc9719fb Loading...

	#104 Eval - a3facf92a189a4c18e52b1a2d9b01dab	64 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:53 Times Seen1 Hash a3facf92a189a4c18e52b1a2d9b01dab b3f0cf2e40c4a6b8b56aa5b2eb5ed499ebe69d06 9a40aabaa6fbe83a3de4258f61dd2bf7010af4b1c7622cc811f314e8e54df956 Loading...

	#105 Eval - 9d0c63bb1849fe9358cfd669982d4aaf	115 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:53 Times Seen1 Hash 9d0c63bb1849fe9358cfd669982d4aaf 82a061e3ea0ac85cf730bf561b11b6d5d4fa9630 3afba0da10eb42b3f858df3adae43e7ddc06c3493d84c6195d11a7ad9dba5460 Loading...

	#106 Eval - 4f3aefdffca4e26632fec65b8c9271ea	22 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:54 Times Seen1 Hash 4f3aefdffca4e26632fec65b8c9271ea 73ced18d9069c1ffc56a4221faec8ab4fc753d2d 0da8282e9e7d98e3234521799dc88d68857d42ee5aaa5dfcda5b1bd4abd36e96 Loading...

	#107 Eval - b653cc1e5d6029ca0187d38b561f9218	82 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:53 Times Seen1 Hash b653cc1e5d6029ca0187d38b561f9218 9b89d3247f84ed0404e1292cb83ea22bb3c64675 444960c623ca206eeb1ad8331f10a2cf3f7f8ca522ad408fd3f582a758db6012 Loading...

	#108 Eval - 6722d6de03722896f53b7a41cb91e25a	213 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:53 Times Seen1 Hash 6722d6de03722896f53b7a41cb91e25a 3466545202c73ccc74c319f2d85fcfe120614ada 94b1c8067fbbcd2f7387a9d6db5b61150b114b064e33df2aabc4f2bd8a130879 Loading...

	#109 Eval - a5294b13a4212cdb5ce12ac094c02c3e	164 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:53 Times Seen1 Hash a5294b13a4212cdb5ce12ac094c02c3e b58eba10ad58773a830d810c3654b6903a3b4e9b 1dfe054c37a4d391f6d6271a369069b2a414d851ab949bd2a6b810c855f9b5f1 Loading...

	#110 Eval - 9891618d0a05c31c023d58e42c71871b	2 B	2023-03-07	2024-04-18
Pretty Observations First Seen2023-03-07 12:38:48 Last Seen2024-04-18 23:58:47 Times Seen758 Hash 9891618d0a05c31c023d58e42c71871b aba4644c6902b1386eca5c666d4b3c04d72c2d42 dc051b65e4406e62444d58c19675fe8688be6a90c5e622d40ff7b1795ffcc0f7 Loading...

	#111 Eval - 02254216324801a8211731781e7eb52e	2 B	2023-03-08	2024-03-08
Pretty Observations First Seen2023-03-08 09:58:53 Last Seen2024-03-08 23:19:35 Times Seen56 Hash 02254216324801a8211731781e7eb52e 29a6de2fd8618f31afb281a608c57995b7eb105d a6d3e418967763454165f7d985e0b24338dc580eeec4d619507dad8769edfd47 Loading...

	#112 Eval - d92eb8419f06d527b43dfd722d9ded38	162 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:54 Times Seen1 Hash d92eb8419f06d527b43dfd722d9ded38 ca03390e2e9e4c78141a1f20aed63e018c9ee8e3 eed2dd508a09c27244ec22635b3918c7d246e28a540b41577e30eff430616bc8 Loading...

	#113 Eval - 9bd8e41fda3a4f552186366134fe6813	356 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:54 Times Seen1 Hash 9bd8e41fda3a4f552186366134fe6813 5e64498425a01ae3d2071a027dd98307fc0c0131 21882c15efd5373be206e3621ff55158704c08f3a07d13e46e466520cad6a10e Loading...

	#114 Eval - ef2e66658b5809534b605acd75891d79	77 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 20:11:54 Last Seen2023-03-12 19:02:53 Times Seen1 Hash ef2e66658b5809534b605acd75891d79 9d5e8c170c1588dbcf962f0897a66f828dad7e32 b2994edff3b80e2ad0f99f00fbb7f638d8dc2f99b1f14d49ef1a40e579b29bb6 Loading...

	#115 Eval - 07eec273855b4b5c14c96f5e3d626951	40 kB	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 20:20:17 Last Seen2023-03-08 20:29:10 Times Seen1 Hash 07eec273855b4b5c14c96f5e3d626951 a2f5b9378ffbe2ee20290f4bebef14abd8acdda2 33aeba7881d63fb9c452ace24086efdf2a4f618806aa1e746565c75c425f15ab Loading...

		Size	First Seen	Last Seen
	#1 Write - 5ebd950ffb850640de3bd9930be1ca61	40 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 19:44:04 Last Seen2023-03-08 20:29:49 Times Seen1 Hash 5ebd950ffb850640de3bd9930be1ca61 57d508097c569a99db278cfbc06a1136a1a486d1 6d1c292b42746beb0849c37a21367cfbbabb652add8dd80a270625e62d518bea Loading...

	#2 Write - 3cf4057e4baffcb0b59593edc4845d95	39 B	2023-03-08	2023-03-14
Pretty Observations First Seen2023-03-08 19:44:04 Last Seen2023-03-14 10:20:47 Times Seen1 Hash 3cf4057e4baffcb0b59593edc4845d95 45e631869a859ab94dc676bf76f71b06bfad8d55 bc043c6b4932d5cec461ed9056c492eab781f9dd648bf747faed0039f21db180 Loading...

HTTP Transactions (123)

URL IP Response Size

cfiprovidencia.com/ta/index.php?QBOT.zip

167.114.11.220

301 Moved Permanently

256 B

URL HTTP/1.1
cfiprovidencia.com/ta/index.php?QBOT.zip
IP
167.114.11.220:0
ASN
#16276 OVH SAS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
256 B (256 bytes)
Hash
b16e4b5e88f90301c2a200a124dec5eb
5a62ac28a4b5d3ef3c1f62056e1ea00269ddb6b1
3526500c969a41adad0388ef2a53f95a85d7825f12f6d476aa0c48c7a1318d7a

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /ta/index.php?QBOT.zip HTTP/1.1
Host: cfiprovidencia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Tue, 06 Dec 2022 21:23:25 GMT
Server: Apache
Location: https://cfiprovidencia.com/ta/index.php?QBOT.zip
Content-Length: 256
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5ceaca9fd4ad000cb435820812fc69c8
8168397aaf7b572c89a9c83f46c0b65e4ac509f2
9c4e52e7e17158307d752db0bc3d1fbedae4f305cc301fd73b260f73ab796492

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3861
Expires: Tue, 06 Dec 2022 22:27:47 GMT
Date: Tue, 06 Dec 2022 21:23:26 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a0abf10fb7e96c1c98dacf2f013a68b4
acdd839bce85eadc78a8e821e32e00a958d5c0c8
b85d98f8df05431777d96c767ce4c152302ec3f653cdf6e61c8c3fa9574f3255

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B85D98F8DF05431777D96C767CE4C152302EC3F653CDF6E61C8C3FA9574F3255"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12248
Expires: Wed, 07 Dec 2022 00:47:34 GMT
Date: Tue, 06 Dec 2022 21:23:26 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
f83c5e33ba42e312ee398848bbb711f5
caa1fd23b1fbbe883292ded04404c1cfd861eb09
106d08fba45f1e13f85b4b5abc456594878494238933e54b6a06e21ed8a52bc9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5480
Cache-Control: max-age=139152
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:23:26 GMT
Etag: "638f19f6-1d7"
Expires: Thu, 08 Dec 2022 12:02:38 GMT
Last-Modified: Tue, 06 Dec 2022 10:31:18 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 1BUv7n44jmE32pZz8x5zRsiDu0lRWiYNuAR8Kt3ZXk7aY/BH8grEsIT7cYPTGsgXtjmEljLKkSgYTNJxjH3Yng==
x-amz-request-id: 6F2MSMVXTR9YR977
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 06 Dec 2022 20:47:14 GMT
age: 2173
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 06 Dec 2022 21:18:41 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 286
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 21:23:27 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 06 Dec 2022 21:08:58 GMT
cache-control: public,max-age=3600
age: 869
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
2c775ceae5ed5d9f108a45e6882050e6
864d1fbe638284316f1c6525e9e9047f2434c6ab
e92b7a834888c577ccf70a2d8e1cc3a21053e4991d38cbaff5dbd789270f1e85

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4321
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:23:27 GMT
Last-Modified: Tue, 06 Dec 2022 20:11:26 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 280

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c10bc583c46449dc192a809398b4e814
ff0f7ad905d32d7f3d01e4054552d0ad551503a5
defd2b2559e55c9c6c0f8be9b23c53c4e781a736feae3dd73b4d203b69cfcc57

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:23:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c10bc583c46449dc192a809398b4e814
ff0f7ad905d32d7f3d01e4054552d0ad551503a5
defd2b2559e55c9c6c0f8be9b23c53c4e781a736feae3dd73b4d203b69cfcc57

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:23:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c10bc583c46449dc192a809398b4e814
ff0f7ad905d32d7f3d01e4054552d0ad551503a5
defd2b2559e55c9c6c0f8be9b23c53c4e781a736feae3dd73b4d203b69cfcc57

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:23:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css?family=Hind+Vadodara:400,500,600,700

142.250.74.106

200 OK

965 B

URL HTTP/2
fonts.googleapis.com/css?family=Hind+Vadodara:400,500,600,700
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
965 B (965 bytes)
Hash
f3ecb4943b4adaabe0093bd731542f03
b616e275a2cef2d812cb0cac4d7753a1b694be9c
fde63020211a3e52fc2e8b5b0b8d9dcf3dd4960c8b10c0f0f68ec9d2d30bca9a

HTTP Headers

GET /css?family=Hind+Vadodara:400,500,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfiprovidencia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Dec 2022 21:23:27 GMT
date: Tue, 06 Dec 2022 21:23:27 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

push.services.mozilla.com/

52.42.74.230

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.42.74.230:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9/yc6gEU0yInzve6I4LrkQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: UdYpQu4G7mSUJ23tb1CM7+ZEGws=

cfiprovidencia.com/ta/images/banderas/iconColombia.png

167.114.11.220

404 Not Found

1.8 kB

URL HTTP/2
cfiprovidencia.com/ta/images/banderas/iconColombia.png
IP
167.114.11.220:0
ASN
#16276 OVH SAS

File type
data
Size
1.8 kB (1763 bytes)
Hash
e646b7d452778acfbcf059d83af1b1e5
d8bd0094525e573e7ab6d75262da95b004f9b4a5
4cd1de0743ffcabd7002e87178e517d6111133c78e814304323c20904baa011f

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /ta/images/banderas/iconColombia.png HTTP/1.1
Host: cfiprovidencia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfiprovidencia.com/ta/index.php?QBOT.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html;charset=utf-8
date: Tue, 06 Dec 2022 21:23:26 GMT
server: Apache
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.35

