urlquery - report: maestrosantamaria.com/sot.php?e=cor1.zip

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
r3.o.lencr.org (8)	344	2020-12-02 08:52:13 UTC	2023-02-06 17:12:01 UTC	23.36.76.226
firefox.settings.services.mozilla.com (2)	867	2020-05-25 20:06:39 UTC	2023-02-06 17:12:30 UTC	35.241.9.150
content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03 12:26:46 UTC	2023-02-06 17:16:39 UTC	34.160.144.191
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2023-02-06 17:12:14 UTC	34.117.237.239
maestrosantamaria.com (13)	0	2021-06-22 15:07:45 UTC	2023-02-06 09:15:34 UTC	190.106.131.222	Unknown ranking
push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2023-02-06 17:15:43 UTC	35.83.200.106
img-getpocket.cdn.mozilla.net (6)	1631	2017-09-01 03:40:57 UTC	2023-02-06 18:30:00 UTC	34.120.237.76

Scan Date	Severity	Indicator	Comment
2023-02-07	2	maestrosantamaria.com/wp-content/themes/astra/assets/css/minified/main.min. (...)	Malware
2023-02-07	2	maestrosantamaria.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1	Malware
2023-02-07	2	maestrosantamaria.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1	Malware
2023-02-07	2	maestrosantamaria.com/wp-content/astra-local-fonts/astra-local-fonts.css?ve (...)	Malware
2023-02-07	2	maestrosantamaria.com/wp-content/astra-local-fonts/roboto/KFOmCnqEu92Fr1Mu4 (...)	Malware
2023-02-07	2	maestrosantamaria.com/wp-content/astra-local-fonts/barlow-semi-condensed/wl (...)	Malware
2023-02-07	2	maestrosantamaria.com/wp-content/astra-local-fonts/barlow-semi-condensed/wl (...)	Malware
2023-02-07	2	maestrosantamaria.com/wp-content/uploads/2022/12/cropped-logo-maestro-192x1 (...)	Malware
2023-02-07	2	maestrosantamaria.com/wp-content/uploads/2022/12/cropped-logo-maestro-32x32.webp	Malware

Scan Date	Severity	Indicator	Comment
2023-02-07	2	maestrosantamaria.com	Sinkholed
2023-02-07	2	maestrosantamaria.com	Sinkholed
2023-02-07	2	maestrosantamaria.com	Sinkholed
2023-02-07	2	maestrosantamaria.com	Sinkholed
2023-02-07	2	maestrosantamaria.com	Sinkholed
2023-02-07	2	maestrosantamaria.com	Sinkholed
2023-02-07	2	maestrosantamaria.com	Sinkholed
2023-02-07	2	maestrosantamaria.com	Sinkholed
2023-02-07	2	maestrosantamaria.com	Sinkholed
2023-02-07	2	maestrosantamaria.com	Sinkholed
2023-02-07	2	maestrosantamaria.com	Sinkholed
2023-02-07	2	maestrosantamaria.com	Sinkholed
2023-02-07	2	maestrosantamaria.com	Sinkholed

Date	UQ / IDS / BL	URL	IP
2023-02-17 19:46:17 +0000	0 - 2 - 3	maestrosantamaria.com/SOT.php?e=charts.zip	190.106.131.222
2023-02-09 16:34:33 +0000	0 - 0 - 2	maestrosantamaria.com/SOT.php?e=COR1.zip	190.106.131.222
2023-02-07 06:38:13 +0000	0 - 0 - 22	maestrosantamaria.com/sot.php?e=cor1.zip	190.106.131.222
2022-12-02 22:46:17 +0000	0 - 0 - 8	mail.sraguadevida.com/	190.106.131.222
2022-11-19 21:01:38 +0000	0 - 0 - 3	sraguadevida.com/eero/qakbot.zip	190.106.131.222