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cfiprovidencia.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:54 GMT
expires: Thu, 30 Nov 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 524974
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ee6bfe50f8e4b9c142f971a55496ac26
8c3fd42aaa7fa3ebdedc4f7b0271b8caae166e64
4582e8e1ada92a279cbc5d82904c7fd27b9d4b95bc06c7a8b3c13168978f0b33

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:23:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e24f2da4ed2e3cd07b0999a67550d634
6e2277e734fd0015849c3554dd2cf2ae289c2cf2
74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:23:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.youtube.com/s/player/ac058a09/www-player.css

216.58.207.206

200 OK

50 kB

URL HTTP/2
www.youtube.com/s/player/ac058a09/www-player.css
IP
216.58.207.206:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65536), with no line terminators
Size
50 kB (49862 bytes)
Hash
5a5b8eb5d8a3df4b72089b611a5e7deb
9eb088fd709aba51fcc2261764df57ddb6df1498
3e06a6dbf24b719e85dac71b46a939a516c246dee204817e5aee68f580b83406

HTTP Headers

GET /s/player/ac058a09/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/FoZr0BboCBA
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 49862
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 16:00:52 GMT
expires: Tue, 05 Dec 2023 16:00:52 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 05 Dec 2022 01:22:00 GMT
content-type: text/css
age: 105756
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.35

200 OK

15 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 21:48:03 GMT
expires: Fri, 01 Dec 2023 21:48:03 GMT
cache-control: public, max-age=31536000
age: 430525
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

142.250.74.35

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 16:40:43 GMT
expires: Fri, 01 Dec 2023 16:40:43 GMT
cache-control: public, max-age=31536000
age: 448965
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.youtube.com/s/player/ac058a09/www-embed-player.vflset/www-embed-player.js

216.58.207.206

200 OK

99 kB

URL HTTP/2
www.youtube.com/s/player/ac058a09/www-embed-player.vflset/www-embed-player.js
IP
216.58.207.206:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (679)
Size
99 kB (99188 bytes)
Hash
f87416e031d065a607bd0ef62fc7b0c6
667338b85fa358e402b548e423a917f7495a2575
d837a92b57b61e18f1ef785093ebb065cc0b4ba588d6e609c4cfcb26763dc63d

HTTP Headers

GET /s/player/ac058a09/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/FoZr0BboCBA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 99188
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 16:05:50 GMT
expires: Tue, 05 Dec 2023 16:05:50 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 05 Dec 2022 01:22:00 GMT
content-type: text/javascript
age: 105458
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.youtube.com/s/player/ac058a09/fetch-polyfill.vflset/fetch-polyfill.js

216.58.207.206

200 OK

2.8 kB

URL HTTP/2
www.youtube.com/s/player/ac058a09/fetch-polyfill.vflset/fetch-polyfill.js
IP
216.58.207.206:0
ASN
#15169 GOOGLE

File type
Algol 68 source text\012- Pascal source, ASCII text, with very long lines (555)
Size
2.8 kB (2786 bytes)
Hash
80fe2d229007996c8397073b00755dc7
121f82c77bcf2a297a1085e3b092415c463fcafe
033dfa8941482c82d4f1aaa4a9172fb379b9e46a02d5b36297c5476bbbfdea2c

HTTP Headers

GET /s/player/ac058a09/fetch-polyfill.vflset/fetch-polyfill.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/FoZr0BboCBA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 2786
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 16:05:50 GMT
expires: Tue, 05 Dec 2023 16:05:50 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 05 Dec 2022 01:22:00 GMT
content-type: text/javascript
age: 105458
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ee6bfe50f8e4b9c142f971a55496ac26
8c3fd42aaa7fa3ebdedc4f7b0271b8caae166e64
4582e8e1ada92a279cbc5d82904c7fd27b9d4b95bc06c7a8b3c13168978f0b33

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:23:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cfiprovidencia.com/ta/images/banderas/iconUsa.png

167.114.11.220

404 Not Found

30 kB

URL HTTP/2
cfiprovidencia.com/ta/images/banderas/iconUsa.png
IP
167.114.11.220:0
ASN
#16276 OVH SAS

File type
data
Size
30 kB (29645 bytes)
Hash
a5a3007e87864c012eca00deb8eefcbc
c71e9f8a28de649551f78bce6aee585aa261e9d3
063f1a22d290ec113ded12ff5ed35d568848fb84cc01fa2dd9299621c3c6539b

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /ta/images/banderas/iconUsa.png HTTP/1.1
Host: cfiprovidencia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfiprovidencia.com/ta/index.php?QBOT.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html;charset=utf-8
date: Tue, 06 Dec 2022 21:23:27 GMT
server: Apache
X-Firefox-Spdy: h2

cfiprovidencia.com/ta/js/jsfcrud.js

167.114.11.220

404 Not Found

30 kB

URL HTTP/2
cfiprovidencia.com/ta/js/jsfcrud.js
IP
167.114.11.220:0
ASN
#16276 OVH SAS

File type
data
Size
30 kB (29645 bytes)
Hash
53dc5517a619749c6df706258caba00b
824ec8e1abab17bb29fd49b0212c03ab86d26c86
4eed80073ed59feff641602a05a58e4f426cdb5fed923dc420685ff66ba792da

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /ta/js/jsfcrud.js HTTP/1.1
Host: cfiprovidencia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfiprovidencia.com/ta/index.php?QBOT.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html;charset=utf-8
date: Tue, 06 Dec 2022 21:23:26 GMT
server: Apache
X-Firefox-Spdy: h2

cfiprovidencia.com/ta/images/banderas/iconColombia.png

167.114.11.220

404 Not Found

58 kB

URL HTTP/2
cfiprovidencia.com/ta/images/banderas/iconColombia.png
IP
167.114.11.220:0
ASN
#16276 OVH SAS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (497)
Size
58 kB (58346 bytes)
Hash
9433874f959c5f58418f092948ca6994
e4681364701efe1abcc11483207e15deb127ef76
fc5f9d3c3c275000e6f226e013e6960373d997650824714e094b08c58d3d7822

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /ta/images/banderas/iconColombia.png HTTP/1.1
Host: cfiprovidencia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfiprovidencia.com/ta/index.php?QBOT.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html;charset=utf-8
date: Tue, 06 Dec 2022 21:23:27 GMT
server: Apache
X-Firefox-Spdy: h2

cfiprovidencia.com/ta/js/efectoImagenFixed.js

167.114.11.220

404 Not Found

58 kB

URL HTTP/2
cfiprovidencia.com/ta/js/efectoImagenFixed.js
IP
167.114.11.220:0
ASN
#16276 OVH SAS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (497)
Size
58 kB (58375 bytes)
Hash
9d109ffd1df0f34b62390a7d8f954794
e00c8f998cdca39c6a0bf33965eb2d7dd66ec50b
003169eaf4a7c2ae72f54a789c6dda0536d59cf5c69cb3ef04f90b1b185ea040

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /ta/js/efectoImagenFixed.js HTTP/1.1
Host: cfiprovidencia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfiprovidencia.com/ta/index.php?QBOT.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html;charset=utf-8
date: Tue, 06 Dec 2022 21:23:26 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d9339bfb0393ef6575db48a0481f2556
351fa573fc3ea6626f3258061743cad65e0c4fce
5890254c4fac81ab169d788b9e5f9100f36e1ea2a2a6fe9036c45122aff062b3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:23:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
82dc811a8b106183fe1a3c92caca7a67
6f91d328a356a18d85a192a057f8bb0f12bd310d
618addad95581f04d48245ca12062d5b959e236b7fbf12d4966471abb4b1e834

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:23:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

216.58.207.234

200 OK

0 B

URL HTTP/2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
216.58.207.234:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Tue, 06 Dec 2022 21:23:29 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cfiprovidencia.com/ta/images/logo/logoblanco.png

167.114.11.220

404 Not Found

17 kB

URL HTTP/2
cfiprovidencia.com/ta/images/logo/logoblanco.png
IP
167.114.11.220:0
ASN
#16276 OVH SAS

File type
data
Size
17 kB (17254 bytes)
Hash
8ae4cb71294d7e976bc442e08f9204a7
990e3ac22241541fd441e3dd674066d86df59e63
463cacbb98f8f9eb56dd19044a8d7cb159f4fafbea199f8b9343e5cd5bcca773

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /ta/images/logo/logoblanco.png HTTP/1.1
Host: cfiprovidencia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfiprovidencia.com/ta/index.php?QBOT.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html;charset=utf-8
date: Tue, 06 Dec 2022 21:23:26 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5006b8e985c5838b7fd2f2b558a65bc4
183ff15e0faedf346305fd6fe1c70c9c7a1eef4a
fcbfec9f5fd0e10d44778c1df64d8612281cd39881cdfd0aa8ca30d13655655a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:23:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cfiprovidencia.com/ta/images/correo.jpg

167.114.11.220

404 Not Found

18 kB

URL HTTP/2
cfiprovidencia.com/ta/images/correo.jpg
IP
167.114.11.220:0
ASN
#16276 OVH SAS

File type
data
Size
18 kB (18545 bytes)
Hash
62e1030475fd1a53d72a5df38b884cb9
844258e7e9f5ef0c693465c07716d3c1156b739f
1b8993e9cbfa0c39612f5c8151d38a01c7c66d228aee52f667ae375cd1763ff0

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /ta/images/correo.jpg HTTP/1.1
Host: cfiprovidencia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfiprovidencia.com/ta/index.php?QBOT.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html;charset=utf-8
date: Tue, 06 Dec 2022 21:23:26 GMT
server: Apache
X-Firefox-Spdy: h2

www.youtube.com/s/player/ac058a09/player_ias.vflset/en_US/base.js

216.58.207.206

200 OK

14 kB

URL HTTP/2
www.youtube.com/s/player/ac058a09/player_ias.vflset/en_US/base.js
IP
216.58.207.206:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (35818)
Size
14 kB (14262 bytes)
Hash
511a3814cb1663e9d9286015da587ae2
a9ef6e40f17b2659c823195354e912a8979cc1a0
a2e4a4711f28ea423fdcadcced71bdf38e190b285fdde3fc9f11868ad8730375

HTTP Headers

GET /s/player/ac058a09/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/FoZr0BboCBA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding, Origin
content-encoding: br
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 594613
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 16:01:09 GMT
expires: Tue, 05 Dec 2023 16:01:09 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 05 Dec 2022 01:22:00 GMT
content-type: text/javascript
age: 105739
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8aa9320315b7fc787bfd0fd1baea8721
45328506883b22acc927b8038b73e5247b0a1679
c5827834b5ce1e49980b439410b06fca062d877abd8ca89719b589a2fe28b4b9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:23:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

connect.facebook.net/es_ES/sdk.js

31.13.72.12

200 OK

1.7 kB

URL HTTP/2
connect.facebook.net/es_ES/sdk.js
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (1957)
Size
1.7 kB (1684 bytes)
Hash
d12d84fff51a7f727d2d1cce6f5eb722
1396749d3c422724d52b800a07452e6d6aa0eed8
2147fbb529f7444e19aef2fe0b5f399f3c40ab910e55b593e11904a07909535b

HTTP Headers

GET /es_ES/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfiprovidencia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: ecebeaada3c1d1d49973027b207e03dc
etag: "aba62e9fa3b56fa6025265c145f9f321"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Tue, 06 Dec 2022 21:37:49 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: 0S2E//Uaf3J9LRzOb163Ig==
x-fb-debug: 8gy2sA+lBJUay2r2Mhtsl4t2/2SMwBLSJffwS7qxQY5Z9YShDZSOF9vkvHYD4MwTAm/YrszXkOEKQx4MIDcovQ==
content-length: 1684
x-fb-trip-id: 1904183273
date: Tue, 06 Dec 2022 21:23:29 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

216.58.207.234

200 OK

31 kB

URL HTTP/2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
216.58.207.234:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size
31 kB (30786 bytes)
Hash
3b6e9a2745771c11fe6ebdb8b3258008
6ab91ce0b70184106531458948d555679515ce2c
c8531d2f221445ecbfe0d375f1ea5bafad3d6c9eb7f59836d99f7fb6ab42acf9

HTTP Headers

POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 06 Dec 2022 21:23:29 GMT
server: ESF
cache-control: private
content-length: 30786
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cfiprovidencia.com/ta/css/bootstrap.min.css

167.114.11.220

404 Not Found

30 kB

URL HTTP/2
cfiprovidencia.com/ta/css/bootstrap.min.css
IP
167.114.11.220:0
ASN
#16276 OVH SAS

File type
data
Size
30 kB (29644 bytes)
Hash
866a876a84f4988f4e6c8887aa31f801
ef60efa1ba3d094b83737ee080c4dced8f2817fe
28ecafb52dde9aa3856451c38d929c0796ea3290b7a06df0819180dae21889c5

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /ta/css/bootstrap.min.css HTTP/1.1
Host: cfiprovidencia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfiprovidencia.com/ta/index.php?QBOT.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html;charset=utf-8
date: Tue, 06 Dec 2022 21:23:26 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
007f06d0a9f50d66be88b3ddf28ecd8b
214ecccda1994c59b0b4e19f05435cb482148e7f
14e4152570b9c55d6cb83965c52a4eb6048d7df7db6b892c770ab66f4700fb51

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:23:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d44205a852cedc47da2373b3542f2ca0
884e5d2d7ef372a86e7edc3f8c1dc63a3b4fbe82
f2adb5b3e4b05ad953d43f483497243ae66c148f2af8f39473ddc6fcf2623bb9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5154
Cache-Control: max-age=147099
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:23:29 GMT
Etag: "638f3a4a-1d7"
Expires: Thu, 08 Dec 2022 14:15:08 GMT
Last-Modified: Tue, 06 Dec 2022 12:49:14 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

yt3.ggpht.com/0k-LwrjbApkBfCHAeUvjsDE478jDeo6Cvh9WABAd4g6cShl0gplt0OSyUFLpSaM7gD8kY16I=s68-c-k-c0x00ffffff-no-rj

142.250.74.65

200 OK

2.4 kB

URL HTTP/2
yt3.ggpht.com/0k-LwrjbApkBfCHAeUvjsDE478jDeo6Cvh9WABAd4g6cShl0gplt0OSyUFLpSaM7gD8kY16I=s68-c-k-c0x00ffffff-no-rj
IP
142.250.74.65:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Size
2.4 kB (2370 bytes)
Hash
e678e17661133b7ce1fe0944b97c6461
b1cede147bca62fc8a8c89cc4fe76260e8522c4b
73697d107dfaf8b8cabe82c14626aa8e5f616609e9d9adc417ace1d4be8b80d1

HTTP Headers

GET /0k-LwrjbApkBfCHAeUvjsDE478jDeo6Cvh9WABAd4g6cShl0gplt0OSyUFLpSaM7gD8kY16I=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2370
x-xss-protection: 0
date: Tue, 06 Dec 2022 20:37:30 GMT
expires: Tue, 06 Dec 2022 17:40:25 GMT
cache-control: public, max-age=86400, no-transform
age: 2759
etag: "v1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

i.ytimg.com/vi_webp/FoZr0BboCBA/default.webp

142.250.74.118

200 OK

3.2 kB

URL HTTP/2
i.ytimg.com/vi_webp/FoZr0BboCBA/default.webp
IP
142.250.74.118:0
ASN
#15169 GOOGLE

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 120x90, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
3.2 kB (3186 bytes)
Hash
88f43258dd1ead8fdcda53bf3e2bac50
f907876798f647bc266498bbd4e545fb992ee708
94273d9fecfda30ab6fd58fa80de77500d6e844c4ee5dda1e894ec280508850c

HTTP Headers

GET /vi_webp/FoZr0BboCBA/default.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 3186
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 21:23:29 GMT
expires: Tue, 06 Dec 2022 23:23:29 GMT
cache-control: public, max-age=7200
etag: "1523630981"
content-type: image/webp
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cfiprovidencia.com/ta/images/banderas/iconUsa.png

167.114.11.220

404 Not Found

9.5 kB

URL HTTP/2
cfiprovidencia.com/ta/images/banderas/iconUsa.png
IP
167.114.11.220:0
ASN
#16276 OVH SAS

File type
data
Size
9.5 kB (9527 bytes)
Hash
8dd34e2b15f7a0d00e8e4427999e2624
f760c7221c0e028369d42fee1f4504e1b9bc5d53
06860f349e5421c93d4cf821fcc6cd054b3d69fcf8dcee3780d827120699535e

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /ta/images/banderas/iconUsa.png HTTP/1.1
Host: cfiprovidencia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfiprovidencia.com/ta/index.php?QBOT.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html;charset=utf-8
date: Tue, 06 Dec 2022 21:23:26 GMT
server: Apache
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16018
Expires: Wed, 07 Dec 2022 01:50:27 GMT
Date: Tue, 06 Dec 2022 21:23:29 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16018
Expires: Wed, 07 Dec 2022 01:50:27 GMT
Date: Tue, 06 Dec 2022 21:23:29 GMT
Connection: keep-alive

cfiprovidencia.com/ta/images/cuadros2.png

167.114.11.220

404 Not Found

51 kB

URL HTTP/2
cfiprovidencia.com/ta/images/cuadros2.png
IP
167.114.11.220:0
ASN
#16276 OVH SAS

File type
data
Size
51 kB (50760 bytes)
Hash
eebd4a0a9700c2774c2578a795a83df4
6658f63ee23ad08e2fd8a5e67f6d35437ee17857
bb18c5c0581b1853f06ba072bfa8c21132a4f4d9bc4f89b9cd552caa61d66611

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /ta/images/cuadros2.png HTTP/1.1
Host: cfiprovidencia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfiprovidencia.com/ta/index.php?QBOT.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html;charset=utf-8
date: Tue, 06 Dec 2022 21:23:26 GMT
server: Apache
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16018
Expires: Wed, 07 Dec 2022 01:50:27 GMT
Date: Tue, 06 Dec 2022 21:23:29 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11224 bytes)
Hash
b15136d60fd0a5e0f657a4f5c75d540f
36082b7329d473829178f280cb71a83b1531e486
79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:23:09 GMT
age: 82820
etag: "36082b7329d473829178f280cb71a83b1531e486"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
007f06d0a9f50d66be88b3ddf28ecd8b
214ecccda1994c59b0b4e19f05435cb482148e7f
14e4152570b9c55d6cb83965c52a4eb6048d7df7db6b892c770ab66f4700fb51

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:23:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11175 bytes)
Hash
38b97436af942d5eb1111ca7043259a0
0234fe32c84c4711f0619714f3ac6d3db1b717d3
a76a7721355abbaecd5c8cb5218e7e4626dc345eb26e7541c71bf4ceaa7ae5d8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11175
x-amzn-requestid: 9c93ddca-1247-44af-a364-e617f69ace26
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSzYEnEoAMFa2A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64e2-7d38ea383725901524bc2ca0;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jqWuNfsDgPOsqxlX2HGJdhXm9GnGC-TBafSbSCrztICFgEwcyqc_iA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:22:22 GMT
age: 82867
etag: "0234fe32c84c4711f0619714f3ac6d3db1b717d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faeae6973-c3cb-4597-8dcc-f36e4cd35fda.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11469 bytes)
Hash
5529617b0748f2d8c82ef99c1ac116a8
a862b74508113ae72b56b9b3de0c75ba559b9032
376a82ae4a5b80f59fb746be79bca569b03a74c345845c7bbf15189964b0bb96

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faeae6973-c3cb-4597-8dcc-f36e4cd35fda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11469
x-amzn-requestid: f60a3f0d-38f7-4f82-bdd5-9e31814ab1d9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSuZGAXIAMFwuA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64c2-5b4b99e779a0aaa71a311a1c;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: El70-nSITf6MuEV19s_OMrwTcWIKO-u4JsghVUSzolero071AVGvjg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:38:28 GMT
age: 85501
etag: "a862b74508113ae72b56b9b3de0c75ba559b9032"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

cfiprovidencia.com/ta/images/certificacionesCalidad.jpg

167.114.11.220

404 Not Found

23 kB

URL HTTP/2
cfiprovidencia.com/ta/images/certificacionesCalidad.jpg
IP
167.114.11.220:0
ASN
#16276 OVH SAS

File type
data
Size
23 kB (22684 bytes)
Hash
58deab0d34f075a400df538a0df1db43
1441603d67f9cd260d0d85adb341ddc057abc112
32e65799f33bc05eef152d68e3db3d7e907ab59a9575fdaea5d8b0b15df23156

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /ta/images/certificacionesCalidad.jpg HTTP/1.1
Host: cfiprovidencia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfiprovidencia.com/ta/index.php?QBOT.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html;charset=utf-8
date: Tue, 06 Dec 2022 21:23:26 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d0a4298298230aea5ddb15915a28de37
5a9a31ac970f2395aa12cd5038476d0f7ed42e10
1803a1821db5c4478725a6362f5dc7c8f4d4fce436b233e176ff793e5fc76cad

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:23:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cfiprovidencia.com/ta/js/jquery.js

167.114.11.220

404 Not Found

40 kB

URL HTTP/2
cfiprovidencia.com/ta/js/jquery.js
IP
167.114.11.220:0
ASN
#16276 OVH SAS

File type
data
Size
40 kB (40525 bytes)
Hash
c81dc95c7649a5ec5e356e92106ef8ca
cca46735fd2020744a7a374f5900409dc180b6c4
f4203ded5714f289a463b946a0ea6c0260e91838ed23d900468fb13dbfd8862a

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /ta/js/jquery.js HTTP/1.1
Host: cfiprovidencia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfiprovidencia.com/ta/index.php?QBOT.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html;charset=utf-8
date: Tue, 06 Dec 2022 21:23:26 GMT
server: Apache
X-Firefox-Spdy: h2

jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

216.58.207.234

200 OK

0 B

URL HTTP/2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
216.58.207.234:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Tue, 06 Dec 2022 21:23:29 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

216.58.207.234

200 OK

110 B

URL HTTP/2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
216.58.207.234:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
110 B (110 bytes)
Hash
5a4bc58bc423c1b50dd9eef934772870
312db4e62965fd33b22bb35b03af68f0bd543a2a
2ac04ffb675a99a5c6f516ee042f1a6d438d4afd73bcb989ead119b7d2eff129