Date	UQ / IDS / BL	URL	IP
2023-03-22 17:32:09 +0000	0 - 1 - 1	dabate.com.ar/Files/Advanced%20IP%20Scanner%2 (...)	190.106.131.237
2023-03-21 10:10:18 +0000	0 - 0 - 31	endocirugia.com.ar/wp-includes/kl/linkedin_/l (...)	190.106.131.14
2023-02-17 19:46:17 +0000	0 - 2 - 3	maestrosantamaria.com/SOT.php?e=charts.zip	190.106.131.222
2023-02-14 16:30:24 +0000	6 - 0 - 35	recargates-onliness.republicaweb.net/Pluginss (...)	190.106.134.221
2023-02-09 16:34:33 +0000	0 - 0 - 2	maestrosantamaria.com/SOT.php?e=COR1.zip	190.106.131.222

Date	UQ / IDS / BL	URL	IP
2023-02-17 19:46:17 +0000	0 - 2 - 3	maestrosantamaria.com/SOT.php?e=charts.zip	190.106.131.222
2023-02-09 16:34:33 +0000	0 - 0 - 2	maestrosantamaria.com/SOT.php?e=COR1.zip	190.106.131.222
2023-02-07 06:38:13 +0000	0 - 0 - 22	maestrosantamaria.com/sot.php?e=cor1.zip	190.106.131.222

HTTP Transactions (32)