HTTP Headers

POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1036
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 06 Dec 2022 21:23:29 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

connect.facebook.net/es_ES/sdk.js?hash=5fce3cb9af2a4fea3a2a3d818c0b4dc8

31.13.72.12

200 OK

87 kB

URL HTTP/2
connect.facebook.net/es_ES/sdk.js?hash=5fce3cb9af2a4fea3a2a3d818c0b4dc8
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (13192)
Size
87 kB (86957 bytes)
Hash
721a0b51620c83f0db626358db7d6005
6e15cf7755853d5715d610b4b92dea789c117b7e
e458b9068c895425a558058906a06f1ea2f998efa830c3db8d21c430d1aed0ca

HTTP Headers

GET /es_ES/sdk.js?hash=5fce3cb9af2a4fea3a2a3d818c0b4dc8 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cfiprovidencia.com
Connection: keep-alive
Referer: https://cfiprovidencia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: fb5ab6ba4a769aea95e8fcbe5f1606eb
etag: "b7df8f9051be46930b791941b7e85a0e"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Wed, 06 Dec 2023 19:31:07 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: choLUWIMg/DbYmNY231gBQ==
x-fb-debug: PKjvdHOclmuMRsdedC8wPoW7XZTz2bdV48tDMYrB97t1QaNh7fseP6yYB5hfSsc6K79XLHRCJQ6IRTZDjeJDYw==
priority: u=3,i
content-length: 86957
x-fb-trip-id: 1904183273
date: Tue, 06 Dec 2022 21:23:29 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
6ec2b1ddb9a299f7e44b2e6828a6b70f
90bf37b7b639e5307872f99a125f6417605ccb94
50c886b34c97383e70094db590e24db64b324298b43c772a5b5f1ae372051220

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 21:23:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 17:50:57 GMT
Expires: Sun, 11 Dec 2022 17:50:56 GMT
Etag: "90bf37b7b639e5307872f99a125f6417605ccb94"
Cache-Control: max-age=418646,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7758153bced20b45-OSL

cfiprovidencia.com/ta/js/bootstrap.min.js

167.114.11.220

404 Not Found

110 kB

URL HTTP/2
cfiprovidencia.com/ta/js/bootstrap.min.js
IP
167.114.11.220:0
ASN
#16276 OVH SAS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (497)
Size
110 kB (110473 bytes)
Hash
a511993688ab579439f594ce08db122d
5c7a0f483758315c99382c37c641c7184d2aafd1
3686c309e923254d187ef380e6bbaa6634e3dde9dcd18937be7f7ab4d0d22435

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /ta/js/bootstrap.min.js HTTP/1.1
Host: cfiprovidencia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfiprovidencia.com/ta/index.php?QBOT.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html;charset=utf-8
date: Tue, 06 Dec 2022 21:23:26 GMT
server: Apache
X-Firefox-Spdy: h2

app.bluecaribu.com/ScriptMatic/style/launcher.chatbot.ss

54.236.131.203

200 OK

7.5 kB

URL HTTP/1.1
app.bluecaribu.com/ScriptMatic/style/launcher.chatbot.ss
IP
54.236.131.203:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (7483), with no line terminators
Size
7.5 kB (7483 bytes)
Hash
313cbfec8be003e0b302ad5e32c76fe9
de5402f99f5f1ad194754d0a678998af65f6d243
f1d552ec5c1bf0484fd412f1edbe720cd77435756945f8117cdb0bc903c6e76b

HTTP Headers

GET /ScriptMatic/style/launcher.chatbot.ss HTTP/1.1
Host: app.bluecaribu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfiprovidencia.com/
Cookie: AWSELBCORS=65F7079B1A1F0A4E6F7C28D3DD0EA52136B74EC51A29DA4B1B4DEF009BCD684B5C6B706F168C159FD349064284486EB8384A783271EA67083C0F2D192A79502A69F45CA274
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/css;charset=UTF-8
Date: Tue, 06 Dec 2022 21:23:30 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Wed, 13 Jul 2022 09:16:59 GMT
Pragma: no-cache
Server: Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.1.33
Set-Cookie: bluecaibu_session=tv8hhr35odho5ob2rhnn65dmdrm06fj3; expires=Wed, 07-Dec-2022 01:23:30 GMT; Max-Age=14400; path=/; HttpOnly
X-Frame-Options: SAMEORIGIN
X-Powered-By: PHP/7.1.33
Content-Length: 7483
Connection: keep-alive

app.bluecaribu.com/ScriptMatic/style/ws.launcher.ss

54.236.131.203

200 OK

4.5 kB

URL HTTP/1.1
app.bluecaribu.com/ScriptMatic/style/ws.launcher.ss
IP
54.236.131.203:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (4490), with no line terminators
Size
4.5 kB (4490 bytes)
Hash
055484abc5e6a005e89a8da44b185840
b4d6562c9d1acdf38fded316f7856486d31da2d6
4b43a1b15ec3c343c3b363eb1fb3dbdb095c52c55dd1f5a59e4fb6d73c1583a8

HTTP Headers

GET /ScriptMatic/style/ws.launcher.ss HTTP/1.1
Host: app.bluecaribu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfiprovidencia.com/
Cookie: AWSELBCORS=65F7079B1A1F0A4E6F7C28D3DD0EA52136B74EC51A29DA4B1B4DEF009BCD684B5C6B706F168C159FD349064284486EB8384A783271EA67083C0F2D192A79502A69F45CA274
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/css;charset=UTF-8
Date: Tue, 06 Dec 2022 21:23:30 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Wed, 12 Jan 2022 11:48:05 GMT
Pragma: no-cache
Server: Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.1.33
Set-Cookie: bluecaibu_session=75sc7gbrrpr1i862u9065q03e6knqraq; expires=Wed, 07-Dec-2022 01:23:30 GMT; Max-Age=14400; path=/; HttpOnly
X-Frame-Options: SAMEORIGIN
X-Powered-By: PHP/7.1.33
Content-Length: 4490
Connection: keep-alive

fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2

142.250.74.35

200 OK

13 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
gzip compressed data, max compression\012- data
Size
13 kB (13341 bytes)
Hash
49302c80b9e7d0f31725fd9f680efe4d
d1268a2724e2a46a0af9b2d4a8aad4fd77cc05d6
39c0901b90eced79804ca843aa0201e0110a0c55abdfd57baa3e35546ee7c0dc

HTTP Headers

GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cfiprovidencia.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12708
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Dec 2022 14:42:14 GMT
expires: Sun, 03 Dec 2023 14:42:14 GMT
cache-control: public, max-age=31536000
age: 283276
last-modified: Mon, 11 Jul 2022 18:55:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

app.bluecaribu.com/app/views/V2/img/whatsapp/ws-logo-h.png

54.236.131.203

200 OK

7.2 kB

URL HTTP/1.1
app.bluecaribu.com/app/views/V2/img/whatsapp/ws-logo-h.png
IP
54.236.131.203:0
ASN
#14618 AMAZON-AES

File type
PNG image data, 86 x 86, 8-bit/color RGBA, non-interlaced\012- data
Size
7.2 kB (7247 bytes)
Hash
5326cf16eda767781844aecdb8d0facd
35c752431c9090c83dd5fecb865d9ee0fab176d2
65faff3cc8dbc6d72904280322ee8b6f1e5e8a7b53012379294b684028b8a5a9

HTTP Headers

GET /app/views/V2/img/whatsapp/ws-logo-h.png HTTP/1.1
Host: app.bluecaribu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfiprovidencia.com/
Cookie: AWSELBCORS=65F7079B1A1F0A4E6F7C28D3DD0EA52136B74EC51A29DA4B1B4DEF009BCD684B5C6B706F168C159FD349064284486EB8384A783271EA67083C0F2D192A79502A69F45CA274
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: image/png
Date: Tue, 06 Dec 2022 21:23:30 GMT
ETag: "1c4f-5d565559b8ab0"
Last-Modified: Wed, 12 Jan 2022 16:48:08 GMT
Server: Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.1.33
Content-Length: 7247
Connection: keep-alive

app.bluecaribu.com/ScriptMatic/script/whatsapp.js

54.236.131.203

200 OK

18 kB

URL HTTP/1.1
app.bluecaribu.com/ScriptMatic/script/whatsapp.js
IP
54.236.131.203:0
ASN
#14618 AMAZON-AES

File type
Unicode text, UTF-8 text, with very long lines (17797), with no line terminators
Size
18 kB (17822 bytes)
Hash
b55c625dccc1cc90242b0812ef6c96d5
f3dcc67714aa74ab4a5c2b0d9f0e9fbcf756a4c1
a1258b047cea65fccf3cb70b5abfc17318659df38e8a239b06b593ae3544e085

HTTP Headers

GET /ScriptMatic/script/whatsapp.js HTTP/1.1
Host: app.bluecaribu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfiprovidencia.com/
Cookie: AWSELBCORS=65F7079B1A1F0A4E6F7C28D3DD0EA52136B74EC51A29DA4B1B4DEF009BCD684B5C6B706F168C159FD349064284486EB8384A783271EA67083C0F2D192A79502A69F45CA274
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/javascript;charset=UTF-8
Date: Tue, 06 Dec 2022 21:23:30 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Wed, 11 May 2022 12:18:38 GMT
Pragma: no-cache
Server: Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.1.33
Set-Cookie: bluecaibu_session=a7b2nbj5in6v7ejkamo44osflo1ckjj9; expires=Wed, 07-Dec-2022 01:23:30 GMT; Max-Age=14400; path=/; HttpOnly
X-Frame-Options: SAMEORIGIN
X-Powered-By: PHP/7.1.33
transfer-encoding: chunked
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
3f4ef8a54bffe08abfd72fbbe3b259e8
28770087be63936aabfdd9d802739767c8fca454
642f68596c1c285397713d2b1147f77a94a5e2eadcb8b18632133f1f87276639

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5181
Cache-Control: max-age=88074
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:23:30 GMT
Etag: "638e539f-118"
Expires: Wed, 07 Dec 2022 21:51:24 GMT
Last-Modified: Mon, 05 Dec 2022 20:25:03 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 280

cdnjs.cloudflare.com/ajax/libs/tinycolor/1.4.1/tinycolor.min.js

104.17.25.14

200 OK

4.6 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/tinycolor/1.4.1/tinycolor.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (14680)
Size
4.6 kB (4634 bytes)
Hash
83cb14e6d61d0c0154059ea63a4e5752
a0877c71732666f859715a0c911f560aa40d765c
61ccd9f3a09e4a6197fb9a61f308d1baf91a1108e63ac1eec725ab71954f6529

HTTP Headers

GET /ajax/libs/tinycolor/1.4.1/tinycolor.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfiprovidencia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Dec 2022 21:23:30 GMT
content-type: application/javascript; charset=utf-8
content-length: 4634
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ffd-3982"
last-modified: Mon, 04 May 2020 16:17:01 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 401180
expires: Sun, 26 Nov 2023 21:23:30 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qqs4oEqLayl539PqHEPUrBFYLbAixSKCii%2BEH2x%2F1UqzhTqqhdabnP01T5kItyJ7g26UoEuR7iF4P64Rw%2BG5cPai%2BsHxwYm62r5kJAhi7%2FBPVUu0x3ei0BcFzpMD0ZJjAQp6xYRO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 775815458babb505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
3f4ef8a54bffe08abfd72fbbe3b259e8
28770087be63936aabfdd9d802739767c8fca454
642f68596c1c285397713d2b1147f77a94a5e2eadcb8b18632133f1f87276639

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5181
Cache-Control: max-age=88074
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:23:30 GMT
Etag: "638e539f-118"
Expires: Wed, 07 Dec 2022 21:51:24 GMT
Last-Modified: Mon, 05 Dec 2022 20:25:03 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 280

code.jquery.com/jquery-2.2.4.min.js

69.16.175.10

200 OK

30 kB

URL HTTP/2
code.jquery.com/jquery-2.2.4.min.js
IP
69.16.175.10:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (32065)
Size
30 kB (29811 bytes)
Hash
82885772205f23cd59e25a221521b059
96ed36f45544295f28df1ab251e7e38faceeff0e
8e85465daae15b31a1837a4112cf920c1eeec7a5c189595651b3a53cb9b97215

HTTP Headers

GET /jquery-2.2.4.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfiprovidencia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Dec 2022 21:23:30 GMT
content-encoding: gzip
content-length: 29811
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-14e4a"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1670361810.dop017.sk1.t,1670361810.cds211.sk1.hn,1670361810.cds214.sk1.c
X-Firefox-Spdy: h2

www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df33fd64522925%26domain%3Dcfiprovidencia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcfiprovidencia.com%252Ff1804f7b969cef6%26relation%3Dparent.parent&container_width=486&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FCFIProvidencia%2F&locale=es_ES&sdk=joey&show_facepile=false&small_header=false&tabs=timeline&width=250

31.13.72.36

200 OK

22 kB

URL HTTP/2
www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df33fd64522925%26domain%3Dcfiprovidencia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcfiprovidencia.com%252Ff1804f7b969cef6%26relation%3Dparent.parent&container_width=486&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FCFIProvidencia%2F&locale=es_ES&sdk=joey&show_facepile=false&small_header=false&tabs=timeline&width=250
IP
31.13.72.36:0
ASN
#32934 FACEBOOK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (20137)
Size
22 kB (22214 bytes)
Hash
66c2b32eeaa49e62cbfe2f412467e0cc
46baf9f6e41c53c0c1ffd4ffd02ec22b4c487428
a2a99e67b9f334a1e895c2f2e8e2a0d41047523acf4f462d11d3c5f148fcaa3a

HTTP Headers

GET /v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df33fd64522925%26domain%3Dcfiprovidencia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcfiprovidencia.com%252Ff1804f7b969cef6%26relation%3Dparent.parent&container_width=486&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FCFIProvidencia%2F&locale=es_ES&sdk=joey&show_facepile=false&small_header=false&tabs=timeline&width=250 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfiprovidencia.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
facebook-api-version: v9.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: XLVCJJyN3ANClBzQxf+NCR1z7QGV99W6+Ikc2ExxfJIehM2ZTWKe/TwLGuE+cHcQ1njsSVMYJag23Eim9DDosA==
date: Tue, 06 Dec 2022 21:23:30 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f52b232d3c6%26domain%3Dcfiprovidencia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcfiprovidencia.com%252Ff1804f7b969cef6%26relation%3Dparent.parent&container_width=486&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FCFIProvidencia%2F&locale=es_ES&sdk=joey&show_facepile=false&small_header=false&tabs=timeline&width=500

31.13.72.36

200 OK

24 kB

URL HTTP/2
www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f52b232d3c6%26domain%3Dcfiprovidencia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcfiprovidencia.com%252Ff1804f7b969cef6%26relation%3Dparent.parent&container_width=486&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FCFIProvidencia%2F&locale=es_ES&sdk=joey&show_facepile=false&small_header=false&tabs=timeline&width=500
IP
31.13.72.36:0
ASN
#32934 FACEBOOK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (20494)
Size
24 kB (24532 bytes)
Hash
97fd720cdefed4dea315181626aeff0a
ac12b72c2e5a7aec563709217711b7543367ec96
b12c820893e207b74e8a4633f6be64a211a81e22527fc4e3dc59908e66a4ee0b

HTTP Headers

GET /v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f52b232d3c6%26domain%3Dcfiprovidencia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcfiprovidencia.com%252Ff1804f7b969cef6%26relation%3Dparent.parent&container_width=486&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FCFIProvidencia%2F&locale=es_ES&sdk=joey&show_facepile=false&small_header=false&tabs=timeline&width=500 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfiprovidencia.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
facebook-api-version: v9.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: AJZdA5jAgd8iqrEH+JOTQGKvMDv/nxuC0jNYfqlHHuGtUJ+GIAI3SL7He+sldcnQz6tHUbFQYu0uU+wAGHWGRw==
date: Tue, 06 Dec 2022 21:23:30 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.xx.fbcdn.net/rsrc.php/v3/yn/l/0,cross/-HGPTKcj37t.css?_nc_x=Ij3Wp8lg5Kz

31.13.72.12

200 OK

830 B

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3/yn/l/0,cross/-HGPTKcj37t.css?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (724)
Size
830 B (830 bytes)
Hash
d63a02ce87c07ffcfa869fef7fc5f233
cae745fef84088abe3525bb77f75c55cd1d4cc2c
bf9d4d71541a0a1f31b10be351add847ee935da6de355756314c8ca96512444d

HTTP Headers

GET /rsrc.php/v3/yn/l/0,cross/-HGPTKcj37t.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 01 Dec 2023 15:32:35 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 1joCzofAf/z6hp/vf8XyMw==
x-fb-debug: KXJN8lrki5yL3gkzZNmlm2Aa72min4K4juqQH540tx20GYGPkG5FzIsAbBTGj2R4nS974BGprxYpblGqaixX1g==
priority: u=3,i
content-length: 830
x-fb-trip-id: 1904183273
date: Tue, 06 Dec 2022 21:23:30 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.xx.fbcdn.net/rsrc.php/v3/yE/l/0,cross/T1wKK3jZYly.css?_nc_x=Ij3Wp8lg5Kz

31.13.72.12

200 OK

5.1 kB

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3/yE/l/0,cross/T1wKK3jZYly.css?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (4431)
Size
5.1 kB (5060 bytes)
Hash
54533a07b784a4e82f5a93d7d56c60a3
090ec48e7af4fcdf871cf9402b43c5d782bcb18f
26b48979519acdb0b5642959c5964cd7979918bfaacd4a8b63a795ceb36b259c

HTTP Headers

GET /rsrc.php/v3/yE/l/0,cross/T1wKK3jZYly.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 06 Dec 2023 17:41:05 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: VFM6B7eEpOgvWpPX1Wxgow==
x-fb-debug: 70LjdRAP6HkvKhF9n9dbDTqi0GDv76QhAV4tr4lFNYFbsaXwys1cf/doMAxyP8gnQU8RLurW9O6ChWpvjb+Vfw==
priority: u=3,i
content-length: 5060
x-fb-trip-id: 1904183273
date: Tue, 06 Dec 2022 21:23:30 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

app.bluecaribu.com/ScriptMatic/script/chatbot.js

54.236.131.203

200 OK

29 kB

URL HTTP/1.1
app.bluecaribu.com/ScriptMatic/script/chatbot.js
IP
54.236.131.203:0
ASN
#14618 AMAZON-AES

File type
Unicode text, UTF-8 text, with very long lines (28607), with no line terminators
Size
29 kB (28614 bytes)
Hash
2c7536b47bc5139f9203678bcddc507d
eeb38ad742b607463cabfa8a5d5a3e06887e4a68
59fb31b289415a39b6ec379c1067225197f01d82a529082691758adcdff36ee5

HTTP Headers

GET /ScriptMatic/script/chatbot.js HTTP/1.1
Host: app.bluecaribu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfiprovidencia.com/
Cookie: AWSELBCORS=65F7079B1A1F0A4E6F7C28D3DD0EA52136B74EC51A29DA4B1B4DEF009BCD684B5C6B706F168C159FD349064284486EB8384A783271EA67083C0F2D192A79502A69F45CA274
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/javascript;charset=UTF-8
Date: Tue, 06 Dec 2022 21:23:30 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 24 Oct 2022 15:27:04 GMT
Pragma: no-cache
Server: Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.1.33
Set-Cookie: bluecaibu_session=inu3tcnjejebfpb2ndfijsj62jd6r49c; expires=Wed, 07-Dec-2022 01:23:30 GMT; Max-Age=14400; path=/; HttpOnly
X-Frame-Options: SAMEORIGIN
X-Powered-By: PHP/7.1.33
transfer-encoding: chunked
Connection: keep-alive

static.xx.fbcdn.net/rsrc.php/v3/yo/r/LWFrgKrNwhY.js?_nc_x=Ij3Wp8lg5Kz

31.13.72.12

200 OK

84 kB

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3/yo/r/LWFrgKrNwhY.js?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (18622)
Size
84 kB (84287 bytes)
Hash
cb7c783bcaa922e8b1c8c5c84aed650e
eb890c37176119f62e9f4b7ed26ddd25e1caadf0
cc37e5eb9c0f4114fbfe1f29bfa5dad286f940f9bc11de311d907a5dc17174b4

HTTP Headers

GET /rsrc.php/v3/yo/r/LWFrgKrNwhY.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 05 Dec 2023 22:37:51 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: y3x4O8qpIuixyMXISu1lDg==
x-fb-debug: UXRbinCQ0jCYpuFAL49nzTE6bFsXH1JwBy6nB0HiZrKc7/fhV2n3Jqtj5Ajf5ZOdohq6V4ItC00MC9IHTWy6rQ==
priority: u=2
content-length: 84287
x-fb-trip-id: 1904183273
date: Tue, 06 Dec 2022 21:23:30 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.xx.fbcdn.net/rsrc.php/v3/yH/r/att8vh4fKZW.js?_nc_x=Ij3Wp8lg5Kz

31.13.72.12

200 OK

1.8 kB

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3/yH/r/att8vh4fKZW.js?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (1984)
Size
1.8 kB (1847 bytes)
Hash
3eec5e9a11ba7da3a0f8cd0af8b4bdcb
462922ace2e24121fb02f42966abb8004b24c98c
92e829ebf854a5a759b0f718ea0f31b4870e1dbbd7f09e8c2e1cac0b21e6d69c

HTTP Headers

GET /rsrc.php/v3/yH/r/att8vh4fKZW.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 30 Nov 2023 17:47:11 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: PuxemhG6faOg+M0K+LS9yw==
x-fb-debug: NBMcg3HhaeYN36UeWhUniQQftYkPs9SBDvWKRZCaTKNc4rGO54UzpthVZTDcKygnlKRpJ/Slfvgqq8RVLetIGA==
priority: u=1,i
content-length: 1847
x-fb-trip-id: 1904183273
date: Tue, 06 Dec 2022 21:23:30 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.xx.fbcdn.net/rsrc.php/v3/yR/r/bPhRbIw5d4Y.js?_nc_x=Ij3Wp8lg5Kz

31.13.72.12

200 OK

16 kB

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3/yR/r/bPhRbIw5d4Y.js?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
C source, ASCII text, with very long lines (8741)
Size
16 kB (16232 bytes)
Hash
c92ef94e30a2dd9473fd9fe533472b73
97049e47de026939c75a885df9e8bb0fb56515ba
f2981c7109e60cf9f5a9e846a25800dbec20a923db028f310b6feb79415650bb