Request	Response
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D" Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12907 Expires: Tue, 07 Feb 2023 10:13:09 GMT Date: Tue, 07 Feb 2023 06:38:02 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 565c1bbc5c1c40be1988b3bf6fd9dc1a Sha1: cfdba5bc597130461dd67bf6cda53183be592493 Sha256: 60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 35cab3987fc0e4a41b305cb208c1e33fa38ce8bdfd9f386c3dc0411dd4d5ac61 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "35CAB3987FC0E4A41B305CB208C1E33FA38CE8BDFD9F386C3DC0411DD4D5AC61" Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4526 Expires: Tue, 07 Feb 2023 07:53:28 GMT Date: Tue, 07 Feb 2023 06:38:02 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: dca68db7aea32f6683ce8d542c078f04 Sha1: 19c495238df74fca680e21f18627ff94de5dd2e5 Sha256: 35cab3987fc0e4a41b305cb208c1e33fa38ce8bdfd9f386c3dc0411dd4d5ac61
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD" Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=20596 Expires: Tue, 07 Feb 2023 12:21:18 GMT Date: Tue, 07 Feb 2023 06:38:02 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: cc14b0d2f7c451f6431dc87ba54d1d60 Sha1: bab8bfda6fa3e2f17125353f5147211787dc25d0 Sha256: b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 35.241.9.150 HASH: 6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e 35.241.9.150 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Tue, 07 Feb 2023 06:36:30 GMT age: 92 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: bf0c602d32b3c14606f22a86183b5e3c Sha1: 6eabd8d83475eba731968abe1a05a8bfd272f160 Sha256: 6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: 78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: PrScNYXu4DEMuU65N0VYCFtHcDU+NCujtxsuhbXJmkPZodrMtWJNpl5bIRl6kaXOFRjuLCs2Guc= x-amz-request-id: 4GAANDK8YH90N14T content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Tue, 07 Feb 2023 06:35:25 GMT age: 157 last-modified: Sun, 29 Jan 2023 18:44:47 GMT etag: "e76071a28ee566dababb3834f46d68ed" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: e76071a28ee566dababb3834f46d68ed Sha1: aebb4e68c1ba2de0f90025283e8ed8470944fde0 Sha256: 78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Tue, 07 Feb 2023 06:38:02 GMT content-length: 12 vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-expose-headers: content-type access-control-allow-credentials: true strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 35.241.9.150 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 35.241.9.150 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Content-Length, Alert, Content-Type, Expires, Pragma, Retry-After, Last-Modified, ETag, Cache-Control, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Tue, 07 Feb 2023 06:07:20 GMT age: 1843 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /sot.php?e=cor1.zip HTTP/1.1 Host: maestrosantamaria.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: maestrosantamaria.com/sot.php?e=cor1.zip FQDN: maestrosantamaria.com IP: 190.106.131.222 HASH: b67f12fd2384d9cc1e189d79f0cbe2db959b9586a345b6ae9da11c574a800a15 190.106.131.222 HTTP/1.1 301 Moved Permanently Content-Type: text/html; charset=iso-8859-1 Date: Tue, 07 Feb 2023 06:38:02 GMT Server: Apache Location: https://maestrosantamaria.com/sot.php?e=cor1.zip Content-Length: 256 Keep-Alive: timeout=3, max=100 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 256 Md5: 5c82b4850aa7261fd02226efe4eb4f61 Sha1: e2c18e15ec4c4fa1f5cde4c0cdce39c8bd623d32 Sha256: b67f12fd2384d9cc1e189d79f0cbe2db959b9586a345b6ae9da11c574a800a15 Alerts: Blocklists: - quad9: Sinkholed