HTTP Headers

GET /rsrc.php/v3/yR/r/bPhRbIw5d4Y.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 01 Dec 2023 16:05:39 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: yS75TjCi3ZRz/Z/lM0crcw==
x-fb-debug: wDsTlr8aZiOvVvXv/fhvZPJj0kaU7nWKo2BrLLKLGWDuUT2i+dju7G+ZqG/pXOk6JXxZwN+15wFpLBRmrMErxg==
content-length: 16232
x-fb-trip-id: 1904183273
date: Tue, 06 Dec 2022 21:23:30 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.xx.fbcdn.net/rsrc.php/v3iLA-4/yy/l/es_ES/m3C9wUm7Rze.js?_nc_x=Ij3Wp8lg5Kz

31.13.72.12

200 OK

8.3 kB

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3iLA-4/yy/l/es_ES/m3C9wUm7Rze.js?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (2905)
Size
8.3 kB (8325 bytes)
Hash
a2c1717d7a2e7838a907d431122a71cd
77ec9ac4148202505bb55b537e5eea15d1000f10
8a9aac3fe81d4a8b69406d13c0f0784cf09a9a88b870055dae34b5d56b982a6c

HTTP Headers

GET /rsrc.php/v3iLA-4/yy/l/es_ES/m3C9wUm7Rze.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 01 Dec 2023 14:47:04 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: osFxfXoueDipB9QxEipxzQ==
x-fb-debug: i3WeHnylBg9RCbdcCXQGWosvW1Sur8h55gvMPvyDV5HNCiPNZuHuRU5PFCIvG0tr/eclAWv5RMHebQ1AStQ7tw==
content-length: 8325
x-fb-trip-id: 1904183273
date: Tue, 06 Dec 2022 21:23:30 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.xx.fbcdn.net/rsrc.php/v3/yM/r/7aTLu0Wi8bl.js?_nc_x=Ij3Wp8lg5Kz

31.13.72.12

200 OK

8.9 kB

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3/yM/r/7aTLu0Wi8bl.js?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (9898)
Size
8.9 kB (8896 bytes)
Hash
d0c5cc0af3ab5f174efddeab8ba6c539
b38871ec366764ca2e4fb4b9ff7758d93dde1548
396b9140fffadcc27247332d80fef3bc833962c113b1bdbb881465cacee39b97

HTTP Headers

GET /rsrc.php/v3/yM/r/7aTLu0Wi8bl.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 06 Dec 2023 17:37:35 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 0MXMCvOrXxdO/d6ri6bFOQ==
x-fb-debug: b9zFPHqIpHLPc4Y6EHApXErs8ZYvzzbMJcd1mzpS1moq/b27iWeYp6/Rq8atwHIGfTb8U+oSRvWguKulk9wbGQ==
content-length: 8896
x-fb-trip-id: 1904183273
date: Tue, 06 Dec 2022 21:23:30 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

31.13.72.12

200 OK

293 B

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (327)
Size
293 B (293 bytes)
Hash
2f913d812811ef7e6fca30334c5972e2
d17caaa167443dc08696c672380f237e0db3fb02
ee8918a2f5d163099104b70f79065abc8fd309e69add57170546f2706956eef8

HTTP Headers

GET /rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 01 Dec 2023 17:31:14 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: L5E9gSgR735vyjAzTFly4g==
x-fb-debug: Mi8PL4H5E/9pfqNtwypCFzDPfDwBnFWxcncWkaAIuFBclGJ2QIRIBhpIZpm+YniwdTw6bhOZ0dIuQGY8KeTlVg==
priority: u=3,i
content-length: 293
x-fb-trip-id: 1904183273
date: Tue, 06 Dec 2022 21:23:30 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.xx.fbcdn.net/rsrc.php/v3iZsU4/yi/l/es_ES/sdLyto6-v_-.js?_nc_x=Ij3Wp8lg5Kz

31.13.72.12

200 OK

23 kB

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3iZsU4/yi/l/es_ES/sdLyto6-v_-.js?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (42127)
Size
23 kB (23439 bytes)
Hash
d97b44bd29b191ae2da4efdf0522a40a
a8c459e6f3328386c4d72b6e04c05d3e8753e4ea
cdc4fcbfb2f68ed64803eccb4051d630b388357d3c168882c932413c38fb4252

HTTP Headers

GET /rsrc.php/v3iZsU4/yi/l/es_ES/sdLyto6-v_-.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 03 Dec 2023 16:42:29 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 2XtEvSmxka4tpO/fBSKkCg==
x-fb-debug: EREPUXUN8RFHnzr2rRCK9givLploELydw6kQm1rDuNKsIcMeUFUGQv3XfFJt9+AeYFNB9YoiC8NExqI7T45+ig==
priority: u=3,i
content-length: 23439
x-fb-trip-id: 1904183273
date: Tue, 06 Dec 2022 21:23:30 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.xx.fbcdn.net/rsrc.php/v3/yX/r/JYOpIVwZVr3.js?_nc_x=Ij3Wp8lg5Kz

31.13.72.12

200 OK

7.2 kB

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3/yX/r/JYOpIVwZVr3.js?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (4057)
Size
7.2 kB (7183 bytes)
Hash
72ce84f8c50139151a20bf5471e26955
ddb1cf4f30d5935149c5eb1cd2ab799002bd9c73
abee72daf709c744bfa59f68193be9899d5a80eb72874965dfa3ec373c861973

HTTP Headers

GET /rsrc.php/v3/yX/r/JYOpIVwZVr3.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 29 Nov 2023 19:00:41 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: cs6E+MUBORUaIL9UceJpVQ==
x-fb-debug: mx2jZo1rWki9ij4/YXmVJc85Cpe+pyppCQcW1gfgTZO1JWJ8RECeXp/VT7O5OloYfPMFXo2MZ56l8xyH4QErPQ==
content-length: 7183
x-fb-trip-id: 1904183273
date: Tue, 06 Dec 2022 21:23:30 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

108.157.217.47

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
108.157.217.47:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
14b134429c33d82d8be2ca2d852c461b
434f506a1b6b791573f097f06858105ef74220ea
a1b28da4676b78ee4564cc6c94eba11e3f52d1c9e213ec3161c3e99b17ef607a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=151076
Date: Tue, 06 Dec 2022 21:23:31 GMT
Etag: "638f484f-1d7"
Expires: Thu, 08 Dec 2022 15:21:27 GMT
Last-Modified: Tue, 06 Dec 2022 13:49:03 GMT
Server: ECS (bsa/EB1C)
X-Cache: Miss from cloudfront
Via: 1.1 d7969a7dfe0a063d186d3c72531d67be.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN56-P1
X-Amz-Cf-Id: fQm6Qlj4MmwBqdbeSkgmxGjfNa5T6NYnZ_K1es2iYharYUgb1t5Lkw==
Age: 5544

www.googletagmanager.com/gtag/js?id=AW-633734239&_=1670361810726

172.217.21.168

200 OK

53 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=AW-633734239&_=1670361810726
IP
172.217.21.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
53 kB (52881 bytes)
Hash
d38b2c8d4633d6621e1bae57066b021a
9311da57575e637ac7c5a8a5891e3300591f01bd
0ae7dcbe4deadceec3d6756ad121b727576e5d94e763522a010804f2f635918e

HTTP Headers

GET /gtag/js?id=AW-633734239&_=1670361810726 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfiprovidencia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 06 Dec 2022 21:23:31 GMT
expires: Tue, 06 Dec 2022 21:23:31 GMT
cache-control: private, max-age=900
last-modified: Tue, 06 Dec 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 52881
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

app.bluecaribu.com/ScriptMatic/style/ws.widget.ss

54.236.131.203

200 OK

6.7 kB

URL HTTP/1.1
app.bluecaribu.com/ScriptMatic/style/ws.widget.ss
IP
54.236.131.203:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (6656), with no line terminators
Size
6.7 kB (6656 bytes)
Hash
7afbe04f64bbc546cefaa52ff636ec17
698255cb8022978683fc57b8fbdd445075fde10b
1dca6dc00c99982743da053c61072fe32d4bdd93ff85eb22ac49fcd7dff14438

HTTP Headers

GET /ScriptMatic/style/ws.widget.ss HTTP/1.1
Host: app.bluecaribu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfiprovidencia.com/
Cookie: AWSELBCORS=65F7079B1A1F0A4E6F7C28D3DD0EA52136B74EC51A29DA4B1B4DEF009BCD684B5C6B706F168C159FD349064284486EB8384A783271EA67083C0F2D192A79502A69F45CA274
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/css;charset=UTF-8
Date: Tue, 06 Dec 2022 21:23:31 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Tue, 29 Mar 2022 09:49:33 GMT
Pragma: no-cache
Server: Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.1.33
Set-Cookie: bluecaibu_session=avkpk0623clpf83aaqasupr24i6tsi3n; expires=Wed, 07-Dec-2022 01:23:31 GMT; Max-Age=14400; path=/; HttpOnly
X-Frame-Options: SAMEORIGIN
X-Powered-By: PHP/7.1.33
Content-Length: 6656
Connection: keep-alive

code.jquery.com/ui/1.12.1/jquery-ui.min.js

69.16.175.10

200 OK

68 kB

URL HTTP/2
code.jquery.com/ui/1.12.1/jquery-ui.min.js
IP
69.16.175.10:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (32073)
Size
68 kB (67751 bytes)
Hash
f0bace743f1df1ed27e2fe6611e39946
e5f42b8d964a6bf9962b8a5e68a2b7cdeb9e59e2
ff0566efdda39b480ab9871deddb3358906449518c2db3c105aa0b461c3c742d

HTTP Headers

GET /ui/1.12.1/jquery-ui.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfiprovidencia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Dec 2022 21:23:31 GMT
content-encoding: gzip
content-length: 67751
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
accept-ranges: bytes
server: nginx
etag: W/"28feccc0-3dee4"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1670361811.dop017.sk1.t,1670361811.cds211.sk1.hn,1670361811.cds227.sk1.c
X-Firefox-Spdy: h2

app-blue-upload.s3.amazonaws.com/BOT/avatars/avatar24.png

54.231.130.129

200 OK

22 kB

URL HTTP/1.1
app-blue-upload.s3.amazonaws.com/BOT/avatars/avatar24.png
IP
54.231.130.129:0
ASN
#16509 AMAZON-02

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Size
22 kB (22121 bytes)
Hash
7b20b3ddc5083b03c6311e1ed6cd494b
6f3f6f27984fb3331198d3d11636062a37cb9286
07c046e3d4b5b2fb25c2557c5e7da9e0238a82eeb42336a6f999aa301e9cb251

HTTP Headers

GET /BOT/avatars/avatar24.png HTTP/1.1
Host: app-blue-upload.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfiprovidencia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: itfmVsw9Daz4kS/xgw5vYYZ6sSUfhVnr/VCQQ1tBKEf19FACzUsJkVbDD1UuB2j5AjKSm95l1U8=
x-amz-request-id: XGGJ4MCH6B8TM7CX
Date: Tue, 06 Dec 2022 21:23:32 GMT
Last-Modified: Mon, 08 Jun 2020 18:28:29 GMT
ETag: "7b20b3ddc5083b03c6311e1ed6cd494b"
x-amz-version-id: elVvpZhibhfhe6gL2cRZ0s_.GCllHHeW
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 22121

static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png

31.13.72.12

200 OK

573 B

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
PNG image data, 13 x 39, 8-bit colormap, non-interlaced\012- data
Size
573 B (573 bytes)
Hash
d3b686ff6004b431d5019e4b51a8cc0d
34ec288bdcad2eada81c75960439bf60b95eb285
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0

HTTP Headers

GET /rsrc.php/v3/yw/r/UXtr_j2Fwe-.png HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yE/l/0,cross/T1wKK3jZYly.css?_nc_x=Ij3Wp8lg5Kz
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
expires: Wed, 29 Nov 2023 02:36:29 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
x-fb-debug: KOuKppL33c02M1Y0MFQKhsHwNA+m4fKy0OcSO/I1W4KfMPC9JtzzBtZtMKyRL3YeKkUropEgrZKbbf62kbcFYQ==
priority: u=3,i
content-length: 573
x-fb-trip-id: 1904183273
date: Tue, 06 Dec 2022 21:23:31 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.xx.fbcdn.net/rsrc.php/v3/y3/r/6J_QyvBL291.js?_nc_x=Ij3Wp8lg5Kz

31.13.72.12

200 OK

52 kB

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3/y3/r/6J_QyvBL291.js?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (65400)
Size
52 kB (51750 bytes)
Hash
dce0bca3e535e4b69f560f734aff3ea9
d989bc6a21d67cc153c7c99fcd27347945cdfcc9
d5c088263c3cef9325694c4db0cb7fb497feb7ab7533e5e6bfdd4f1c2b9c64dd

HTTP Headers

GET /rsrc.php/v3/y3/r/6J_QyvBL291.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 06 Dec 2023 15:52:40 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 3OC8o+U15LafVg9zSv8+qQ==
x-fb-debug: 825PXA6YdPLtv2Jfx3lnLFI8yBzVpSJvHAnXar7X1bhN/ysf0T7pp/92BOuxwt/vR6YMZgDTeft+Cet4rwG7eQ==
content-length: 51750
x-fb-trip-id: 1904183273
date: Tue, 06 Dec 2022 21:23:31 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
013b65c5b52bb7855158194ff2024fb8
94eae308d8338735898e90536fc6ba076ff28cdd
bb5ab17efd81056c5f0ab03312011b63acb099c0e249364464391af52428098e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:23:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/pagead/1p-user-list/633734239/?random=1670361811162&cv=11&fst=1670360400000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=1&url=https%3A%2F%2Fcfiprovidencia.com%2Fta%2Findex.php%3FQBOT.zip&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2552975175&rmt_tld=1&ipr=y

142.250.74.131

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/633734239/?random=1670361811162&cv=11&fst=1670360400000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=1&url=https%3A%2F%2Fcfiprovidencia.com%2Fta%2Findex.php%3FQBOT.zip&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2552975175&rmt_tld=1&ipr=y
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/633734239/?random=1670361811162&cv=11&fst=1670360400000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=1&url=https%3A%2F%2Fcfiprovidencia.com%2Fta%2Findex.php%3FQBOT.zip&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2552975175&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfiprovidencia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 21:23:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

app.bluecaribu.com/ScriptMatic/style/botv2.ss

54.236.131.203

200 OK

6.3 kB

URL HTTP/1.1
app.bluecaribu.com/ScriptMatic/style/botv2.ss
IP
54.236.131.203:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (6307), with no line terminators
Size
6.3 kB (6307 bytes)
Hash
cd96f695ef1a5a04b0960125dafc9713
fd4eb87371687796588cf2e74b5233528354007e
457dbd60676d411c3f552f95da8a84208d6c571c674f44df33bd4dfa1501d4f6

HTTP Headers

GET /ScriptMatic/style/botv2.ss HTTP/1.1
Host: app.bluecaribu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfiprovidencia.com/
Cookie: AWSELBCORS=65F7079B1A1F0A4E6F7C28D3DD0EA52136B74EC51A29DA4B1B4DEF009BCD684B5C6B706F168C159FD349064284486EB8384A783271EA67083C0F2D192A79502A69F45CA274
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/css;charset=UTF-8
Date: Tue, 06 Dec 2022 21:23:31 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 13 Jun 2022 10:04:58 GMT
Pragma: no-cache
Server: Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.1.33
Set-Cookie: bluecaibu_session=aliho9enc7vok5q3o6mt1bof37kvcrl9; expires=Wed, 07-Dec-2022 01:23:31 GMT; Max-Age=14400; path=/; HttpOnly
X-Frame-Options: SAMEORIGIN
X-Powered-By: PHP/7.1.33
Content-Length: 6307
Connection: keep-alive

app.bluecaribu.com/ScriptMatic/style/assets.ss

54.236.131.203

200 OK

5.3 kB

URL HTTP/1.1
app.bluecaribu.com/ScriptMatic/style/assets.ss
IP
54.236.131.203:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (3599)
Size
5.3 kB (5291 bytes)
Hash
1899b3fb91437a06d4cd572753d6aca2
42d4bc99f3d9e075cf519b1cbf3292de560d74fd
f45658617808cda3ed19400f10cacaaa696d282e1504e2fec598bf69fe0a34a6

HTTP Headers

GET /ScriptMatic/style/assets.ss HTTP/1.1
Host: app.bluecaribu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfiprovidencia.com/
Cookie: AWSELBCORS=65F7079B1A1F0A4E6F7C28D3DD0EA52136B74EC51A29DA4B1B4DEF009BCD684B5C6B706F168C159FD349064284486EB8384A783271EA67083C0F2D192A79502A69F45CA274
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/css;charset=UTF-8
Date: Tue, 06 Dec 2022 21:23:31 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: 1642006085 GMT
Pragma: no-cache
Server: Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.1.33
Set-Cookie: bluecaibu_session=i2t8pqkfa9h76it10lsl01n9cdarm1fc; expires=Wed, 07-Dec-2022 01:23:31 GMT; Max-Age=14400; path=/; HttpOnly
X-Frame-Options: SAMEORIGIN
X-Powered-By: PHP/7.1.33
Content-Length: 5291
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
013b65c5b52bb7855158194ff2024fb8
94eae308d8338735898e90536fc6ba076ff28cdd
bb5ab17efd81056c5f0ab03312011b63acb099c0e249364464391af52428098e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:23:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

static.xx.fbcdn.net/rsrc.php/v3/yH/r/xgVgalBG80z.png

31.13.72.12

200 OK

1.3 kB

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3/yH/r/xgVgalBG80z.png
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
PNG image data, 24 x 24, 8-bit colormap, non-interlaced\012- data
Size
1.3 kB (1315 bytes)
Hash
ac1e1c4d6f16359701b059ed4e8246b4
ff19b30a3b3d8d1765c239b25dbc98cb3263786a
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb

HTTP Headers

GET /rsrc.php/v3/yH/r/xgVgalBG80z.png HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yE/l/0,cross/T1wKK3jZYly.css?_nc_x=Ij3Wp8lg5Kz
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: rB4cTW8WNZcBsFntToJGtA==
expires: Tue, 28 Nov 2023 04:48:41 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
x-fb-debug: gtUOUJ0qV1JkjvyW1vQJnj+jw0KCoR/euac7tb9XRK4U+BHIPLFg6yrjgqGjEXgoZYIaIo3Yb0IwcKo2FtwlvQ==
priority: u=3,i
content-length: 1315
x-fb-trip-id: 1904183273
date: Tue, 06 Dec 2022 21:23:31 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.xx.fbcdn.net/rsrc.php/v3/ya/r/OZcLupMIkEN.js?_nc_x=Ij3Wp8lg5Kz

31.13.72.12

200 OK

297 B

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3/ya/r/OZcLupMIkEN.js?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
data
Size
297 B (297 bytes)
Hash
943be6d878d5cec339e4cc5317f9a274
f5625038c0b4cb41d844f46defe9e17c9f3eba80
2dddaaea623660f01ed0a42da019c7a1f15f967971e3f569973b5c954facb637

HTTP Headers

GET /rsrc.php/v3/ya/r/OZcLupMIkEN.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: gixzAcHA/hBBjzjO9Ez8tQ==
expires: Mon, 27 Nov 2023 04:44:38 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
x-fb-debug: ugJzGC48+20yKaNbDP+iAF4qZX7EzQUTb/R31ifCcfiBm1L3q4mcJJkZzAPatSK9N+8mjp1ITWzNc0cwqI/8hg==
priority: u=3,i
content-length: 198
x-fb-trip-id: 1904183273
date: Tue, 06 Dec 2022 21:23:31 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cfiprovidencia.com/ta/images/logoBigbag.png

167.114.11.220

404 Not Found

0 B

URL HTTP/2
cfiprovidencia.com/ta/images/logoBigbag.png
IP
167.114.11.220:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /ta/images/logoBigbag.png HTTP/1.1
Host: cfiprovidencia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfiprovidencia.com/ta/index.php?QBOT.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html;charset=utf-8
date: Tue, 06 Dec 2022 21:23:26 GMT
server: Apache
X-Firefox-Spdy: h2

cfiprovidencia.com/ta/images/logo/ProtejerOficial.png

167.114.11.220

404 Not Found

0 B

URL HTTP/2
cfiprovidencia.com/ta/images/logo/ProtejerOficial.png
IP
167.114.11.220:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /ta/images/logo/ProtejerOficial.png HTTP/1.1
Host: cfiprovidencia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfiprovidencia.com/ta/index.php?QBOT.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html;charset=utf-8
date: Tue, 06 Dec 2022 21:23:26 GMT
server: Apache
X-Firefox-Spdy: h2

cfiprovidencia.com/ta/js/wow.js

167.114.11.220

404 Not Found

0 B

URL HTTP/2
cfiprovidencia.com/ta/js/wow.js
IP
167.114.11.220:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /ta/js/wow.js HTTP/1.1
Host: cfiprovidencia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfiprovidencia.com/ta/index.php?QBOT.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html;charset=utf-8
date: Tue, 06 Dec 2022 21:23:26 GMT
server: Apache
X-Firefox-Spdy: h2

cfiprovidencia.com/ta/images/categoriaIcfes.jpg

167.114.11.220

404 Not Found

0 B

URL HTTP/2
cfiprovidencia.com/ta/images/categoriaIcfes.jpg
IP
167.114.11.220:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /ta/images/categoriaIcfes.jpg HTTP/1.1
Host: cfiprovidencia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfiprovidencia.com/ta/index.php?QBOT.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html;charset=utf-8
date: Tue, 06 Dec 2022 21:23:26 GMT
server: Apache
X-Firefox-Spdy: h2

cfiprovidencia.com/ta/images/slider/sliderImagenExtAcaCFIP.jpg

167.114.11.220

404 Not Found

0 B

URL HTTP/2
cfiprovidencia.com/ta/images/slider/sliderImagenExtAcaCFIP.jpg
IP
167.114.11.220:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /ta/images/slider/sliderImagenExtAcaCFIP.jpg HTTP/1.1
Host: cfiprovidencia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfiprovidencia.com/ta/index.php?QBOT.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html;charset=utf-8
date: Tue, 06 Dec 2022 21:23:26 GMT
server: Apache
X-Firefox-Spdy: h2