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA" Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3537 Expires: Tue, 07 Feb 2023 07:37:00 GMT Date: Tue, 07 Feb 2023 06:38:03 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 9b88bae61bca33aba8aa99f6128db8d9 Sha1: a07b61fb2458917699613fcae68710941b595416 Sha256: 54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: 4bUlLOmPF6y/K9Xu0yahCg== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 35.83.200.106 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 35.83.200.106 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: ai0Sas9JRNRC2kQUoTgBQdUgWy0= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19" Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6369 Expires: Tue, 07 Feb 2023 08:24:13 GMT Date: Tue, 07 Feb 2023 06:38:04 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 68273225f74fbf7493f395610d7a73fc Sha1: 5a8779ef5656aeeba23b365aad60b7901c5dd7fc Sha256: c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19" Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6369 Expires: Tue, 07 Feb 2023 08:24:13 GMT Date: Tue, 07 Feb 2023 06:38:04 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 68273225f74fbf7493f395610d7a73fc Sha1: 5a8779ef5656aeeba23b365aad60b7901c5dd7fc Sha256: c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19" Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6369 Expires: Tue, 07 Feb 2023 08:24:13 GMT Date: Tue, 07 Feb 2023 06:38:04 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 68273225f74fbf7493f395610d7a73fc Sha1: 5a8779ef5656aeeba23b365aad60b7901c5dd7fc Sha256: c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19" Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6369 Expires: Tue, 07 Feb 2023 08:24:13 GMT Date: Tue, 07 Feb 2023 06:38:04 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 68273225f74fbf7493f395610d7a73fc Sha1: 5a8779ef5656aeeba23b365aad60b7901c5dd7fc Sha256: c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32cb7a16-13bc-4d42-8e17-7be2a40cfc82.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 9b2b1f3e062fca74341d09540e44d2a02ec451b8349440ed5917073e8fab988d 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 6316 x-amzn-requestid: 1988058c-5aee-4964-9046-83a5f14a927d x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fwhjnFdxoAMFgpQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63dce2e3-5ec35d0d6bef4d4944c629c0;Sampled=0 x-amzn-remapped-date: Fri, 03 Feb 2023 10:33:07 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: Z9b1A_GpinQXvbA-g2PoKhVSNVd5gMrId0WUTmKSCkg-YAan1dtp-w== via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google date: Mon, 06 Feb 2023 22:21:35 GMT age: 29789 etag: "2e54c22fb83981e2690161cd521e4fc3998e9c16" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6316 Md5: c3cd20c6639e2b0d996fbbd7df2d4f47 Sha1: 2e54c22fb83981e2690161cd521e4fc3998e9c16 Sha256: 9b2b1f3e062fca74341d09540e44d2a02ec451b8349440ed5917073e8fab988d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F198b8ebd-22a2-44e4-af1d-3429fb3e64bb.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: a32b5df8fd6bea737e04679d05e9f0cc645cbe6d799329877e78f9e994a6eff6 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 12368 x-amzn-requestid: 218d5607-8914-4189-b54a-87800397fa67 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fmJ2aEYnIAMFWNg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d8bcf5-0245bba8207cdf9a5a580299;Sampled=0 x-amzn-remapped-date: Tue, 31 Jan 2023 07:02:13 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: GQtdjIY6JkJNL3UHzff9s4DOyG1f10BzA1-u9hTPjppunAlp-DL-IQ== via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google date: Tue, 07 Feb 2023 01:38:45 GMT age: 17959 etag: "8c258ac6de196f8c32f1af69e7a754da0610b090" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 12368 Md5: 08d66d83f1ae9acd6e442c4dcaed2a20 Sha1: 8c258ac6de196f8c32f1af69e7a754da0610b090 Sha256: a32b5df8fd6bea737e04679d05e9f0cc645cbe6d799329877e78f9e994a6eff6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd09b3928-4257-4aee-9978-7c13c20b5a23.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 39af3e630e0271b54139849c1b596efbdc69a23ce943e5330341d49f77798c7c 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 7183 x-amzn-requestid: 02695a8d-2ab8-4d77-bfbe-f99418d8ef00 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: f78YOGsyoAMF5wA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63e17434-2614cef4059e7fd5009cb46d;Sampled=0 x-amzn-remapped-date: Mon, 06 Feb 2023 21:42:12 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: 5wy_7Z30HRIcZufSPCTKu9UoJD1o_NDlhuyL5bvidDwbqC_3p99yYA== via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google date: Mon, 06 Feb 2023 21:44:57 GMT age: 31987 etag: "e6ff750f12836637adf5b253d64c2102fdf3c180" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7183 Md5: 92008e687831334af1cdbf4b8a57579f Sha1: e6ff750f12836637adf5b253d64c2102fdf3c180 Sha256: 39af3e630e0271b54139849c1b596efbdc69a23ce943e5330341d49f77798c7c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e47a0b9-4a27-4f39-8f25-f88789a2408f.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 8874083a529064657b18be58147ae7df5fe79c822c4bd2a023fdf3df7186a62e 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 3712 x-amzn-requestid: 44c7e7bd-1a95-49b6-9b0a-f8aff3725ded x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ftbOtH-lIAMF0xw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63dba591-2fb19c33646c3d327681e9f9;Sampled=0 x-amzn-remapped-date: Thu, 02 Feb 2023 11:59:13 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: ws42XiDa6w4O13v7obhNXNfA0QQIv03RG0Ze0IPrKWxxvsvUY2eCVg== via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google date: Mon, 06 Feb 2023 21:48:55 GMT age: 31749 etag: "db903b9a3f387c1510170f8d16dd4d289f7df83f" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 3712 Md5: 0594f78c4fdfed5dd2e0666312555f40 Sha1: db903b9a3f387c1510170f8d16dd4d289f7df83f Sha256: 8874083a529064657b18be58147ae7df5fe79c822c4bd2a023fdf3df7186a62e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09bdaec3-9afd-4cea-87ec-6adabc28a3e8.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: e5658ac599ca37e797637a596ca9b65c80c1053b2ce5dacc667ae3b8b1ce54a3 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 6384 x-amzn-requestid: 5f91a438-31d9-42ca-96b4-71344cc736c6 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: f77IcE2-oAMFbZA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63e17235-1ce1ebfa4e9ae6053434c48d;Sampled=0 x-amzn-remapped-date: Mon, 06 Feb 2023 21:33:41 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: ee3lrCu0ZcpPQ-tQiF3j59bjY0W_zFOKl2H__y_twSGGESxmir3JHg== via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google date: Mon, 06 Feb 2023 21:46:30 GMT age: 31894 etag: "7f016d87157a577e4ad4e4cf6c854a0489f8571a" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6384 Md5: 88178e0f623494e30ece4da4eed04d60 Sha1: 7f016d87157a577e4ad4e4cf6c854a0489f8571a Sha256: e5658ac599ca37e797637a596ca9b65c80c1053b2ce5dacc667ae3b8b1ce54a3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: d4493a30f62e9ad224b3595ba3af8a322e2d4a3d9238a1847973f962bdcc0c82 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 4227 x-amzn-requestid: b45f2ab7-0102-4542-9514-54fb93a0e27f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: f77sTH4jIAMFnsQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63e1731b-4a24bcb1102e58543cd81343;Sampled=0 x-amzn-remapped-date: Mon, 06 Feb 2023 21:37:31 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: V_4NzIAVBOZMjf_YIM3bowFdlP1y4peI5JI-jO105s3NVjmyYnC0Tg== via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google date: Mon, 06 Feb 2023 21:48:48 GMT age: 31756 etag: "83c9437e71a0a03b3e8ff652155a85eafa76cdda" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4227 Md5: eedb4de12585c70ddb5b8f94fe6a59e2 Sha1: 83c9437e71a0a03b3e8ff652155a85eafa76cdda Sha256: d4493a30f62e9ad224b3595ba3af8a322e2d4a3d9238a1847973f962bdcc0c82
GET /sot.php?e=cor1.zip HTTP/1.1 Host: maestrosantamaria.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	URL: maestrosantamaria.com/sot.php?e=cor1.zip FQDN: maestrosantamaria.com IP: 190.106.131.222 HASH: 9e5db0d8ae832d14eba5c7ed1633497cbe8e0bd7f05da5eb7f525605c6ff383f 190.106.131.222 HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Date: Tue, 07 Feb 2023 06:38:04 GMT Server: Apache X-Powered-By: PHP/8.0.26 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://maestrosantamaria.com/index.php/wp-json/>; rel="https://api.w.org/" Content-Encoding: gzip Vary: Accept-Encoding,User-Agent Connection: keep-alive, Keep-Alive Keep-Alive: timeout=3, max=100 Transfer-Encoding: chunked --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (45092), with CRLF, LF line terminators Size: 14053 Md5: f7cac996b927277d798a78f61cc3daed Sha1: 95d824cb4c24f60100b0f069c5cc8e2632a1a07d Sha256: 9e5db0d8ae832d14eba5c7ed1633497cbe8e0bd7f05da5eb7f525605c6ff383f Alerts: Blocklists: - quad9: Sinkholed
GET /wp-content/themes/astra/assets/css/minified/main.min.css?ver=3.9.4 HTTP/1.1 Host: maestrosantamaria.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://maestrosantamaria.com/sot.php?e=cor1.zip Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: maestrosantamaria.com/wp-content/themes/astra/assets/cs (...) FQDN: maestrosantamaria.com IP: 190.106.131.222 HASH: ba3d5a3d42ecb2692c10de1f2c68e752e84012b1129587416947f95d66c564b7 190.106.131.222 HTTP/1.1 200 OK Content-Type: text/css Date: Tue, 07 Feb 2023 06:38:10 GMT Server: Apache Last-Modified: Sat, 03 Dec 2022 04:05:26 GMT Accept-Ranges: bytes Vary: Accept-Encoding,User-Agent Content-Encoding: gzip Connection: keep-alive, Keep-Alive Content-Length: 8030 Keep-Alive: timeout=3, max=100 --- Additional Info --- Magic: ASCII text, with very long lines (38452) Size: 8030 Md5: 9a7d874836bbf33583506399f4716657 Sha1: b63c47798f1da8e194df165c06d645b5d40acd7d Sha256: ba3d5a3d42ecb2692c10de1f2c68e752e84012b1129587416947f95d66c564b7 Alerts: Blocklists: - fortinet: Malware - quad9: Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1 Host: maestrosantamaria.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://maestrosantamaria.com/sot.php?e=cor1.zip Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: maestrosantamaria.com/wp-includes/css/dist/block-librar (...) FQDN: maestrosantamaria.com IP: 190.106.131.222 HASH: c162f7de24fa2d4e93e0da254ef287ff72f4a3e03f42443265097968351388dc 190.106.131.222 HTTP/1.1 200 OK Content-Type: text/css Date: Tue, 07 Feb 2023 06:38:10 GMT Server: Apache Last-Modified: Tue, 13 Dec 2022 00:12:15 GMT Accept-Ranges: bytes Vary: Accept-Encoding,User-Agent Content-Encoding: gzip Connection: keep-alive, Keep-Alive Content-Length: 12518 Keep-Alive: timeout=3, max=99 --- Additional Info --- Magic: ASCII text, with very long lines (47826) Size: 12518 Md5: 8fa87dd23394a22621248ec378d2af59 Sha1: 9305bc637a89b1700d7f56a19a80bd32b0feb2f7 Sha256: c162f7de24fa2d4e93e0da254ef287ff72f4a3e03f42443265097968351388dc Alerts: Blocklists: - fortinet: Malware - quad9: Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1 Host: maestrosantamaria.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://maestrosantamaria.com/sot.php?e=cor1.zip Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: maestrosantamaria.com/wp-includes/js/wp-emoji-release.m (...) FQDN: maestrosantamaria.com IP: 190.106.131.222 HASH: dac86a9ce08e4d8cded47b4fa900a664b0c997d8910c2a1be54a423678925a41 190.106.131.222 HTTP/1.1 200 OK Content-Type: application/javascript Date: Tue, 07 Feb 2023 06:38:10 GMT Server: Apache Last-Modified: Tue, 13 Dec 2022 00:12:21 GMT Accept-Ranges: bytes Vary: Accept-Encoding,User-Agent Content-Encoding: gzip Connection: keep-alive, Keep-Alive Content-Length: 5009 Keep-Alive: timeout=3, max=100 --- Additional Info --- Magic: ASCII text, with very long lines (15660) Size: 5009 Md5: e6624e0b978e6ddba476be41aaaa82df Sha1: 822e920d8233072110ed7c8a7f379e5b13209b18 Sha256: dac86a9ce08e4d8cded47b4fa900a664b0c997d8910c2a1be54a423678925a41 Alerts: Blocklists: - fortinet: Malware - quad9: Sinkholed
GET /wp-content/astra-local-fonts/astra-local-fonts.css?ver=3.9.4 HTTP/1.1 Host: maestrosantamaria.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://maestrosantamaria.com/sot.php?e=cor1.zip Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: maestrosantamaria.com/wp-content/astra-local-fonts/astr (...) FQDN: maestrosantamaria.com IP: 190.106.131.222 HASH: f21b0193ba5ed29c0f97d83d85c4cf7b1a21a3c04ff743fdf732d4bf0fc620d9 190.106.131.222 HTTP/1.1 200 OK Content-Type: text/css Date: Tue, 07 Feb 2023 06:38:10 GMT Server: Apache Last-Modified: Sun, 04 Dec 2022 07:41:12 GMT Accept-Ranges: bytes Vary: Accept-Encoding,User-Agent Content-Encoding: gzip Connection: keep-alive, Keep-Alive Content-Length: 682 Keep-Alive: timeout=3, max=100 --- Additional Info --- Magic: ASCII text Size: 682 Md5: 96ef668182e6753756f269f46336a861 Sha1: 60f8314a1157122e4cb6be2372464b59bb9e052a Sha256: f21b0193ba5ed29c0f97d83d85c4cf7b1a21a3c04ff743fdf732d4bf0fc620d9 Alerts: Blocklists: - fortinet: Malware - quad9: Sinkholed
GET /wp-content/astra-local-fonts/roboto/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 Host: maestrosantamaria.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://maestrosantamaria.com/sot.php?e=cor1.zip Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin	URL: maestrosantamaria.com/wp-content/astra-local-fonts/robo (...) FQDN: maestrosantamaria.com IP: 190.106.131.222 HASH: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 190.106.131.222 HTTP/1.1 200 OK Content-Type: font/woff2 Date: Tue, 07 Feb 2023 06:38:10 GMT Server: Apache Last-Modified: Sun, 04 Dec 2022 07:41:12 GMT Accept-Ranges: bytes Content-Length: 15744 Connection: keep-alive, Keep-Alive Vary: User-Agent Keep-Alive: timeout=3, max=100 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data Size: 15744 Md5: 15d9f621c3bd1599f0169dcf0bd5e63e Sha1: 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Alerts: Blocklists: - fortinet: Malware - quad9: Sinkholed
GET /wp-content/astra-local-fonts/barlow-semi-condensed/wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRfp66_B2sl.woff2 HTTP/1.1 Host: maestrosantamaria.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://maestrosantamaria.com/sot.php?e=cor1.zip Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin	URL: maestrosantamaria.com/wp-content/astra-local-fonts/barl (...) FQDN: maestrosantamaria.com IP: 190.106.131.222 HASH: 4111fd22c33853faea503ad59f721eb23f99393cb4b5cd380f7ebc7bf14f7e17 190.106.131.222 HTTP/1.1 200 OK Content-Type: font/woff2 Date: Tue, 07 Feb 2023 06:38:10 GMT Server: Apache Last-Modified: Sun, 04 Dec 2022 07:41:11 GMT Accept-Ranges: bytes Content-Length: 21952 Connection: keep-alive, Keep-Alive Vary: User-Agent Keep-Alive: timeout=3, max=100 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 21952, version 1.0\012- data Size: 21952 Md5: 3a6d65fc9c5637decd8871135fc97371 Sha1: 36dcc8cc63238987b20dcd866e936d7d10c81a5c Sha256: 4111fd22c33853faea503ad59f721eb23f99393cb4b5cd380f7ebc7bf14f7e17 Alerts: Blocklists: - fortinet: Malware - quad9: Sinkholed
GET /wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.9.4 HTTP/1.1 Host: maestrosantamaria.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://maestrosantamaria.com/sot.php?e=cor1.zip Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: maestrosantamaria.com/wp-content/themes/astra/assets/js (...) FQDN: maestrosantamaria.com IP: 190.106.131.222 HASH: 0ed1f9942a2eed5143794f12eb7c4fffcbbda3019bf486949bd487099ece14c0 190.106.131.222 HTTP/1.1 200 OK Content-Type: application/javascript Date: Tue, 07 Feb 2023 06:38:10 GMT Server: Apache Last-Modified: Sat, 03 Dec 2022 04:05:27 GMT Accept-Ranges: bytes Vary: Accept-Encoding,User-Agent Content-Encoding: gzip Connection: keep-alive, Keep-Alive Content-Length: 4075 Keep-Alive: timeout=3, max=98 --- Additional Info --- Magic: ASCII text, with very long lines (16935), with no line terminators Size: 4075 Md5: 757a17fde44c92828cafe307b596ceb9 Sha1: 02059cf326b80b0e75e8854362978b11b0967afa Sha256: 0ed1f9942a2eed5143794f12eb7c4fffcbbda3019bf486949bd487099ece14c0 Alerts: Blocklists: - quad9: Sinkholed
GET /wp-content/uploads/2022/12/cropped-logo.png HTTP/1.1 Host: maestrosantamaria.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://maestrosantamaria.com/sot.php?e=cor1.zip Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: maestrosantamaria.com/wp-content/uploads/2022/12/croppe (...) FQDN: maestrosantamaria.com IP: 190.106.131.222 HASH: 03749b1bea470b799a18972af27e5355de5a12854483c68857d25974d695a67e 190.106.131.222 HTTP/1.1 200 OK Content-Type: image/png Date: Tue, 07 Feb 2023 06:38:10 GMT Server: Apache Last-Modified: Sun, 04 Dec 2022 07:18:31 GMT Accept-Ranges: bytes Content-Length: 18308 Connection: keep-alive, Keep-Alive Vary: User-Agent Keep-Alive: timeout=3, max=99 --- Additional Info --- Magic: PNG image data, 400 x 134, 8-bit/color RGBA, non-interlaced\012- data Size: 18308 Md5: 6f583b59376d108a8e48562dd4ed0224 Sha1: 699dc74e1a5b717aa62ef5c45e4a87f097682408 Sha256: 03749b1bea470b799a18972af27e5355de5a12854483c68857d25974d695a67e Alerts: Blocklists: - quad9: Sinkholed
GET /wp-content/astra-local-fonts/barlow-semi-condensed/wlpvgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXeIqq.woff2 HTTP/1.1 Host: maestrosantamaria.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: https://maestrosantamaria.com/wp-content/astra-local-fonts/astra-local-fonts.css?ver=3.9.4 Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin	URL: maestrosantamaria.com/wp-content/astra-local-fonts/barl (...) FQDN: maestrosantamaria.com IP: 190.106.131.222 HASH: d9302cb5aec72de2f2ff0c475fd3b1518cca263f808bbbf63757c5812b5f8f9a 190.106.131.222 HTTP/1.1 200 OK Content-Type: font/woff2 Date: Tue, 07 Feb 2023 06:38:10 GMT Server: Apache Last-Modified: Sun, 04 Dec 2022 07:41:11 GMT Accept-Ranges: bytes Content-Length: 21308 Connection: keep-alive, Keep-Alive Vary: User-Agent Keep-Alive: timeout=3, max=99 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 21308, version 1.0\012- data Size: 21308 Md5: 1fbae0f241c04128e5567d5fd49bb2cb Sha1: 3ede311a6b1f69f51265b76a99154f549e6b3b22 Sha256: d9302cb5aec72de2f2ff0c475fd3b1518cca263f808bbbf63757c5812b5f8f9a Alerts: Blocklists: - fortinet: Malware - quad9: Sinkholed
GET /wp-content/uploads/2022/12/cropped-logo-maestro-192x192.webp HTTP/1.1 Host: maestrosantamaria.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://maestrosantamaria.com/sot.php?e=cor1.zip Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: maestrosantamaria.com/wp-content/uploads/2022/12/croppe (...) FQDN: maestrosantamaria.com IP: 190.106.131.222 HASH: 57311109eba0190637c2791dc4fd04d8313dfec5a31f2919ae4708f886b3b8df 190.106.131.222 HTTP/1.1 200 OK Content-Type: image/webp Date: Tue, 07 Feb 2023 06:38:11 GMT Server: Apache Last-Modified: Sun, 04 Dec 2022 07:27:18 GMT Accept-Ranges: bytes Content-Length: 5334 Connection: keep-alive, Keep-Alive Vary: User-Agent Keep-Alive: timeout=3, max=99 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image, VP8 encoding, 192x192, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size: 5334 Md5: 9f9341255f4d058182c7acacda2d50c3 Sha1: fd0205f8196d19b24fdab5cb6f420181efc269ef Sha256: 57311109eba0190637c2791dc4fd04d8313dfec5a31f2919ae4708f886b3b8df Alerts: Blocklists: - fortinet: Malware - quad9: Sinkholed
GET /wp-content/uploads/2022/12/cropped-logo-maestro-32x32.webp HTTP/1.1 Host: maestrosantamaria.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://maestrosantamaria.com/sot.php?e=cor1.zip Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: maestrosantamaria.com/wp-content/uploads/2022/12/croppe (...) FQDN: maestrosantamaria.com IP: 190.106.131.222 HASH: 11c6d54b961ec56b89391bdc627eb1bbebea02e3941ca0d0892cac3a6bb08040 190.106.131.222 HTTP/1.1 200 OK Content-Type: image/webp Date: Tue, 07 Feb 2023 06:38:11 GMT Server: Apache Last-Modified: Sun, 04 Dec 2022 07:27:18 GMT Accept-Ranges: bytes Content-Length: 250 Connection: keep-alive, Keep-Alive Vary: User-Agent Keep-Alive: timeout=3, max=98 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image, VP8 encoding, 32x32, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size: 250 Md5: c2cbc49ba05683dc3cee32e5b30d99d9 Sha1: a2418984d1cb0181a66c3b1a0c282d10dcad9125 Sha256: 11c6d54b961ec56b89391bdc627eb1bbebea02e3941ca0d0892cac3a6bb08040 Alerts: Blocklists: - fortinet: Malware - quad9: Sinkholed

URL	maestrosantamaria.com/sot.php?e=cor1.zip
IP	190.106.131.222 (Argentina)
ASN	#52236 G2K ARGENTINA S.A.
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2023-02-07 06:38:13 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	22
urlquery alerts	No alerts detected
Tags	None

Overview

Domain Summary (7)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 190.106.131.222

Last 5 reports on ASN: G2K ARGENTINA S.A.

Last 3 reports on domain: maestrosantamaria.com

No other reports with similar screenshot

JavaScript

Executed Scripts (5)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (32)

Overview

Domain Summary (7)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 190.106.131.222

Last 5 reports on ASN: G2K ARGENTINA S.A.

Last 3 reports on domain: maestrosantamaria.com

No other reports with similar screenshot

JavaScript

Executed Scripts (5)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (32)

Network Intrusion Detection Systems