cfiprovidencia.com/ta/images/logoProtejer.jpg

167.114.11.220

404 Not Found

0 B

URL HTTP/2
cfiprovidencia.com/ta/images/logoProtejer.jpg
IP
167.114.11.220:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /ta/images/logoProtejer.jpg HTTP/1.1
Host: cfiprovidencia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfiprovidencia.com/ta/index.php?QBOT.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html;charset=utf-8
date: Tue, 06 Dec 2022 21:23:26 GMT
server: Apache
X-Firefox-Spdy: h2

cfiprovidencia.com/ta/images/slider/videoCorto.mp4

167.114.11.220

404 Not Found

0 B

URL HTTP/2
cfiprovidencia.com/ta/images/slider/videoCorto.mp4
IP
167.114.11.220:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /ta/images/slider/videoCorto.mp4 HTTP/1.1
Host: cfiprovidencia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://cfiprovidencia.com/ta/index.php?QBOT.zip
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html;charset=utf-8
date: Tue, 06 Dec 2022 21:23:27 GMT
server: Apache
X-Firefox-Spdy: h2

cfiprovidencia.com/ta/css/animate.css

167.114.11.220

404 Not Found

0 B

URL HTTP/2
cfiprovidencia.com/ta/css/animate.css
IP
167.114.11.220:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /ta/css/animate.css HTTP/1.1
Host: cfiprovidencia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfiprovidencia.com/ta/index.php?QBOT.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html;charset=utf-8
date: Tue, 06 Dec 2022 21:23:26 GMT
server: Apache
X-Firefox-Spdy: h2

cfiprovidencia.com/ta/images/slider/posterVideo.jpg

167.114.11.220

404 Not Found

0 B

URL HTTP/2
cfiprovidencia.com/ta/images/slider/posterVideo.jpg
IP
167.114.11.220:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /ta/images/slider/posterVideo.jpg HTTP/1.1
Host: cfiprovidencia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfiprovidencia.com/ta/index.php?QBOT.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html;charset=utf-8
date: Tue, 06 Dec 2022 21:23:26 GMT
server: Apache
X-Firefox-Spdy: h2

cfiprovidencia.com/ta/images/logo/logoOficial.png

167.114.11.220

404 Not Found

0 B

URL HTTP/2
cfiprovidencia.com/ta/images/logo/logoOficial.png
IP
167.114.11.220:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /ta/images/logo/logoOficial.png HTTP/1.1
Host: cfiprovidencia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfiprovidencia.com/ta/index.php?QBOT.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html;charset=utf-8
date: Tue, 06 Dec 2022 21:23:26 GMT
server: Apache
X-Firefox-Spdy: h2

cfiprovidencia.com/ta/css/head-stilos.css

167.114.11.220

404 Not Found

0 B

URL HTTP/2
cfiprovidencia.com/ta/css/head-stilos.css
IP
167.114.11.220:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /ta/css/head-stilos.css HTTP/1.1
Host: cfiprovidencia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfiprovidencia.com/ta/index.php?QBOT.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html;charset=utf-8
date: Tue, 06 Dec 2022 21:23:26 GMT
server: Apache
X-Firefox-Spdy: h2

cfiprovidencia.com/ta/images/slider/sliderImagenColegio.jpg

167.114.11.220

404 Not Found

0 B

URL HTTP/2
cfiprovidencia.com/ta/images/slider/sliderImagenColegio.jpg
IP
167.114.11.220:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /ta/images/slider/sliderImagenColegio.jpg HTTP/1.1
Host: cfiprovidencia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfiprovidencia.com/ta/index.php?QBOT.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html;charset=utf-8
date: Tue, 06 Dec 2022 21:23:26 GMT
server: Apache
X-Firefox-Spdy: h2

cfiprovidencia.com/ta/images/duolingo-logo.jpg

167.114.11.220

404 Not Found

0 B

URL HTTP/2
cfiprovidencia.com/ta/images/duolingo-logo.jpg
IP
167.114.11.220:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /ta/images/duolingo-logo.jpg HTTP/1.1
Host: cfiprovidencia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfiprovidencia.com/ta/index.php?QBOT.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html;charset=utf-8
date: Tue, 06 Dec 2022 21:23:26 GMT
server: Apache
X-Firefox-Spdy: h2

cfiprovidencia.com/ta/images/cuadros2.png

167.114.11.220

404 Not Found

0 B

URL HTTP/2
cfiprovidencia.com/ta/images/cuadros2.png
IP
167.114.11.220:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /ta/images/cuadros2.png HTTP/1.1
Host: cfiprovidencia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfiprovidencia.com/ta/index.php?QBOT.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html;charset=utf-8
date: Tue, 06 Dec 2022 21:23:27 GMT
server: Apache
X-Firefox-Spdy: h2

unpkg.com/bootstrap-material-design@4.1.1/dist/css/bootstrap-material-design.min.css

104.16.126.175

200 OK

0 B

URL HTTP/2
unpkg.com/bootstrap-material-design@4.1.1/dist/css/bootstrap-material-design.min.css
IP
104.16.126.175:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bootstrap-material-design@4.1.1/dist/css/bootstrap-material-design.min.css HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cfiprovidencia.com
Connection: keep-alive
Referer: https://cfiprovidencia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Dec 2022 21:23:27 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Tue, 23 Jan 2018 14:37:41 GMT
etag: W/"6ae00-TDmIH9ntnxlp2o9g/Dhd3bTqORc"
via: 1.1 fly.io
fly-request-id: 01G4XM151M07WRP3D7P5N84N48-fra
cf-cache-status: HIT
age: 15805410
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77581530f907b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfiprovidencia.com/ta/css/normalize.css

167.114.11.220

404 Not Found

0 B

URL HTTP/2
cfiprovidencia.com/ta/css/normalize.css
IP
167.114.11.220:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /ta/css/normalize.css HTTP/1.1
Host: cfiprovidencia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfiprovidencia.com/ta/index.php?QBOT.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html;charset=utf-8
date: Tue, 06 Dec 2022 21:23:26 GMT
server: Apache
X-Firefox-Spdy: h2

cfiprovidencia.com/ta/images/slider/sliderEA.jpg

167.114.11.220

404 Not Found

0 B

URL HTTP/2
cfiprovidencia.com/ta/images/slider/sliderEA.jpg
IP
167.114.11.220:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /ta/images/slider/sliderEA.jpg HTTP/1.1
Host: cfiprovidencia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfiprovidencia.com/ta/index.php?QBOT.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html;charset=utf-8
date: Tue, 06 Dec 2022 21:23:26 GMT
server: Apache
X-Firefox-Spdy: h2

cfiprovidencia.com/ta/images/iconoCiudadEducativa.jpg

167.114.11.220

404 Not Found

0 B

URL HTTP/2
cfiprovidencia.com/ta/images/iconoCiudadEducativa.jpg
IP
167.114.11.220:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /ta/images/iconoCiudadEducativa.jpg HTTP/1.1
Host: cfiprovidencia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfiprovidencia.com/ta/index.php?QBOT.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html;charset=utf-8
date: Tue, 06 Dec 2022 21:23:26 GMT
server: Apache
X-Firefox-Spdy: h2

cfiprovidencia.com/ta/images/logo/prueba.png

167.114.11.220

404 Not Found

0 B

URL HTTP/2
cfiprovidencia.com/ta/images/logo/prueba.png
IP
167.114.11.220:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /ta/images/logo/prueba.png HTTP/1.1
Host: cfiprovidencia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfiprovidencia.com/ta/index.php?QBOT.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html;charset=utf-8
date: Tue, 06 Dec 2022 21:23:26 GMT
server: Apache
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Roboto
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Roboto HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfiprovidencia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Dec 2022 21:23:27 GMT
date: Tue, 06 Dec 2022 21:23:27 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cfiprovidencia.com/ta/css/footer-stilos.css

167.114.11.220

404 Not Found

0 B

URL HTTP/2
cfiprovidencia.com/ta/css/footer-stilos.css
IP
167.114.11.220:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /ta/css/footer-stilos.css HTTP/1.1
Host: cfiprovidencia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfiprovidencia.com/ta/index.php?QBOT.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html;charset=utf-8
date: Tue, 06 Dec 2022 21:23:26 GMT
server: Apache
X-Firefox-Spdy: h2

cfiprovidencia.com/ta/images/logo/logoOficial.png

167.114.11.220

404 Not Found

0 B

URL HTTP/2
cfiprovidencia.com/ta/images/logo/logoOficial.png
IP
167.114.11.220:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /ta/images/logo/logoOficial.png HTTP/1.1
Host: cfiprovidencia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfiprovidencia.com/ta/index.php?QBOT.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html;charset=utf-8
date: Tue, 06 Dec 2022 21:23:27 GMT
server: Apache
X-Firefox-Spdy: h2

cfiprovidencia.com/ta/index.php?QBOT.zip

167.114.11.220

404 Not Found

0 B

URL HTTP/2
cfiprovidencia.com/ta/index.php?QBOT.zip
IP
167.114.11.220:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /ta/index.php?QBOT.zip HTTP/1.1
Host: cfiprovidencia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 404 Not Found
content-type: text/html;charset=utf-8
date: Tue, 06 Dec 2022 21:23:26 GMT
server: Apache
X-Firefox-Spdy: h2

cfiprovidencia.com/ta/images/slider/imagenTalleresCFIP.jpg

167.114.11.220

404 Not Found

0 B

URL HTTP/2
cfiprovidencia.com/ta/images/slider/imagenTalleresCFIP.jpg
IP
167.114.11.220:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /ta/images/slider/imagenTalleresCFIP.jpg HTTP/1.1
Host: cfiprovidencia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfiprovidencia.com/ta/index.php?QBOT.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html;charset=utf-8
date: Tue, 06 Dec 2022 21:23:26 GMT
server: Apache
X-Firefox-Spdy: h2

cfiprovidencia.com/ta/images/imagenUaotecLogo.png

167.114.11.220

404 Not Found

0 B

URL HTTP/2
cfiprovidencia.com/ta/images/imagenUaotecLogo.png
IP
167.114.11.220:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /ta/images/imagenUaotecLogo.png HTTP/1.1
Host: cfiprovidencia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfiprovidencia.com/ta/index.php?QBOT.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html;charset=utf-8
date: Tue, 06 Dec 2022 21:23:26 GMT
server: Apache
X-Firefox-Spdy: h2

cfiprovidencia.com/ta/css/dashboard.css

167.114.11.220

404 Not Found

0 B

URL HTTP/2
cfiprovidencia.com/ta/css/dashboard.css
IP
167.114.11.220:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /ta/css/dashboard.css HTTP/1.1
Host: cfiprovidencia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfiprovidencia.com/ta/index.php?QBOT.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html;charset=utf-8
date: Tue, 06 Dec 2022 21:23:26 GMT
server: Apache
X-Firefox-Spdy: h2

cfiprovidencia.com/ta/images/slider/CFIP-INTEP-DIPAZUCAR2.jpg

167.114.11.220

404 Not Found

0 B

URL HTTP/2
cfiprovidencia.com/ta/images/slider/CFIP-INTEP-DIPAZUCAR2.jpg
IP
167.114.11.220:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /ta/images/slider/CFIP-INTEP-DIPAZUCAR2.jpg HTTP/1.1
Host: cfiprovidencia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cfiprovidencia.com/ta/index.php?QBOT.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html;charset=utf-8
date: Tue, 06 Dec 2022 21:23:26 GMT
server: Apache
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (177)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations