{"report_id":"a9753297-ad5a-4157-84db-84f5d60d2461","version":6,"status":"done","tags":[],"date":"2026-01-08T18:47:30Z","url":{"schema":"http","addr":"www.clubpromerica.com","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":0,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/login","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"title":"Club Promerica. Inicio de sesión","dom":{"size":165458,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (22158)","md5":"c789c04e34333096e4efddf632b7854a","sha1":"8c6a5aee181dae70e498201f8b1c2d4c3afd104a","sha256":"326b992524ef2259042022c724118506a559bc3f445375489106343d4e7b3f43","sha512":"b334dbfc435734cc18731e2acb7a57110f658ea30abdcac2d646773a68c0d1875b47a21ca9efdbcc701cb4e7f69e8b994d1c149c3baa0d0e084fb7950c8a66ee","ssdeep":"3072:a1+245yJ6UN7tpjzJa0Fq/V39abo1Z0BXpRni:PIbo1CBXpRni","tlshash":"39f324b2c4f5a233066940d06db05b5abf83f743d58296817aac9bd46fe3d83de27148","dom_hash":"domhash44fda33d2f96645c3f1cd6af8c10cc19","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"www.clubpromerica.com","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":0,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"tags":null,"meta":null,"user":{"user_id":"akbkyowd9geqr98"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-12T18:47:30Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":3}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-08T18:46:55Z","timestamp":1767898015,"ip_dst":{"addr":"40.87.70.95","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":52078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Abused Hosting Domain (azurewebsites .net) in TLS SNI","source":"{\"timestamp\":\"2026-01-08T18:46:55.262163+0000\",\"flow_id\":956128366107034,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.34\",\"src_port\":52078,\"dest_ip\":\"40.87.70.95\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2063118,\"rev\":1,\"signature\":\"ET INFO Abused Hosting Domain (azurewebsites .net) in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"Medium\"],\"created_at\":[\"2025_06_20\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1102\"],\"mitre_technique_name\":[\"Web_Service\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2025_06_20\"]}},\"tls\":{\"sni\":\"cpregionalcoreapi-appsrv.azurewebsites.net\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"15af977ce25de452b96affa2addb1036\",\"string\":\"771,4866,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":789,\"bytes_toclient\":6727,\"start\":\"2026-01-08T18:46:55.072090+0000\"}}"}],"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"www.clubpromerica.com","ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"domain_registered":"2015-10-08","domain_rank":991785,"first_seen":"2019-05-17T23:19:17Z","last_seen":"2023-06-15T15:38:40Z","alert_count":215,"request_count":72,"received_data":2400703,"sent_data":70604,"comment":"","tags":null,"fingerprints":[{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Dynatrace RUM","description":"Dynatrace RUM is a AI powered, full stack, automated real user monutoring platform built by Dynatrace.","website":"https://www.dynatrace.com/platform/real-user-monitoring","common_platform_enumeration":"","icon":"Dynatrace.svg","categories":["RUM"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Dynatrace","description":"Dynatrace is a technology company that produces a software intelligence platform based on artificial intelligence to monitor and optimise application performance and development, IT infrastructure, and user experience for businesses and government agencies throughout the world.","website":"https://www.dynatrace.com","common_platform_enumeration":"","icon":"Dynatrace.svg","categories":["Analytics"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"nopCommerce","description":"nopCommerce is an open-source ecommerce solution based on Microsoft's ASP​.NET Core framework and MS SQL Server 2012 (or higher) backend database.","website":"https://www.nopcommerce.com","common_platform_enumeration":"","icon":"nopCommerce.png","categories":["Ecommerce"]},{"name":"Google Tag Manager","description":"Google Tag Manager is a tag management system (TMS) that allows you to quickly and easily update measurement codes and related code fragments collectively known as tags on your website or mobile app.","website":"https://www.google.com/tagmanager","common_platform_enumeration":"","icon":"Google Tag Manager.svg","categories":["Tag managers"]},{"name":"jQuery UI:1.10.3","description":"jQuery UI is a collection of GUI widgets, animated visual effects, and themes implemented with jQuery, Cascading Style Sheets, and HTML.","website":"https://jqueryui.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery_ui:*:*:*:*:*:*:*:*","icon":"jQuery UI.svg","categories":["JavaScript libraries"]},{"name":"jQuery Migrate:1.2.1","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery:3.5.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"cpregionalcoreapi-appsrv.azurewebsites.net","ip":{"addr":"40.87.70.95","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"domain_registered":"2012-01-24","domain_rank":0,"first_seen":"2025-07-17T02:42:15.398594Z","last_seen":"2025-07-17T02:42:15.398594Z","alert_count":0,"request_count":1,"received_data":2352,"sent_data":498,"comment":"","tags":null,"fingerprints":[{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}]},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2026-01-04T22:21:06.427471Z","alert_count":0,"request_count":1,"received_data":996,"sent_data":506,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"prowebimages.blob.core.windows.net","ip":{"addr":"20.209.162.193","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"domain_registered":"1995-08-10","domain_rank":0,"first_seen":"2020-09-03T19:20:55Z","last_seen":"2025-07-17T02:42:15.731776Z","alert_count":0,"request_count":17,"received_data":7654036,"sent_data":8523,"comment":"","tags":null,"fingerprints":[{"name":"Microsoft HTTPAPI:2.0","description":"Microsoft HTTPAPI is a kernel-mode HTTP driver in the Windows operating system responsible for handling HTTP requests and responses with efficiency, scalability, and security.","website":"https://learn.microsoft.com/en-us/windows/win32/http/http-api-start-page","common_platform_enumeration":"","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}]},{"fqdn":"connect.facebook.net","ip":{"addr":"31.13.72.12","port":443,"asn":32934,"as":"FACEBOOK","country":"Sweden","country_code":"SE"},"domain_registered":"2004-04-01","domain_rank":1088,"first_seen":"2012-05-22T02:51:28Z","last_seen":"2026-01-08T13:30:56.732857Z","alert_count":0,"request_count":1,"received_data":359201,"sent_data":432,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-01-04T22:14:09.841371Z","alert_count":0,"request_count":3,"received_data":151239,"sent_data":1776,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.251.142.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2026-01-04T22:18:41.67311Z","alert_count":0,"request_count":3,"received_data":987128,"sent_data":1340,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"www.google.com","ip":{"addr":"142.250.74.100","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":22,"first_seen":"2015-05-10T13:11:19Z","last_seen":"2026-01-04T22:24:34.159986Z","alert_count":0,"request_count":3,"received_data":3257,"sent_data":3006,"comment":"","tags":null,"fingerprints":null},{"fqdn":"googleads.g.doubleclick.net","ip":{"addr":"142.250.74.98","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1996-01-16","domain_rank":252,"first_seen":"2012-05-21T07:15:40Z","last_seen":"2026-01-02T11:09:56.896912Z","alert_count":0,"request_count":1,"received_data":759,"sent_data":1152,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-01-04T22:17:15.216142Z","alert_count":0,"request_count":2,"received_data":17643,"sent_data":984,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Scripts/jquery.validate.min.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"4ae48ca4487c449ca44008a526d8e1b5","sha1":"62a44936064dd698ef8df566a2a719058af3df54","sha256":"50cd8ccee296642df49a416de8da7c181371565eee04178a9fedb725b15bc5da","sha512":"b22e1b37e95af931c31db2e8a4a7bb18ecaf25140c5d09e6913ca4c9c7120010172a5acc0b9e1ce16ed030b3b171d8ab343f6ce21c6cae128dcfa6a02a714a9b","ssdeep":"384:lLY2OXyp7Lm+dmr9qhk0XuExz9Bcd1Jny+0xC7WpdOC8PGDm9KLNKI9ci9sk:lBfXdmr990ekpqJny+UO798NBc8Z","tlshash":"a6a2c94d7182b0465b9620f5a45b960bb2f259b8600ce03cb5f8d4d2bdf8fc951a7fb8","size":21873,"data":"","first_seen":"2023-04-06T21:54:39Z","last_seen":"2026-06-09T19:56:01.873238Z","times_seen":229,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Scripts/jquery-ui-1.10.3.custom.min.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"3dde0f1e2ec9d563ee17524aeed7b1df","sha1":"40167829fa08e20c9996f764871d3d81fee0a941","sha256":"672493ffdd244da63aae11625f20792e05aa2b42efda879760ef7add340eb950","sha512":"f52c0694034ede05a2c297b11c93d541a37b3eb4c011e03f0a392717bd1faaa04ed2b4fdf7e855130184fd1ac6df36e37cd3fe053768db66e630906cd4f3eaf2","ssdeep":"3072:mTHQDWyMcDtOFOFKjax4Uja+03+TpB0FQodXO67uWm21q:mrcW1COcIO9a+NTpCFQyw","tlshash":"6c24f84d72413636a1efe2a5103b2a0fa237655da605805cb03cc9ee9e7dd4431bbf7a","size":228144,"data":"","first_seen":"2023-03-08T00:10:25Z","last_seen":"2026-06-09T19:56:01.864891Z","times_seen":565,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Administration/Scripts/kendo/2014.1.318/kendo.core.min.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a2b6d5f16e40205d05489b4fda3625fc","sha1":"526634c8a7867287608950ac73ee37b97105202d","sha256":"4496d92d313fa13f314d147fa42b9cddccf4a061289e6b4a17692b9291acee53","sha512":"d314bedc60137e27b4ecc3ac539f843abcbcf76f429db0270732ffb225a503bb2345eeb3ccc51dd180e435f2231e2a84ec0ad0566119ca229b117472f1a25b1f","ssdeep":"768:5H+p/wZtZ0/8+79JtHeYNLpImgwCQYy0j50:Nc/OZd+79zHNLee0i","tlshash":"f1131ad976c2b46383a71165407f110ab23a8a566c4d4420f668ece1bd74c6f927ffbc","size":44330,"data":"","first_seen":"2023-03-09T01:01:24Z","last_seen":"2026-06-04T16:53:24.588218Z","times_seen":100,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Plugins/SevenSpikes.Core/Scripts/swipeEvents.min.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"1a6043dd92bd664c2146ded8831f737d","sha1":"9d841c50cde3d73f5ca6a0b78bdc6f0f7639d9b3","sha256":"2783f88a6dc2c601a55898d98b76d6b9a865ef2a598b5ee8dee39134dc23faae","sha512":"0a48f4bb6bfd5bc77fafc5f5ea4ba77000c14e41dabff6f9b7cacfac0550f2b30e9dae3ff0a8d82cebd05df42a052af800a73cfd603720fe5b7ba0a356eb3c4e","ssdeep":"","tlshash":"4d219c24936451f4976fa1b1da57cd54703824aea243c9f4491dc8ea4c3843c89f9eac","size":1305,"data":"","first_seen":"2023-03-07T12:57:41Z","last_seen":"2026-06-04T16:53:24.677089Z","times_seen":63,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Plugins/SevenSpikes.Nop.Plugins.ProductRibbons/Scripts/ProductRibbons.min.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"19a299aef303bb834c4f923117236ca3","sha1":"58889eeadac240fdafc359ea928b6e75ed0825ac","sha256":"3639180e9fcc23f092494b476605c05609049de04b19b261cd413659b8285364","sha512":"4aadb0a68421c08db1ec9e785f0180bad72aef683de5a0a91a562c1a3f256f8a3f50852f1a6467b6c62f60932a84185bfe6b0cc2b240b9f6d60adf60360e0f5a","ssdeep":"","tlshash":"af41edcce2bc11a5809714f8705f25cabda2ac1e58e74dc5480bf14a1891e5ea338c9d","size":2380,"data":"","first_seen":"2023-03-14T06:03:28Z","last_seen":"2026-05-12T03:33:01.831203Z","times_seen":31,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/ruxitagentjs_ICANVfgqru_10327251022105625.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"03fa71a1cf8ec7040d1fa1c672f93a9d","sha1":"d01306070c6d04a331b671074e0a7228457fd249","sha256":"0c796a7884170d8fa0e5100de60dc2272ad05a9a0b436f15d9766bb27c8243ae","sha512":"00856b036edc1d0619f5660c1f7c95d294449b9c97a6386620cadc0bb1ca1a698c6d224f6b0ccc471984e22031cd9087979b06e5fd18115833a6398882d16694","ssdeep":"3072:japP/GJe7FoVdzvkN33PXzO4qKwaINhayzByuVtjg:8P/GJJdzsN33PzO4kNbzByEjg","tlshash":"d6043a99b71270668b9711b950bf020bf3b86d94984c8498d195f8e83d74efe42f7f28","size":189881,"data":"","first_seen":"2026-01-08T18:47:47.225462Z","last_seen":"2026-05-11T13:54:57.820089Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Plugins/SevenSpikes.Nop.Plugins.InstantSearch/Scripts/InstantSearch.min.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"83192482fc9c946450290cdcfebd5bb0","sha1":"72b0cb8adc9d7616381063834c9214e4fe97b03e","sha256":"18e14dc988b337b28449889c250a9fc92f7a8413e121a45c81c3faccab6ade73","sha512":"82b8773248016440b6494dd89cfb0aff0462163ef91ff9f21c78e23a43eedb3de75208a2caa0278a4d350192ebf794810c55a93f1e740902969e45f4cd91e83e","ssdeep":"","tlshash":"a651522f7a4410985d7f52b7488b7f0a73b27a718f110e69827dc8a07827eea151b707","size":2525,"data":"","first_seen":"2025-07-01T11:36:50.134783Z","last_seen":"2026-05-12T03:33:01.83604Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Plugins/SevenSpikes.Nop.Plugins.ProductRibbons/Scripts/jquery.json-2.4.min.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"b6ec8daaae10608b00f8c8661d97aab8","sha1":"4e87c12ca2324a181a60ca1bb0feeb1eafdd3770","sha256":"e1681eeae950bd905e159723b28b06b3c6055806a4877c80420ff2950a88cd3c","sha512":"e47ac17cccd176e0f80be0721d36777d4bf1e3ef7840c3bddc49ab3b655977cf5b160321e858983f11d1ba4f7b47670726974d5234f1c428325cbc0ad0771e21","ssdeep":"","tlshash":"e041889b32c2310600f775950407791a6e19cb10f1bc555ccaf982fdaf95d8bd02ee79","size":2281,"data":"","first_seen":"2023-03-14T09:38:34Z","last_seen":"2026-05-30T19:01:41.554879Z","times_seen":108,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Plugins/SevenSpikes.Nop.Plugins.AnywhereSliders/Scripts/nivo/jquery.nivo.slider.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"40e45ecb07eda8ef6c157ab6970f9df4","sha1":"bef36c2e27521277ef66bf3893ee1f513785d4ff","sha256":"d05c6a9d5d907f8191e106b8eff806c801d996b0997ac3a091f18cb4374fcfc9","sha512":"4c23fa1bfe32b4cacc95a337a51a2d99d2564b5627b804d712adb286faf3d2f6f24bf2229aa4ba63d5a959820b6b4d7c151a013405174815b1e24e632d476e5d","ssdeep":"192:TgM/zDfBzxP+sJzRDIBOdSUbv4YcFNYcZ3yOiekKjoH1VrqjoHqVrc5ap7jacCTH:0M/P+0zE1NWMVoIxf2Ztat8VveCrR5","tlshash":"5ed2200eb16119a5d9f2327abf2e8908debb52131512cb34bcfc024d5fb50849667fe9","size":30318,"data":"","first_seen":"2023-03-12T23:34:05Z","last_seen":"2026-06-04T16:53:24.582577Z","times_seen":32,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"1b6171acefade031917414eddf401c46","sha1":"53153e1b8665cff7134eab49ce7384d586159aaf","sha256":"d990eec5a23d864c3563a1f769de2bfab6975f7510b6f56fe4aa9290d46e9720","sha512":"18fe5a132ba1b5cc1c73f27cafa249af1cc726a985c099432a0cf287a3a7dcc8a978b3573cb317ec5bfb5a6ad62f6c23e4b6149b7f4eb8cb6231edc3719fd4f6","ssdeep":"","tlshash":"7dc04c89221b4c7155a62a454b6fb604b05a2262989159217a1e63445f21d17d794854","size":175,"data":"","first_seen":"2026-01-08T18:47:47.28977Z","last_seen":"2026-04-13T00:21:38.981076Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-WKJR4G6G","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.142.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"4c120c18098013bac921a431d2f79382","sha1":"2e8a97b50ebbd27987bf27e40307b5a8bd5b218e","sha256":"be612584c324aec7daca9565b5b474e56ca61c84c026d838ecc718388296db16","sha512":"42c9cafeb5f6b6af7b196cb79b312784908b931e3109c83fee3b90d74cd735da054b09c297a4459e4376d2c3b0dd6174b9732d30a099c82113b715f1b24a85de","ssdeep":"6144:9rVrf0o6qWro03izhJ3kc1/po7YAOTkx7gjQiTV4N:xyqLOi19xTkvN","tlshash":"a78429cdb3c6746693a3a478503f118ba57b6991f44cc895f186cce42e74aaa0237f7c","size":385195,"data":"","first_seen":"2026-01-08T18:47:47.231702Z","last_seen":"2026-01-08T18:47:47.231702Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"f1789492afa3b7f642eb383f4ef9ff7e","sha1":"4dd5cf01c250eb5e7f0d77c3c27b06c3b858946b","sha256":"5d51bd43be6dbbe7558c7ea4aa36eb5df3fe25993e0ef682b2e095e1de909598","sha512":"f744d9ae662ff4a89c06e9a890876c85b89fac158f8b69e40fe74582319faaf78a1886ec1f122c03b2ceef0f1c16801dee276e09b323178cde97eb92c870fcae","ssdeep":"","tlshash":"668004d4f0c3704053171154007f5cc55135443014044d404005f4513c55430411745c","size":35,"data":"","first_seen":"2023-04-18T19:26:31Z","last_seen":"2026-06-09T17:31:57.564458Z","times_seen":455,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"connect.facebook.net/en_US/fbevents.js","fqdn":"connect.facebook.net","domain":"facebook.net","tld":"net"},"ip":{"addr":"31.13.72.12","port":443,"asn":32934,"as":"FACEBOOK","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":false,"md5":"bbe14db0b80ce59d649046e1c8e9a6c6","sha1":"d88d61f179bd9bb989cd3003977ec8f3f1585ed3","sha256":"7ee642ece119235be6a2df7147e6265c85594b51630db07bb7fefdf03810cc36","sha512":"dae1e77ff5710bee64096032dd7da012132b8f8bda1b7a35d215bee1b0ae94716443cc36570a46219ba377364c1433fa1317f0cc7bcb238a32961a8e416eddbd","ssdeep":"6144:x7gA2fwVLQyB5Qb2qlXorxUXGRtThLydO5vBmK:QgDQ38bIK","tlshash":"ff74b6c970e2b0a207b675ac566f9007b2bbd5a538ccc920e95cedc86d7c49e4133e76","size":354310,"data":"","first_seen":"2025-12-17T04:39:36.429427Z","last_seen":"2026-06-06T11:35:15.734387Z","times_seen":810,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Scripts/jquery-migrate-1.2.1.min.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"512b871a2830e44259bc3ce3343afcd0","sha1":"875bce76a77590c3c438bbc6e014b39c23c8c88d","sha256":"c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c","sha512":"7c31817254b71d4cac10120aa2829614311658e468036d27eb43b063b392620c4611ec3db3b3600da3e48fb82a41c5579c048fbd9022156f038b2b6cb5d946b5","ssdeep":"96:tBnSz91Gwyk35YrfBewIt9jKLKDs2SFNK7wIDBRANyCfVJ45NI:znSzvGw/35YbMx9jKLKD3UIDBR8VVUq","tlshash":"27e186dc72aab5611ffa30a8503bd21b72b25aec140d95a4f08ccde5392cc5d413ab7e","size":7200,"data":"","first_seen":"2023-03-07T01:10:34Z","last_seen":"2026-06-11T00:59:07.193221Z","times_seen":6488,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Administration/Scripts/kendo/2014.1.318/kendo.autocomplete.min.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a907183e906a3b367ca9eae8099a8bbc","sha1":"753bd6fc726d556b33f3db40111e1b517e781bfc","sha256":"4aeac08e54655a48878ffb5cec08dbfda72c4f60098e573f6d656c114b3d5f21","sha512":"847ac967600f20f08d8b1bda646a8fa62c80828412bfef509cbfce2e7ac79a6165cc90f183903359e39ba15203fa10145790d8df1ea665c22407daf102a24a20","ssdeep":"96:WS9VzsimxykdTtajWyB2BM83uym6PeWu3eI38iUxpledBnqe:WSrzJmV4jkTuN62Wc2uhD","tlshash":"5de1c68a72817b4682fb20f1123f540d333629659a0945a0b126d5ca3a39ec97377ebf","size":6894,"data":"","first_seen":"2023-03-09T01:01:24Z","last_seen":"2026-05-15T04:10:43.915338Z","times_seen":67,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Administration/Scripts/kendo/2014.1.318/kendo.list.min.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d66451f0f4e67bbd66568a225dda476b","sha1":"d93a9235b74979a528b9004f3aa0f14be223c0b5","sha256":"4a86b246649930140be8736e47984eac1932279365df19d41a6ee7f8cf26d3cd","sha512":"6f83d07918521a9367efffbecfd0af81775d42d89976936b9fbad68c30c4d06197de4ed046cef1d123dac78f52fbb89aa1d2502caaee6910cedabb4463fc22f7","ssdeep":"192:WS9uk/RYoQ2fDv69tIaLnCeeQr6vUU6KOQxHi/Hsxy6WA+dUtDmowKD:593/RlQ2fDvQtIECSQUUyQ1iPz6eqt5/","tlshash":"0c42b789b1c4b12592ef20f256ff68092337794c591a84f0b126c6d62e34e8db357e2f","size":12055,"data":"","first_seen":"2023-03-09T01:01:24Z","last_seen":"2026-05-15T04:10:43.936412Z","times_seen":67,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"95b1543e38006c066008f55d552b7749","sha1":"6e17e565fee56fedb482015a0da28b163cae47fb","sha256":"5b03172d8dc433b6d41a9899d479362a2bba989522365bd39dae689af3dcd877","sha512":"54b22ed00b1f888e16739963fef8d9621b3db5b7216046d1fccc113cf2726f2bd807e302968a035c939c728c078bc9f7edac3107729837f307f7d4748103ee88","ssdeep":"","tlshash":"02f0ab9b75da14342d8ba07a5b6c8e283512325ab0444033bcfc88352f496ae0d66bec","size":534,"data":"","first_seen":"2026-01-08T18:47:47.291442Z","last_seen":"2026-04-13T00:21:38.981916Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"b53b32b08e13359743d129972dd68a64","sha1":"9468d7ee55c57502c95bf7ce57b3ad72ad5264b5","sha256":"7ea0032c1f42803c124aeff71218bece125762947c034d0683e5326709750bbb","sha512":"3fe6e602fc1354a67d1da3a3632a6fc5d0992e1a3d349deff2c49cfe6edcce2ce2afe4cff9babe20e786897b4e3ae9792ad28ff31730c5bf59010b1a09fb007c","ssdeep":"","tlshash":"eae0a72de0f752e1003ba22c2b57b90a5d3535b7b5209d54b91d8d446f17f7145e1701","size":338,"data":"","first_seen":"2026-01-08T18:47:47.292246Z","last_seen":"2026-03-06T07:57:19.204088Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Plugins/SevenSpikes.Nop.Plugins.AnywhereSliders/Scripts/AnywhereSliders.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"4b45def183c4e0efb52b86e47c88cd5e","sha1":"027b093b365c94469307839d207112d420ef33bb","sha256":"76e73adf37b3bcb7b11c7c7ad2efb2d671cc43cab34164a5a8e96dffc95c468c","sha512":"a125cc65e5cc334bdb9e12dc3c58f553834eb929c89db72a7d82ad8c597db0558cdd4f5b483a1dc8a01701926a8aa2306a39f79ede2fe4306800c4597c08a2c0","ssdeep":"96:VKPO0+w+6ixMfrYcYWbFWbU8kJTFP5NEeV54H:MPO0+BufrVYWZWPQ53VU","tlshash":"adc1bb6eb6805461987713b15a3e8808e6ece4770041ca6abdff69849f758082e17fcf","size":5791,"data":"","first_seen":"2023-03-14T06:03:28Z","last_seen":"2026-05-12T03:33:01.872185Z","times_seen":24,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Scripts/UtilsJs/utils-js.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d55eb1bea2a0023a39b61198d398c2f2","sha1":"f9edd19d68a67b18c359e0c3253d84edcd6d4d82","sha256":"b0bdbc9aa0406f5d7cf97dbfa42d766e16899ed1ee60d707ed4484b9311a6ea7","sha512":"cade20c89c1b5894374c8e40626eac5add63b6e5b7b713d4d1b7b0e56788888d5156afd51b961c55096068f1e7b2012ad631603c35fe0d95bf552fa107ba41cc","ssdeep":"","tlshash":"d9414a5b719226f486bb777f1b63864af83000ab88046200bcdc1e607fb4d5993b9fe0","size":1937,"data":"","first_seen":"2026-01-08T18:47:47.242091Z","last_seen":"2026-04-13T00:21:38.866753Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"1d136ea879ddbe06c7a8217b40fe7441","sha1":"9bfede3a1382b67479aacb449d5b2b82b5ec1468","sha256":"50c17f5fbcc7788c164f74c7168d26bf5eff9ab2d9ab7be1b0fb355efba79ca7","sha512":"bcb18ab72b1f015bff7f22b72cb0c1abf32bc60a7d86817dcfe120f6cce431f37f96e43118fff861028a2d275d28f8a521880cc7db1d4819e97808de602f6c1c","ssdeep":"","tlshash":"609002d4e0c26544512611a4107b5eda7429442054158d40880494503856520872645c","size":47,"data":"","first_seen":"2023-04-20T05:52:30Z","last_seen":"2026-06-03T11:09:20.391214Z","times_seen":215,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"connect.facebook.net/signals/config/979099123591528?v=2.9.248\u0026r=stable\u0026domain=www.clubpromerica.com\u0026hme=17590b9a2e1b26755cdc9ecb401f9f46bca979d3ccce95d786db0936167af731\u0026ex_m=94%2C156%2C134%2C20%2C67%2C68%2C127%2C63%2C43%2C128%2C72%2C62%2C10%2C141%2C80%2C15%2C93%2C28%2C122%2C115%2C70%2C73%2C121%2C138%2C102%2C143%2C7%2C3%2C4%2C6%2C5%2C2%2C81%2C91%2C144%2C224%2C167%2C57%2C226%2C227%2C50%2C183%2C27%2C69%2C232%2C231%2C170%2C30%2C56%2C9%2C59%2C87%2C88%2C89%2C95%2C118%2C29%2C26%2C120%2C117%2C116%2C135%2C71%2C137%2C136%2C45%2C55%2C111%2C14%2C140%2C40%2C213%2C215%2C177%2C23%2C24%2C25%2C17%2C18%2C39%2C35%2C37%2C36%2C76%2C82%2C86%2C100%2C126%2C129%2C41%2C101%2C21%2C19%2C107%2C64%2C33%2C131%2C130%2C132%2C123%2C22%2C32%2C54%2C99%2C139%2C65%2C16%2C133%2C104%2C31%2C193%2C163%2C284%2C211%2C154%2C196%2C189%2C164%2C97%2C119%2C75%2C109%2C49%2C44%2C103%2C42%2C108%2C114%2C53%2C60%2C113%2C48%2C51%2C47%2C90%2C142%2C0%2C112%2C13%2C110%2C11%2C1%2C52%2C83%2C58%2C61%2C106%2C79%2C78%2C145%2C146%2C84%2C85%2C8%2C92%2C46%2C124%2C77%2C74%2C66%2C105%2C96%2C38%2C125%2C34%2C98%2C12%2C147","fqdn":"connect.facebook.net","domain":"facebook.net","tld":"net"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"acbb3f2fa2ef5783a8383e1f56006de3","sha1":"464b2cf9f48765e484354b78481cc0fe61a37e7d","sha256":"7ee142dbc3af0b73f3eb3b01f41dbaa25c8ecd293bb75eb4d6bde8bedeca004e","sha512":"ad3de2c11d44e721b572b5160638ab310b859defc3977904d1e2a36165c093b6bdfb1676dfc765d074d232731a15b18e20acb16e9ba08b847acb57ef619b0b36","ssdeep":"1536:JDfY7zbMII9PahO0iVxPKzBZV4K+Bzux0kTEVB2vpOwSSBx7nltimubf:d86mEVeRtimuj","tlshash":"91e3fac9b1e1b06203a6b96cba7f500b75b9946234d8c460ea1ddcd47ebc0694173fbb","size":150383,"data":"","first_seen":"2026-01-08T18:47:47.293606Z","last_seen":"2026-01-13T01:16:31.272278Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Scripts/jquery.validate.unobtrusive.min.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"dd9e6ecb410314024555b6a8f7846860","sha1":"a229f33cf76c95995bf6f70c2d5f9c55896e7edc","sha256":"c43c532923fb3bc58b4f17d98f842122978ec76cc38d428149036e045f5ff0a1","sha512":"c62f16facd624c52a591c38e56ca3311f69a4a0d68e79f15122744ebf754391c1fab6f72bd8a96e34b0a4dd6a9bf834d962b591756940f113600aaeb95a9e592","ssdeep":"96:2EUCPCoDPWKj+inSDs41tHD2zVeTccE/tB0bTCPociwrD05VXmm8zQ5CtKctR/4u:x/j+inb4u0TccE/tybTKTiwr4om8zQ5e","tlshash":"e1c17448350662a2aeb730f7518f9007f17618aab0894822f549d1e16ebffe55263f1f","size":5700,"data":"","first_seen":"2023-03-07T12:11:42Z","last_seen":"2026-06-09T19:56:01.873763Z","times_seen":165,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Scripts/jquery-3.5.1.min.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"b61aa6e2d68d21b3546b5b418bf0e9c3","sha1":"9c1398f0de4c869dacb1c9ab1a8cc327f5421ff7","sha256":"f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b","sha512":"5882735d9a0239c5c63c5c87b81618e3c8dc09d7d743c3444c535b9547b9b65defa509d7804552c581cb84b61dd1225e2add5dca6b120868ec201fa979504f4b","ssdeep":"1536:/jExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0QlQvaks:/Yh8eip3huuf6IidlrvakdtQ47GK8","tlshash":"3193f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","size":89478,"data":"","first_seen":"2023-03-07T01:03:09Z","last_seen":"2026-06-10T17:40:16.725143Z","times_seen":16805,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Plugins/SevenSpikes.Core/Scripts/SevenSpikesExtensions.min.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"42b7b45918c98621d58101ffdf23b129","sha1":"3edd16e64b167005fa8d6ae3465b72a4255cccd3","sha256":"60115c0285de95078e8bb36ed0de24f38bd86b45e9b1cef3c7815767a06526d9","sha512":"0657bf70089ef3329903930e1aea31317f5c9e3d3057506dff164ad2e6aeaf1461b796a2b64a940d0b52f0440bd520dde45e97b5b26d6c2f5da25f31e51048d7","ssdeep":"384:Use8S/w0+ApWoi2DP28GgVYdZz41Ud7y1T4L:7Hsw0+ApWoi2DPTNVqZz4+lyUL","tlshash":"2752b4487111353445ff51bef02f1406b2337e6bca0a4891a56c8e5e0badd6aa273f6f","size":13642,"data":"","first_seen":"2025-06-25T06:02:02.71689Z","last_seen":"2026-05-12T03:33:01.944639Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"b189320138bef28a9cccc2b13677872e","sha1":"acefe88be68641c0c1ba4036900f3b68963370c6","sha256":"855fa6e8859af6ade2e14c5a1dbb68d4644ad18e1da94c4dbb4ec84d90c8d955","sha512":"60713128a02d1d1c2a9f5da5d1a48a40e56ac369a34933f8492404888b4aaf8788c124122aa71a8f53b127082ccc995c81388bf6ef6fdc0b4d9e4803f1d665c4","ssdeep":"","tlshash":"1ec08c6900a3243414e72481c11b0864850ee007910a8203fc3e82c10f036774222e0c","size":156,"data":"","first_seen":"2026-01-08T18:47:47.294439Z","last_seen":"2026-03-06T07:57:19.205324Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/ruxitagentjs_ICANVfgqru_10327251022105625.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"03fa71a1cf8ec7040d1fa1c672f93a9d","sha1":"d01306070c6d04a331b671074e0a7228457fd249","sha256":"0c796a7884170d8fa0e5100de60dc2272ad05a9a0b436f15d9766bb27c8243ae","sha512":"00856b036edc1d0619f5660c1f7c95d294449b9c97a6386620cadc0bb1ca1a698c6d224f6b0ccc471984e22031cd9087979b06e5fd18115833a6398882d16694","ssdeep":"3072:japP/GJe7FoVdzvkN33PXzO4qKwaINhayzByuVtjg:8P/GJJdzsN33PzO4kNbzByEjg","tlshash":"d6043a99b71270668b9711b950bf020bf3b86d94984c8498d195f8e83d74efe42f7f28","size":189881,"data":"","first_seen":"2026-01-08T18:47:47.225462Z","last_seen":"2026-05-11T13:54:57.820089Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Scripts/public.ajaxcart.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"5d787f7c98695151b3806cf1527a6b95","sha1":"2986bb30d4da14530b6dfcb24ff80e3620df2d5f","sha256":"93d64eeb84b1989afe8f13add9a8e4921daa3db2ef6b24cee5fad5dec097ad69","sha512":"21e2673176701964cbf23a440edd415d395395da337a3cfb4ee39892c7be255c49352ad783a87c081910848b1db66f3aef4527ff323a4d90c62c3af059e7f3c3","ssdeep":"","tlshash":"4781e08e221518badbf772bb9e071986f733825b1603855bbcbd40d02f31654a362e7d","size":3985,"data":"","first_seen":"2023-03-10T08:07:40Z","last_seen":"2026-06-09T19:56:01.865397Z","times_seen":69,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Administration/Scripts/kendo/2014.1.318/kendo.popup.min.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"bd2642717b6ae619125b7a0900293748","sha1":"b9ada9325b8e888acb23be1a87654addffb7ee63","sha256":"4c0fc20058bb6591b2f4abe417d4631f582e0c04e99831dd3b43b257e5c94266","sha512":"41b7baba680c56d00fd0b1751180c56d2a27a4a0cc5eb43b04140a10f90f2240d3f694707a6839831196db2e3872151a9c7b5bcc088c75cba5d4e778c350f9cb","ssdeep":"96:WSE2e27lLJl5LAQXpMuWcG6rviW/OA/t+GD3xtTUF/zeZxV54EbqVqe:WSteUtM0GeiyOA/vDTy4xZqVD","tlshash":"9ce1d7d8f10176d311ef6797226fa05971339268a00a4078f22ad1e82f56dc533a3ebd","size":7264,"data":"","first_seen":"2023-03-09T01:01:24Z","last_seen":"2026-05-15T04:10:43.897565Z","times_seen":67,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.142.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"aee63d53f6560cccd649955e943ab4fd","sha1":"01b558b4828d0b07b4df191b31f971cfeccb2c2d","sha256":"587e0611b34f7527515dc68a2013ac6fd8a7f99ce3b8698301bb032252a0d0df","sha512":"192aeb65223125a66f78eff89e27dd80339c3a8268e69ed8d19520e338910f2f674396bf769075a72d56f80d2ba02ee52ad757622a6d17f540a2b28304b479ff","ssdeep":"3072:AVhadKE70MisCfW88CogQN6PTm6Sv6YqaphtnAm+6h06lbd4dlw5Eqt:ldV7m5oYnSv6Yq0tAn6h06td4nw5EI","tlshash":"371429c9b7ca706653d365b8503f010bb17a7992f84cc8d0e182d9d82e74aaa1277f7d","size":202243,"data":"","first_seen":"2026-01-08T18:47:47.237873Z","last_seen":"2026-01-08T18:47:47.237873Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Scripts/modal-popup.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"91653944fad84af530e9da5a2728809f","sha1":"3c40029bc10e8fa9f7b5564f9ab6b36798dca0d0","sha256":"ba92618b3aa7a9793b01e588006dde8efca7ff01d1a79349047e4a28d2ade3d3","sha512":"292e8021e5deb99a2db86a7215c050ddb2487d7f7398a95fa5fd4552aecaeea7c3617e9b631610558e2fb059ad79c9dd7121b5cab8ebcef0c2f9d46c7b5bda86","ssdeep":"","tlshash":"f821dc9e3a39263581ff1b3b77067718fd60005749018403b59cce801f78d26666bca9","size":1330,"data":"","first_seen":"2026-01-08T18:47:47.200336Z","last_seen":"2026-04-13T00:21:38.952693Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Administration/Scripts/kendo/2014.1.318/kendo.data.min.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"e816ffd11066f526c2c9ca2b5333d029","sha1":"38975b0fe3e8f8ce7001e212bec2421dc3fa2f71","sha256":"b31dca148abea883da0f31f4a98d668e5b5e7dd104b05c752b85e5cfc3a988d8","sha512":"9ef3c72aed21a9e3bb23730d57a5d790df5a602feafc1d815347303285a93793219f05ccdc560e41f7cdfa7ad4b3935d9b7fc59c0f84d19745d3f1c4fb5f9818","ssdeep":"768:5PJ03iW34oGU4560wUVWUEMsdivLvZig/y7L3SnBw/QfEzm9i+lW/:wSW33GU4E1QWTxMC+0/","tlshash":"d613b6c833d1b00247ab34a1a57f690eb33ba849840e4514f329d5dbbd39a4da27bd7d","size":43306,"data":"","first_seen":"2023-03-09T01:01:24Z","last_seen":"2026-05-15T04:10:43.912637Z","times_seen":67,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Plugins/SevenSpikes.Nop.Plugins.MegaMenu/Scripts/MegaMenu.min.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"6c95385523f669d5c1cf53aa586b1329","sha1":"5574e6487f1db63b14e6a41909a67fae7fbc712d","sha256":"49d5c99ef0648abf931ea3369358703d63226e208bf16a6c9a9c676cf3c63754","sha512":"18c6757eca45c0e2a9db235eb5b594e67cb58f1baffccb8fc5bda7129b13a658108da43c1ebb1c3225be4c789c23ec3571cc4032bdbca76da1ace85f7262543b","ssdeep":"","tlshash":"c231221c706471b238bb22bd72bbc40076636dbd86128158749ac3940b3eeb81273f5e","size":1660,"data":"","first_seen":"2025-06-25T06:02:02.700439Z","last_seen":"2026-04-13T00:21:38.839763Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"b2c9d509698c21e6417282442753dcf0","sha1":"27718eeb1a6bbeda7bf866df263236273c77f800","sha256":"f72a95f74cbe367f09c1c8109dab6faf7bcc6e12f58393ea5dd3dae2d9497689","sha512":"d2844cda6fd57646e1893b04ba692976125d4becd89f9a2407dbf8fb4e939a412f418bfe797bc1362a13cf001249430227a6c6a3ea664ea8ac7301d048ebd378","ssdeep":"","tlshash":"bdf0cde9a9dad83b0253a4f08927194d7ec4f314891b0e42b1aea3c23742d2cf872116","size":636,"data":"","first_seen":"2023-04-20T05:52:30Z","last_seen":"2026-04-22T13:18:14.112888Z","times_seen":20,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/destination?id=AW-10883915179\u0026cx=c\u0026gtm=4e6170","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.142.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"85e4fdbbfceece7c37eb0a1b4dc20d30","sha1":"a6b951fb9e3b0b363d5b329436a47b79384c5b4d","sha256":"958b19dbbca0ee3641f009de7d4ea7abfd357b1d52e7b580ede0486df7ffc4a9","sha512":"aeb47090d915bdce471f2e82778f773161c7e1863b8053ed2cc6e6248cbab28d623275d687c9c827165ea8f0dd122879005cf3ced5e2067a562b68900dabf767","ssdeep":"6144:LrVrl0o6qWro03izhJ3kc1/po7YAOTkIzE6vajQiDv:fAqLOi19xTkIje","tlshash":"738429ce73c674269397a478403f018ba57b69e2b44cc895f189cce42e74a9a4277f7c","size":397376,"data":"","first_seen":"2026-01-08T18:47:47.23621Z","last_seen":"2026-01-08T18:47:47.23621Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3\u0026ns=1\u0026cb=1729059611","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"373b4bf60856d13a74ed814856e7394c","sha1":"19a41d1f73cd45514b204cb77917de8b34e52637","sha256":"fc601eb9861ba62a668bfe019e37f9192f12dbf4abbd1dc9d46fcff9bdb65453","sha512":"df341f5bbbc3d3488f764f8a17b42c1ddd8c698d7564a42da0017c55b2cf513a549b839277e6e554f54efc2226126f61cb5684d750d6601f29ff1bda626f1c52","ssdeep":"1536:/lQti0G6pj0aIKqO/hFUxm5zhWlAI+qLBDYadONInSV4rkjyUroztejkXAuA4H4E:/lQti0G6pj0aIKqO/vUxm5zhKAI+qLBJ","tlshash":"1f73f0d47ac5f80726ce5a73bf0a79e9e07a98b7a4c4b6478254b69d24fc503c1a4cf0","size":80124,"data":"","first_seen":"2026-01-08T18:47:47.195822Z","last_seen":"2026-01-08T18:47:47.195822Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Scripts/jquery-1.10.2.min.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"11468602df014a21b203dc9bcd84d369","sha1":"2cf8733fe01e2d149140cb840595fa5d21769f93","sha256":"29c9e8752f25b17961e3c6ff72de34b1f1a157dfc5fabb68bd148b8ec9002b17","sha512":"e5e527b6a1808e474b7d64d3ce360db14b1a4871a5aee01185cbafab06ed6f40e50b4281acec12dc2fe8663296d4ce5032e40769aeb9f32d7a6c9aa4d2525e11","ssdeep":"1536:O4mCgi8DyCuXXFiJ+L0kJQsJVPEKLQRZdC/RAfDknv+p0WzH/Io9Z7qABZnu0sFy:OGsKXAI2p0WP9bDrstfa5","tlshash":"be93f8ddb2d1b06257bb21bd006f540ff236195e280d8850f129e8eabc74a4d9277fad","size":93113,"data":"","first_seen":"2023-03-07T01:20:48Z","last_seen":"2026-06-09T19:56:01.864192Z","times_seen":9560,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Scripts/public.common.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"6946e640361f38152cfcc707ee932f68","sha1":"f2b27a372b451205c9750e65ddb5b389cd4d58b7","sha256":"7b829fa64d38d8c8299b2c864bc0d97e9e4fc141db1fc23991fc4b4c3b000af3","sha512":"e6f41d73c6279dc1b922244e595d2a9ef602f4775a23948ff0f3801bd5f60b39167a46a29749d3eb9b51e8d45715950a524ec73c12087ab2acf7687005c25a40","ssdeep":"384:ucOKZXtUK4I7QK5CKi9WdCiG9pgviei8i7i9iRiEvk4Ci2i+k4+R3f+RBn:ucOKZXtUK4oQK5CzssvxesYxsH3HF6n","tlshash":"4e92529834b105318dbb27769e637508fa2202771a018965febdf1b04f70d6692e6fec","size":20079,"data":"","first_seen":"2026-01-08T18:47:47.206972Z","last_seen":"2026-04-13T00:21:38.870879Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Plugins/SevenSpikes.Nop.Plugins.SmartProductCollections/Scripts/Products.min.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"bef77a8de77e8da6b61b177618c5b69b","sha1":"0a0b168af2482c96c5d95e06ae52f5f317f5ce4b","sha256":"b719b4495175fa4362bcfda0794e6469dd73bb4b365a238a72eb8e5dd0f297e5","sha512":"86d3d59b041474258d300304f88355adf86640af309e4f541e45d4696cb6c741d50f9ccc23061c63fbde34cdcf182ee34c600672380c86e98b852e6ebdd3aea1","ssdeep":"96:TBvUFNHAlVXtd5sk2x/apC6/P8Q4knjHVrBkrllkm:tCBOdd5skI/H6/P8Q4kjHVrBElkm","tlshash":"99a1c94df27a34e35077b272551ba244fa302db39961898238fe95f40f398a12631f2f","size":4802,"data":"","first_seen":"2026-01-08T18:47:47.244725Z","last_seen":"2026-04-13T00:21:38.852063Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Plugins/SevenSpikes.Core/Scripts/footable.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d030798dad945a60b718ee375478bdc1","sha1":"a6f2cb0abc7f94fc751f6eb0f328da6fd2da4e3b","sha256":"18e6ab19dbb2ed04d1bb34af54750f393c6cde0d1e2788d4ed0bc6fc02c9c7c6","sha512":"1f14a3bada4119359faafb14077fa23091e3aceabcacbc48213473a76fb768943c100c2494149af6a3544576a73508ee553d1c08f356d2ee4293b10e1e88aaed","ssdeep":"384:yDtDEFlDz04NFZ4Mmte3kmF/FfFsff4deTp31ZTFCkmJpxWTCTCTTNsDOE3XO+V6:yDtDEFlDgaFZ4Mmte3ky/FfFsfSeTp3P","tlshash":"4262a809726835e740a1d1b1b66f904ea137783ec54704b0b26ac3b59f78dc6b53be2e","size":14865,"data":"","first_seen":"2024-08-20T12:14:47.740207Z","last_seen":"2026-04-13T00:21:38.891572Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Themes/Element/Content/scripts/element.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"6f114861fa30339fbb5cd7be6d2eb747","sha1":"a1b0a17acfea9d5377abbdf1cfe01cb7b113713a","sha256":"2956b00edaf510343771d6a6cd78bfc65b575c969bb0456ea8abbee5ea6e7425","sha512":"e90b06b87705944ffd073897aa1daec2e09db80f0534d735f48cea5eea9bcbf9d1984999554657d9cbc01cc3835ae1ef1f26fbda9a86c8e5ad67710a2a3205c2","ssdeep":"384:Hv77oQzetsbm3JG61f48J0fJBIOgK5lCp:xUNAq0RWK5Up","tlshash":"1fb24319b11033a454bf3379da779084ef3b522b81459350bdac6b8d1fb2090b6a7f9e","size":24090,"data":"","first_seen":"2026-01-08T18:47:47.220462Z","last_seen":"2026-04-13T00:21:38.969225Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"95fcd3843b81d7b2d742f6c138d9f5ea","sha1":"7cbda4cd7e8cd0a80b88712c4fd6bd7637c0a2da","sha256":"cacd8a9d1634a13bc62e279fcbe13dd15509a681c73215bbc137b9aba75778da","sha512":"b6e896df1a1833dc10aec247e839351ac58fb1cb6a8597a53faefd76a6f093c3bafd22509c5e79480837cff9582b1f940fa5fe047b758d5c3c7f36ed18aeb851","ssdeep":"","tlshash":"37a012c3cc0091101d6d0c99713885088543408a8098d05a7d02410001084c00379140","size":80,"data":"","first_seen":"2026-01-08T18:47:47.296112Z","last_seen":"2026-01-08T18:47:47.296112Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Scripts/UtilsJs/utils-js.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d55eb1bea2a0023a39b61198d398c2f2","sha1":"f9edd19d68a67b18c359e0c3253d84edcd6d4d82","sha256":"b0bdbc9aa0406f5d7cf97dbfa42d766e16899ed1ee60d707ed4484b9311a6ea7","sha512":"cade20c89c1b5894374c8e40626eac5add63b6e5b7b713d4d1b7b0e56788888d5156afd51b961c55096068f1e7b2012ad631603c35fe0d95bf552fa107ba41cc","ssdeep":"","tlshash":"d9414a5b719226f486bb777f1b63864af83000ab88046200bcdc1e607fb4d5993b9fe0","size":1937,"data":"","first_seen":"2026-01-08T18:47:47.242091Z","last_seen":"2026-04-13T00:21:38.866753Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Plugins/SevenSpikes.Core/Scripts/perfect-scrollbar.min.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8a6a54157143a473b93143f9e7245ef7","sha1":"6d08560b1949a785bb4b61c17b1515b99d438b4c","sha256":"cf38b3f65e6a277b29a96ad926cceb760e9b296a5749fe65bbb9d8983bf492e9","sha512":"fc09446dc74514b4e9cca98ac990757a57e92846266f9f162de646e4dc6e0b31dae7d4db3fce44d4419f390df18ced9f16f4f9ebc437b7b3bdfe07cf7b3555f0","ssdeep":"192:jlTWrZmceIeQy2PAoj3XBUxgLXNArE4SKMZMIMX5Lo:jorZpRXBUxgzNA0XyxpLo","tlshash":"e312638cb21474a912ef5869e2cf9b07b16558137a2f80905425edb43f7dfba232374e","size":9458,"data":"","first_seen":"2024-01-18T06:40:50Z","last_seen":"2026-06-05T08:22:24.484806Z","times_seen":118,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/polyfill/v3/polyfill.min.js?features=Event,CustomEvent,addEventListener,removeEventListener","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"435a451090061be4c0254761f2f94e1f","sha1":"1a873f8c9a0dfb421e3213dfbbfa8aafa9960d4c","sha256":"6c68769e8470ce89a0f2270529a5d47db00917e3ef9df946dca202098f09d0a2","sha512":"0506dbdede1f984b75421ec86cdd451752ec85b44f5a6f880bc0f06bf8884f1f934f4eafad41ed89015d2118a73bd4dcb20ad4b0d2118e16f311aa25737cf1ab","ssdeep":"","tlshash":"43b012a448824f95eae305c0485602851baf5fc95405d318ce72a41cc862845b2ccc6c","size":104,"data":"","first_seen":"2023-12-16T06:03:22Z","last_seen":"2026-06-11T02:31:30.597261Z","times_seen":23669,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"e4812e9b364cb22ef13c0cf3db22bb1f","sha1":"dcb7d1afdeb465ee1f51d4e6b77f3bda0821f56e","sha256":"4513dc16f9b2202d18cf44fe5ebc6c70ae887cfd7542d07b0cd6d668db6b857b","sha512":"6d53b52a351d55d69046cefb8df1727ca630913274431ad0843a00326cd045a9c32f8bd2b04f0e214b530a86d3973f0bc6bc2a4331c33902b293e399c8aaf982","ssdeep":"","tlshash":"b231122f61b20256097b706dd78b620bb42006275450c55dbe4ecb148f56ac8a032bf5","size":1753,"data":"","first_seen":"2026-01-08T18:47:47.297081Z","last_seen":"2026-01-23T20:15:24.210733Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Plugins/SevenSpikes.Core/Styles/perfect-scrollbar.min.css","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.427Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Plugins/SevenSpikes.Core/Styles/perfect-scrollbar.min.css HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: text/css\r\nLast-Modified: Sat, 23 Nov 2024 03:40:40 GMT\r\nAccept-Ranges: bytes\r\nETag: \"0ac4577593ddb1:0\"\r\nServer: Microsoft-IIS/10.0\r\nServer-Timing: dtSInfo;desc=\"0\", dtRpid;desc=\"207565634\"\r\nDate: Thu, 08 Jan 2026 18:47:10 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nContent-Encoding: gzip\r\nTransfer-Encoding: chunked\r\nX-Iinfo: 14-127319189-127299931 2NYN RT(1767898030419 461) q(0 0 0 -1) r(1 1) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]}],"data":{"size":3024,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2888), with CRLF line terminators","md5":"431495e51fae94dbf78cacbac5a5110d","sha1":"8a8925072b6097a3ad3643cb9eeb1dc7019b7c44","sha256":"3c4aeb9ae4042e1955c3fc6ceda9d3e1be86e6c6be0be73cad21bdd26d0afef4","sha512":"176850c4b21c2ec1d6e77579940b1706be0e7b9e194c25922c3379a482ac9eadd1d4d6d9cb91fc13522c7ee6c8f5b41f368b686303b37e2885fbed99c4ed0d57","ssdeep":"","tlshash":"ef51d544eaad25a471ffd26d7ad59395006cd1f3ec720becb4a97ab1e3433885137088","first_seen":"2024-01-18T06:40:53Z","last_seen":"2026-05-30T19:01:41.495867Z","times_seen":99,"resource_available":false,"data":null}},"time_used":568,"timings":{"blocked":435,"dns":0,"connect":0,"send":0,"wait":133,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Scripts/jquery-3.5.1.min.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.454Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Scripts/jquery-3.5.1.min.js HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nEtag: \"06a879593ddb1:0\"\r\nLast-Modified: Sat, 23 Nov 2024 03:40:44 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 30916\r\nContent-Encoding: gzip\r\nDate: Thu, 08 Jan 2026 18:47:11 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nX-Iinfo: 14-127319189-127294725 2VNN RT(1767898030419 851) q(0 0 0 -1) r(1 1) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]}],"data":{"size":89478,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65450), with CRLF line terminators","md5":"b61aa6e2d68d21b3546b5b418bf0e9c3","sha1":"9c1398f0de4c869dacb1c9ab1a8cc327f5421ff7","sha256":"f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b","sha512":"5882735d9a0239c5c63c5c87b81618e3c8dc09d7d743c3444c535b9547b9b65defa509d7804552c581cb84b61dd1225e2add5dca6b120868ec201fa979504f4b","ssdeep":"1536:/jExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0QlQvaks:/Yh8eip3huuf6IidlrvakdtQ47GK8","tlshash":"3193f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","first_seen":"2023-03-07T01:03:09Z","last_seen":"2026-06-10T17:40:16.725143Z","times_seen":16805,"resource_available":true,"data":null}},"time_used":939,"timings":{"blocked":784,"dns":0,"connect":0,"send":0,"wait":133,"receive":22,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Themes/Element/Content/css/benefits.css","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.532Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Themes/Element/Content/css/benefits.css HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nEtag: \"033d97a593ddb1:0\"\r\nLast-Modified: Sat, 23 Nov 2024 03:40:46 GMT\r\nContent-Type: text/css\r\nContent-Length: 1475\r\nContent-Encoding: gzip\r\nDate: Thu, 08 Jan 2026 18:47:12 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nX-Iinfo: 12-64928826-64925927 2VNN RT(1767898014018 18053) q(0 0 0 -1) r(1 1) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6494,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"f17f198f3afed966a14a47a1a417d4f3","sha1":"76c68802146705c1574db0fa27c748c502e75cce","sha256":"d3d1d9231dd9b10a1783346cc5d393d21c37b5a4d8a83674263f917d02e32e6e","sha512":"8baaba04aa3dcbca834ae15d290463ef67bcfa7b6c99ba2c346be7ec3f487b919ff79555daaccba5f43af046e91e1f11617c82dfd50ebbf8ef8ee74c17c867db","ssdeep":"96:D/ZyxR9rdWiObGNxzgrSOW3xzgj81jVPVopC0gFaYl0hQ4zRjRGi1:D8xWbGjsrSOWBsj81jVPVos0gFaYXp0","tlshash":"2fd1c02d2f026140a57fab6debf20b18d7288423c60955edb7cd9105cff9468a2b1f5d","first_seen":"2026-01-08T18:47:47.187418Z","last_seen":"2026-04-13T00:21:38.953492Z","times_seen":8,"resource_available":false,"data":null}},"time_used":1644,"timings":{"blocked":1521,"dns":0,"connect":0,"send":0,"wait":123,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"prowebimages.blob.core.windows.net/guatemala/0007329_entrada-de-cortesia-a-la-gran-piramide-en-traveling_635.jpeg","fqdn":"prowebimages.blob.core.windows.net","domain":"prowebimages.blob.core.windows.net","tld":"blob.core.windows.net"},"ip":{"addr":"20.209.162.193","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.713Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.blob.core.windows.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft Azure RSA TLS Issuing CA 03","organization":"Microsoft Corporation"},"validity":{"start":"Sun, 28 Sep 2025 16:48:26 GMT","end":"Fri, 27 Mar 2026 16:48:26 GMT"},"fingerprint":{"sha1":"F5:13:AA:13:09:76:83:78:38:09:52:3B:F7:12:7B:8C:50:CD:27:DD","sha256":"B5:3C:74:0B:F7:38:74:A1:60:92:C0:A8:D4:0B:E3:25:3F:8A:81:47:44:77:85:9D:4A:BD:C0:C7:F9:76:EA:9C"}}},"request":{"raw":"GET /guatemala/0007329_entrada-de-cortesia-a-la-gran-piramide-en-traveling_635.jpeg HTTP/1.1\r\nHost: prowebimages.blob.core.windows.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Length: 68535\r\nContent-Type: image/jpeg\r\nContent-MD5: XwWFMR4bnZ6O8QeFtGzjpw==\r\nLast-Modified: Tue, 11 Mar 2025 02:30:42 GMT\r\nETag: 0x8DD6044B8B4E337\r\nServer: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0\r\nx-ms-request-id: c6384ef9-a01e-00b3-63cf-80f577000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\nDate: Thu, 08 Jan 2026 18:47:12 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Microsoft HTTPAPI:2.0","description":"Microsoft HTTPAPI is a kernel-mode HTTP driver in the Windows operating system responsible for handling HTTP requests and responses with efficiency, scalability, and security.","website":"https://learn.microsoft.com/en-us/windows/win32/http/http-api-start-page","common_platform_enumeration":"","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}],"data":{"size":68535,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 635x635, components 3","md5":"5f0585311e1b9d9e8ef10785b46ce3a7","sha1":"1241d26af531b45a9989a6b8c6c0d512bb1c91ad","sha256":"376222971e1d9af2a7bee0ef8a7a19d4b9a462be43a136e695196dacbd799368","sha512":"d6ce879e62f105122dede5bbdcc7474b74efdaf610decffb193a0dfb72e591f7dd92cfc65b06d4d3f64a442b46d82fc3b73a7ed84016ecb59f35aaa870745c8b","ssdeep":"1536:XTqObajAqo8WX1pqRWPvCqLtYVPNTW8knObK9:mObX1eWP6qLGV+9","tlshash":"d363f28c020b490c8b5e5a77f71251dd987e53859f41126e666ceef9c4bef28ce098d2","first_seen":"2026-01-08T18:47:47.188513Z","last_seen":"2026-01-08T18:47:47.188513Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1774,"timings":{"blocked":1675,"dns":0,"connect":0,"send":0,"wait":97,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Themes/Element/Content/img/close-sprite.png","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:12.597Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Themes/Element/Content/img/close-sprite.png HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174; _gcl_au=1.1.76622958.1767898032\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nEtag: \"033d97a593ddb1:0\"\r\nLast-Modified: Sat, 23 Nov 2024 03:40:46 GMT\r\nContent-Type: image/png\r\nContent-Length: 1278\r\nDate: Thu, 08 Jan 2026 18:47:12 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nX-Iinfo: 14-127319187-127318544 2VNN RT(1767898030417 2241) q(0 0 0 -1) r(1 1) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1278,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 22 x 44, 8-bit/color RGBA, non-interlaced","md5":"b8ca2b34bdcc339fc6d7b28ce6f05df7","sha1":"67bbaeaafbc33d4491440f7441d9a72dc2f13676","sha256":"be4f7ec1d0342a37a3478f11ec52cad1df40d852df6b375a42ddfa56c822237c","sha512":"a9523ff74dbda00db59957089682ee6da3cd8319b04aa4ce36c1bbb8d56f6cdd452d6ac4a21db31296fc4eb8a661f6066ff47cc7661f41ee285d9c7085dd328e","ssdeep":"","tlshash":"db21959a728078805f2fe18228f74237da6f040188e8e166798be21f48272b5541d8df","first_seen":"2026-01-08T18:47:47.189746Z","last_seen":"2026-04-13T00:21:38.859758Z","times_seen":8,"resource_available":false,"data":null}},"time_used":164,"timings":{"blocked":43,"dns":0,"connect":0,"send":0,"wait":121,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Themes/Element/Content/img/scroll-button.png","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:12.646Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Themes/Element/Content/img/scroll-button.png HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174; _gcl_au=1.1.76622958.1767898032\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nEtag: \"033d97a593ddb1:0\"\r\nLast-Modified: Sat, 23 Nov 2024 03:40:46 GMT\r\nContent-Type: image/png\r\nContent-Length: 1079\r\nDate: Thu, 08 Jan 2026 18:47:12 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nX-Iinfo: 8-14178468-14175736 2VNN RT(1767898030386 2467) q(0 0 0 -1) r(1 1) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]}],"data":{"size":1079,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 15 x 10, 8-bit/color RGBA, non-interlaced","md5":"910a966f0550e2ad19879ff7c05ad227","sha1":"0376b1767814726157363bfafae94fbc23e88b85","sha256":"e826fbbe8231025cca2cb9461a119ebb27d181186019f7778e34e060ba0b7a6a","sha512":"45ceeb25bf6b09d024774764522d3e1a177cce99fb0e0f04ea562b71d373f68782cacd5b64e274c1aef4a9c3e80b8c7bad7ee28b350797b7249459ab1b97128d","ssdeep":"","tlshash":"0511424eeb52a402d3c8f5813cfac41786114ac0d6c0a5a6bdcbc91b6d35272d41ebe7","first_seen":"2026-01-08T18:47:47.190786Z","last_seen":"2026-04-13T00:21:38.896876Z","times_seen":8,"resource_available":false,"data":null}},"time_used":310,"timings":{"blocked":202,"dns":0,"connect":0,"send":0,"wait":108,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Themes/Element/Content/CSS/mobile-only.css","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.412Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Themes/Element/Content/CSS/mobile-only.css HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: text/css\r\nLast-Modified: Sat, 23 Nov 2024 03:40:46 GMT\r\nAccept-Ranges: bytes\r\nETag: \"033d97a593ddb1:0\"\r\nServer: Microsoft-IIS/10.0\r\nServer-Timing: dtSInfo;desc=\"0\", dtRpid;desc=\"-1290668178\"\r\nDate: Thu, 08 Jan 2026 18:47:10 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nContent-Encoding: gzip\r\nTransfer-Encoding: chunked\r\nX-Iinfo: 14-127319189-127299931 2NYN RT(1767898030419 39) q(0 0 0 -1) r(4 4) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]},{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9717,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"2edb0396e91ce3e212ad993cef56cfdc","sha1":"3853966cad66e499d3f93888f21d6d52da7468d9","sha256":"1a6eaa4b08f22ffb96ea4d33c5976ff8e29bca985d032a0b75e099c194db401e","sha512":"16183f1d66ae9e7bfb3ac2ec4eb7b367e04fa1d773d7aaa8f06db06b06f6453a272fcade4b0b0ccb124282cb715e8a46d73344eac6c510b54f8e55ac3d073d97","ssdeep":"192:9I3BKsnkauOMBJFXX0NwmkSsdhZQHuBMihUaa+ycRszDyVlsKBa+VsQg5JJic:9W8BJNX0OmkSsdhZQOBMihfszWV3VI55","tlshash":"4b126498e6a0314d2207eb24f3f80bd56f1d11a46f0f4a7df589215e17cb9a826b33d9","first_seen":"2026-01-08T18:47:47.19173Z","last_seen":"2026-04-13T00:21:38.949333Z","times_seen":8,"resource_available":false,"data":null}},"time_used":508,"timings":{"blocked":26,"dns":1,"connect":25,"send":0,"wait":423,"receive":1,"ssl":26},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"connect.facebook.net/en_US/fbevents.js","fqdn":"connect.facebook.net","domain":"facebook.net","tld":"net"},"ip":{"addr":"31.13.72.12","port":443,"asn":32934,"as":"FACEBOOK","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:12.344Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.facebook.com","organization":"Meta Platforms, Inc."},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Sat, 18 Oct 2025 00:00:00 GMT","end":"Fri, 16 Jan 2026 23:59:59 GMT"},"fingerprint":{"sha1":"04:A5:36:3C:27:7A:C7:C7:99:CA:77:51:B5:0C:41:5C:2F:96:C4:18","sha256":"09:F8:7C:14:A5:59:BF:A1:A3:19:AA:BD:F5:CF:25:1F:8F:07:9D:C7:92:CF:4E:EE:BD:30:FC:00:A0:53:DC:A1"}}},"request":{"raw":"GET /en_US/fbevents.js HTTP/1.1\r\nHost: connect.facebook.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-type: application/x-javascript; charset=utf-8\r\ntiming-allow-origin: *\r\nreporting-endpoints: coop_report=\"https://www.facebook.com/browser_reporting/coop/?minimize=0\", coep_report=\"https://www.facebook.com/browser_reporting/coep/?minimize=0\", permissions_policy=\"https://www.facebook.com/ajax/browser_error_reports/\"\r\nreport-to: {\"max_age\":2592000,\"endpoints\":[{\"url\":\"https:\\/\\/www.facebook.com\\/browser_reporting\\/coop\\/?minimize=0\"}],\"group\":\"coop_report\",\"include_subdomains\":true}, {\"max_age\":86400,\"endpoints\":[{\"url\":\"https:\\/\\/www.facebook.com\\/browser_reporting\\/coep\\/?minimize=0\"}],\"group\":\"coep_report\"}, {\"max_age\":21600,\"endpoints\":[{\"url\":\"https:\\/\\/www.facebook.com\\/ajax\\/browser_error_reports\\/\"}],\"group\":\"permissions_policy\"}\r\ncontent-security-policy: default-src 'self' blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;script-src 'nonce-vuiUnlMV' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self';style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: https://edge-chat.facebook.net https://edge-chat-latest.facebook.net wss://edge-chat-latest.facebook.net wss://edge-chat.facebook.net wss://edge-chat.socialplugin.facebook.net wss://edge-chat-latest.socialplugin.facebook.net https://edge-chat.socialplugin.facebook.net https://edge-chat-latest.socialplugin.facebook.net *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com;font-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;img-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;media-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;child-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;frame-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;manifest-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;object-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;worker-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c\u0026minimize=0;require-trusted-types-for 'script';\r\nx-frame-options: DENY\r\ndocument-policy: force-load-at-top, include-js-call-stacks-in-crash-reports\r\npermissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to=\"permissions_policy\"\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-embedder-policy-report-only: require-corp;report-to=\"coep_report\"\r\ncross-origin-opener-policy: same-origin-allow-popups\r\npragma: public\r\ncache-control: public, max-age=1200\r\nexpires: Sat, 01 Jan 2000 00:00:00 GMT\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\norigin-agent-cluster: ?1\r\nx-fb-optimizer: 0\r\nstrict-transport-security: max-age=31536000; preload; includeSubDomains\r\nx-fb-debug: D7cOt3fYYdrOsIpEqgWlSR8EgwPAuk9NBVCjfQ8ERTEMqloapzNmepIMSL3AEJV0onqz8dsDursVbAevZ3ZjBQ==\r\ncontent-length: 92567\r\ndate: Thu, 08 Jan 2026 18:47:12 GMT\r\nx-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=13, mss=1380, tbw=3431, tp=-1, tpl=-1, uplat=1, ullat=-1\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":354310,"size_decoded":0,"mime_type":"application/x-javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (9255)","md5":"bbe14db0b80ce59d649046e1c8e9a6c6","sha1":"d88d61f179bd9bb989cd3003977ec8f3f1585ed3","sha256":"7ee642ece119235be6a2df7147e6265c85594b51630db07bb7fefdf03810cc36","sha512":"dae1e77ff5710bee64096032dd7da012132b8f8bda1b7a35d215bee1b0ae94716443cc36570a46219ba377364c1433fa1317f0cc7bcb238a32961a8e416eddbd","ssdeep":"6144:x7gA2fwVLQyB5Qb2qlXorxUXGRtThLydO5vBmK:QgDQ38bIK","tlshash":"ff74b6c970e2b0a207b675ac566f9007b2bbd5a538ccc920e95cedc86d7c49e4133e76","first_seen":"2025-12-17T04:39:36.429427Z","last_seen":"2026-06-06T11:35:15.734387Z","times_seen":810,"resource_available":true,"data":null}},"time_used":253,"timings":{"blocked":110,"dns":0,"connect":10,"send":0,"wait":9,"receive":24,"ssl":96},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/ProductRibbons/RetrieveProductRibbons","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:12.673Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"POST /guatemala/ProductRibbons/RetrieveProductRibbons HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json; charset=utf-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 563\r\nOrigin: https://www.clubpromerica.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174; _gcl_au=1.1.76622958.1767898032\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":563,"data":"{\"productPageId\":0,\"categoryPageIds\":[\"5201\",\"5184\",\"5143\",\"5187\",\"5175\",\"5173\",\"5186\",\"5185\",\"5182\",\"5183\",\"5167\",\"5181\",\"5119\",\"5118\",\"5136\",\"5094\",\"2726\",\"5005\",\"5004\",\"5003\",\"5062\",\"4805\",\"4933\",\"2801\",\"4292\",\"2802\",\"4865\",\"4862\",\"4863\",\"4861\",\"4845\",\"4280\",\"4815\",\"4788\",\"4720\",\"4721\",\"4710\",\"4709\",\"4703\",\"4624\",\"4623\",\"4410\",\"4390\",\"4580\",\"4538\",\"4140\",\"4542\",\"4293\",\"4083\",\"4428\",\"4383\",\"4646\",\"4647\",\"4464\",\"4381\",\"4321\",\"4604\",\"2940\",\"2953\",\"2954\",\"3105\",\"3397\",\"466\",\"4141\",\"4771\",\"4772\",\"4786\",\"4791\",\"4792\",\"4832\",\"4836\",\"4847\",\"4883\",\"4885\",\"4886\"]}"}},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: private\r\nContent-Type: text/html; charset=utf-8\r\nServer: Microsoft-IIS/10.0\r\nx-dt-tracestate: d4751df5-dd6af23e@dt\r\ntraceresponse: 00-602b6865eca5e637d16965cf0bd2606f-193f4a011f865bb7-01\r\nSet-Cookie: NOPCOMMERCE.AUTH=; expires=Tue, 12-Oct-1999 05:00:00 GMT; path=/; HttpOnly; SameSite=Lax\nNop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174; expires=Fri, 08-Jan-2027 18:47:12 GMT; path=/; HttpOnly\r\nX-OneAgent-JS-Injection: true\r\nX-ruxit-JS-Agent: true\r\nTiming-Allow-Origin: *\r\nServer-Timing: dtSInfo;desc=\"0\", dtRpid;desc=\"1324663167\", dtTao;desc=\"1\"\r\nDate: Thu, 08 Jan 2026 18:47:12 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nContent-Encoding: gzip\r\nTransfer-Encoding: chunked\r\nX-Iinfo: 12-64928826-64928833 SNYN RT(1767898014018 18683) q(0 0 0 -1) r(3 3) U6\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]},{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"ASCII text, with CRLF line terminators","md5":"ed19ca99581136d44b35bbb2240a6bf6","sha1":"d0ac1626cb4713dd5e6b3ff63d818efac90ab4b3","sha256":"aea52d27230b89ca1b732866afbe137a98e65100049a56b3293def8d5fe7dda0","sha512":"d785955c6486bbfdd24879a66814e7fec52a179f2a1b41a010e5896da3cf0753b1ae0ec4db029b6f4e2fb545fcd3b633fc3196f7d1c0cf643b9ba7755a1292a1","ssdeep":"","tlshash":"7540000c000300000300000000000c0000000000c0000000300003000000000000000c","first_seen":"2023-03-07T14:01:22Z","last_seen":"2026-06-10T02:56:43.85075Z","times_seen":372,"resource_available":true,"data":null}},"time_used":325,"timings":{"blocked":7,"dns":0,"connect":0,"send":0,"wait":317,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3\u0026ns=1\u0026cb=1729059611","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.clubpromerica.com/","date":"2026-01-08T18:46:54.675Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3\u0026ns=1\u0026cb=1729059611 HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: no-cache, no-store\r\nContent-Type: application/javascript\r\nContent-Encoding: gzip\r\nX-Robots-Tag: noindex\r\nContent-Length: 19131\r\nStrict-Transport-Security: max-age=31536000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":80124,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"373b4bf60856d13a74ed814856e7394c","sha1":"19a41d1f73cd45514b204cb77917de8b34e52637","sha256":"fc601eb9861ba62a668bfe019e37f9192f12dbf4abbd1dc9d46fcff9bdb65453","sha512":"df341f5bbbc3d3488f764f8a17b42c1ddd8c698d7564a42da0017c55b2cf513a549b839277e6e554f54efc2226126f61cb5684d750d6601f29ff1bda626f1c52","ssdeep":"1536:/lQti0G6pj0aIKqO/hFUxm5zhWlAI+qLBDYadONInSV4rkjyUroztejkXAuA4H4E:/lQti0G6pj0aIKqO/vUxm5zhKAI+qLBJ","tlshash":"1f73f0d47ac5f80726ce5a73bf0a79e9e07a98b7a4c4b6478254b69d24fc503c1a4cf0","first_seen":"2026-01-08T18:47:47.195822Z","last_seen":"2026-01-08T18:47:47.195822Z","times_seen":1,"resource_available":true,"data":null}},"time_used":164,"timings":{"blocked":51,"dns":1,"connect":23,"send":0,"wait":33,"receive":24,"ssl":28},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Plugins/SevenSpikes.Nop.Plugins.SmartProductCollections/Themes/Element/Content/SmartProductCollections.css","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.429Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Plugins/SevenSpikes.Nop.Plugins.SmartProductCollections/Themes/Element/Content/SmartProductCollections.css HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nEtag: \"0d97678593ddb1:0\"\r\nLast-Modified: Sat, 23 Nov 2024 03:40:42 GMT\r\nContent-Type: text/css\r\nContent-Length: 3558\r\nContent-Encoding: gzip\r\nDate: Thu, 08 Jan 2026 18:47:10 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nX-Iinfo: 14-127319187-127318668 2VNN RT(1767898030417 468) q(0 0 0 -1) r(1 1) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":23352,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"46fe3258e3f3c47f8cb530b376eb6d59","sha1":"d8a41d27f5662bc5b28ca1d5279eaa73bb73e144","sha256":"eaba14ecd5ac01c8d31334f4080eae6d4b9d100fa7fdc7b0242772fbed566d00","sha512":"44d72e812479763b8b6b7cf9700041b74d94948464acc56e64c9bff49964d840649ea88e9fd4ae3212fb604bb53e0fcb0e5d0b40a5f4832902cf7d9d1e962b64","ssdeep":"192:UaMPhxGadVuKwVtvOV25Qo/VCk9LAAQy+tJpbBqUiJmBYuYNOEQBbIG6YimRYzGD:cVuVtGV2PtCgnFyp1bIqLLXzaU/H1EpC","tlshash":"3aa2cebcc7dd254ef20b6390d3fe591ebe9920a09faf49f8a88e9748d3050045929db5","first_seen":"2026-01-08T18:47:47.197503Z","last_seen":"2026-04-13T00:21:38.918033Z","times_seen":8,"resource_available":false,"data":null}},"time_used":567,"timings":{"blocked":434,"dns":0,"connect":0,"send":0,"wait":132,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Administration/Scripts/kendo/2014.1.318/kendo.popup.min.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.484Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Administration/Scripts/kendo/2014.1.318/kendo.popup.min.js HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nEtag: \"071ed6e593ddb1:0\"\r\nLast-Modified: Sat, 23 Nov 2024 03:40:26 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 3200\r\nContent-Encoding: gzip\r\nDate: Thu, 08 Jan 2026 18:47:11 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nX-Iinfo: 14-127319190-127319238 2VNN RT(1767898030426 1170) q(0 0 0 -1) r(1 1) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7264,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (6830), with CRLF line terminators","md5":"bd2642717b6ae619125b7a0900293748","sha1":"b9ada9325b8e888acb23be1a87654addffb7ee63","sha256":"4c0fc20058bb6591b2f4abe417d4631f582e0c04e99831dd3b43b257e5c94266","sha512":"41b7baba680c56d00fd0b1751180c56d2a27a4a0cc5eb43b04140a10f90f2240d3f694707a6839831196db2e3872151a9c7b5bcc088c75cba5d4e778c350f9cb","ssdeep":"96:WSE2e27lLJl5LAQXpMuWcG6rviW/OA/t+GD3xtTUF/zeZxV54EbqVqe:WSteUtM0GeiyOA/vDTy4xZqVD","tlshash":"9ce1d7d8f10176d311ef6797226fa05971339268a00a4078f22ad1e82f56dc533a3ebd","first_seen":"2023-03-09T01:01:24Z","last_seen":"2026-05-15T04:10:43.897565Z","times_seen":67,"resource_available":true,"data":null}},"time_used":1224,"timings":{"blocked":1094,"dns":0,"connect":0,"send":0,"wait":125,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Scripts/modal-popup.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.732Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Scripts/modal-popup.js HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nEtag: \"06a879593ddb1:0\"\r\nLast-Modified: Sat, 23 Nov 2024 03:40:44 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 586\r\nContent-Encoding: gzip\r\nDate: Thu, 08 Jan 2026 18:47:11 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nX-Iinfo: 14-127319187-127303957 2VNN RT(1767898030417 1691) q(0 0 0 -1) r(1 1) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1333,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"91653944fad84af530e9da5a2728809f","sha1":"3c40029bc10e8fa9f7b5564f9ab6b36798dca0d0","sha256":"ba92618b3aa7a9793b01e588006dde8efca7ff01d1a79349047e4a28d2ade3d3","sha512":"292e8021e5deb99a2db86a7215c050ddb2487d7f7398a95fa5fd4552aecaeea7c3617e9b631610558e2fb059ad79c9dd7121b5cab8ebcef0c2f9d46c7b5bda86","ssdeep":"","tlshash":"f821dc9e3a39263581ff1b3b77067718fd60005749018403b59cce801f78d26666bca9","first_seen":"2026-01-08T18:47:47.200336Z","last_seen":"2026-04-13T00:21:38.952693Z","times_seen":8,"resource_available":true,"data":null}},"time_used":1478,"timings":{"blocked":1359,"dns":0,"connect":0,"send":0,"wait":119,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Themes/Element/Content/css/theme.custom-1.css?v=2","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.452Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Themes/Element/Content/css/theme.custom-1.css?v=2 HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nEtag: \"033d97a593ddb1:0\"\r\nLast-Modified: Sat, 23 Nov 2024 03:40:46 GMT\r\nContent-Type: text/css\r\nContent-Length: 2975\r\nContent-Encoding: gzip\r\nDate: Thu, 08 Jan 2026 18:47:11 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nX-Iinfo: 12-64928826-64925927 2VNN RT(1767898014018 17227) q(0 0 0 -1) r(3 3) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":19264,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"051984af825c08ad173e71b490ff3068","sha1":"6079d1c851e3fc4c5865dced76f13a8adeffa9f6","sha256":"8e0b0a99c45c4b362f6fdfd634e401e03b4a6b0380f714d57ff80edab9966840","sha512":"d6cb6f85651d8d2c95cee642dc4287aace7fc57322e024659b6bc138345d321d67d2eebef12ece15d5fc11938548e0aabf360a32c37731f023256eb1a37c2122","ssdeep":"192:AhjDDz/kbTXrDhOHbL4X4X4D4ACcLZbGojuozfbxp4X4X4D4GLZb1ag4yIyIlHwO:NOv6oO9LZbGVK6oOjLZbGxBlp8MN5tN","tlshash":"7c82ee94c363169c12b6c31472033892bb05f1bcabfb51f1f85d818e5b7904baa65b9f","first_seen":"2026-01-08T18:47:47.201417Z","last_seen":"2026-04-13T00:21:38.919063Z","times_seen":8,"resource_available":false,"data":null}},"time_used":1093,"timings":{"blocked":775,"dns":0,"connect":0,"send":0,"wait":317,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Scripts/jquery-ui-1.10.3.custom.min.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.467Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Scripts/jquery-ui-1.10.3.custom.min.js HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nEtag: \"06a879593ddb1:0\"\r\nLast-Modified: Sat, 23 Nov 2024 03:40:44 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 60476\r\nContent-Encoding: gzip\r\nDate: Thu, 08 Jan 2026 18:47:11 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nX-Iinfo: 13-88454096-88451775 2VNN RT(1767898014715 16733) q(0 1 1 -1) r(1 1) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]}],"data":{"size":228144,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (64555), with CRLF line terminators","md5":"3dde0f1e2ec9d563ee17524aeed7b1df","sha1":"40167829fa08e20c9996f764871d3d81fee0a941","sha256":"672493ffdd244da63aae11625f20792e05aa2b42efda879760ef7add340eb950","sha512":"f52c0694034ede05a2c297b11c93d541a37b3eb4c011e03f0a392717bd1faaa04ed2b4fdf7e855130184fd1ac6df36e37cd3fe053768db66e630906cd4f3eaf2","ssdeep":"3072:mTHQDWyMcDtOFOFKjax4Uja+03+TpB0FQodXO67uWm21q:mrcW1COcIO9a+NTpCFQyw","tlshash":"6c24f84d72413636a1efe2a5103b2a0fa237655da605805cb03cc9ee9e7dd4431bbf7a","first_seen":"2023-03-08T00:10:25Z","last_seen":"2026-06-09T19:56:01.864891Z","times_seen":565,"resource_available":true,"data":null}},"time_used":1110,"timings":{"blocked":963,"dns":0,"connect":0,"send":0,"wait":122,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Scripts/public.common.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.473Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Scripts/public.common.js HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nEtag: \"06a879593ddb1:0\"\r\nLast-Modified: Sat, 23 Nov 2024 03:40:44 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 3808\r\nContent-Encoding: gzip\r\nDate: Thu, 08 Jan 2026 18:47:11 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nX-Iinfo: 14-127319189-127318668 2VNN RT(1767898030419 1114) q(0 0 0 -1) r(1 1) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]}],"data":{"size":20082,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"6946e640361f38152cfcc707ee932f68","sha1":"f2b27a372b451205c9750e65ddb5b389cd4d58b7","sha256":"7b829fa64d38d8c8299b2c864bc0d97e9e4fc141db1fc23991fc4b4c3b000af3","sha512":"e6f41d73c6279dc1b922244e595d2a9ef602f4775a23948ff0f3801bd5f60b39167a46a29749d3eb9b51e8d45715950a524ec73c12087ab2acf7687005c25a40","ssdeep":"384:ucOKZXtUK4I7QK5CKi9WdCiG9pgviei8i7i9iRiEvk4Ci2i+k4+R3f+RBn:ucOKZXtUK4oQK5CzssvxesYxsH3HF6n","tlshash":"4e92529834b105318dbb27769e637508fa2202771a018965febdf1b04f70d6692e6fec","first_seen":"2026-01-08T18:47:47.206972Z","last_seen":"2026-04-13T00:21:38.870879Z","times_seen":8,"resource_available":true,"data":null}},"time_used":1161,"timings":{"blocked":1042,"dns":0,"connect":0,"send":0,"wait":118,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Administration/Scripts/kendo/2014.1.318/kendo.list.min.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.486Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Administration/Scripts/kendo/2014.1.318/kendo.list.min.js HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nEtag: \"071ed6e593ddb1:0\"\r\nLast-Modified: Sat, 23 Nov 2024 03:40:26 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 4749\r\nContent-Encoding: gzip\r\nDate: Thu, 08 Jan 2026 18:47:11 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nX-Iinfo: 14-127319189-127318668 2VNN RT(1767898030419 1236) q(0 0 0 -1) r(1 1) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":12055,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (11621), with CRLF line terminators","md5":"d66451f0f4e67bbd66568a225dda476b","sha1":"d93a9235b74979a528b9004f3aa0f14be223c0b5","sha256":"4a86b246649930140be8736e47984eac1932279365df19d41a6ee7f8cf26d3cd","sha512":"6f83d07918521a9367efffbecfd0af81775d42d89976936b9fbad68c30c4d06197de4ed046cef1d123dac78f52fbb89aa1d2502caaee6910cedabb4463fc22f7","ssdeep":"192:WS9uk/RYoQ2fDv69tIaLnCeeQr6vUU6KOQxHi/Hsxy6WA+dUtDmowKD:593/RlQ2fDvQtIECSQUUyQ1iPz6eqt5/","tlshash":"0c42b789b1c4b12592ef20f256ff68092337794c591a84f0b126c6d62e34e8db357e2f","first_seen":"2023-03-09T01:01:24Z","last_seen":"2026-05-15T04:10:43.936412Z","times_seen":67,"resource_available":true,"data":null}},"time_used":1270,"timings":{"blocked":1148,"dns":0,"connect":0,"send":0,"wait":121,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Plugins/SevenSpikes.Core/Scripts/perfect-scrollbar.min.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.500Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Plugins/SevenSpikes.Core/Scripts/perfect-scrollbar.min.js HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nEtag: \"0ac4577593ddb1:0\"\r\nLast-Modified: Sat, 23 Nov 2024 03:40:40 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 3367\r\nContent-Encoding: gzip\r\nDate: Thu, 08 Jan 2026 18:47:11 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nX-Iinfo: 13-88454096-88451775 2VNN RT(1767898014715 17202) q(0 0 0 -1) r(1 1) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]}],"data":{"size":9458,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (9322), with CRLF line terminators","md5":"8a6a54157143a473b93143f9e7245ef7","sha1":"6d08560b1949a785bb4b61c17b1515b99d438b4c","sha256":"cf38b3f65e6a277b29a96ad926cceb760e9b296a5749fe65bbb9d8983bf492e9","sha512":"fc09446dc74514b4e9cca98ac990757a57e92846266f9f162de646e4dc6e0b31dae7d4db3fce44d4419f390df18ced9f16f4f9ebc437b7b3bdfe07cf7b3555f0","ssdeep":"192:jlTWrZmceIeQy2PAoj3XBUxgLXNArE4SKMZMIMX5Lo:jorZpRXBUxgzNA0XyxpLo","tlshash":"e312638cb21474a912ef5869e2cf9b07b16558137a2f80905425edb43f7dfba232374e","first_seen":"2024-01-18T06:40:50Z","last_seen":"2026-06-05T08:22:24.484806Z","times_seen":118,"resource_available":true,"data":null}},"time_used":1521,"timings":{"blocked":1400,"dns":0,"connect":0,"send":0,"wait":120,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Themes/Element/Content/fonts/NunitoSans-VariableFont.ttf","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:12.129Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Themes/Element/Content/fonts/NunitoSans-VariableFont.ttf HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala/Themes/Element/Content/CSS/styles.css\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/octet-stream\r\nLast-Modified: Sat, 23 Nov 2024 03:40:45 GMT\r\nAccept-Ranges: bytes\r\nETag: \"033d97a593ddb1:0:dtagent10327251022105625IUWH\"\r\nServer: Microsoft-IIS/10.0\r\nServer-Timing: dtSInfo;desc=\"0\", dtRpid;desc=\"850432912\"\r\nDate: Thu, 08 Jan 2026 18:47:12 GMT\r\nContent-Length: 569372\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nX-Iinfo: 13-88454096-88455131 NNNN CT(96 96 0) RT(1767898014715 17479) q(0 0 2 -1) r(3 4) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]},{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":569372,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 21 tables, 1st \"GDEF\", 41 names, Microsoft, language 0x409","md5":"e7f409eb0d8afdc0e025cc2bd0987e4f","sha1":"0bc82dfdb6c913d99eedb88d55e5d61b33ecd210","sha256":"585d07756a7f5cca34de3e622a23f5e98d60efc96ac9c9e7c6bc251fea040854","sha512":"e7e02523f5cedbaa2fab59d13443f16192953ec9510cc2b118d2022003d63c88ea3ed7dff39257686baaf569aa144207edc10630161046bf118e03ca1a3e5b60","ssdeep":"6144:tjI4LVgUCXFM7WZFUXWjuaz69tk5AEit+hul5H0i8:xI4xgUCXFMaDlzn5FiWY5Hq","tlshash":"7fc41787fb0beec5c043973051b71265473b0cb8bf5b97490e69be36ecb2281ad46694","first_seen":"2024-06-10T04:42:41Z","last_seen":"2026-06-09T21:45:33.746806Z","times_seen":211,"resource_available":false,"data":null}},"time_used":945,"timings":{"blocked":47,"dns":0,"connect":0,"send":0,"wait":412,"receive":486,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Plugins/SevenSpikes.Nop.Plugins.MegaMenu/Themes/Element/Content/MegaMenu.css","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.434Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Plugins/SevenSpikes.Nop.Plugins.MegaMenu/Themes/Element/Content/MegaMenu.css HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nEtag: \"0d97678593ddb1:0\"\r\nLast-Modified: Sat, 23 Nov 2024 03:40:42 GMT\r\nContent-Type: text/css\r\nContent-Length: 1646\r\nContent-Encoding: gzip\r\nDate: Thu, 08 Jan 2026 18:47:11 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nX-Iinfo: 14-127319189-127294725 2VNN RT(1767898030419 595) q(0 0 0 -1) r(1 1) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7042,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"5df1094e442328dd6840bca1070aa5ba","sha1":"9754b644dc5afda8947d0e18a4cd32fafe867e9d","sha256":"1b7a63fe181eeaec2cdd31bef11bb51263545af41eb49463c3e87a1e91d2a49d","sha512":"76f1d4dab570da204fbbebf07c8834098034b4b67257c4cd1bd5c9649e77c4001eb73c6b093eee9cdbcdae79de2da8ff811e9e80b071d6f48df48f6a97be2a75","ssdeep":"192:qUanUUVo9QBVx/O+4udgoEZIXqOihUYP6sh:/HX","tlshash":"c3e1de14cd9296c4317ee279eb971709e79d41a3938981a876f8710c0f7471aa0ddfec","first_seen":"2026-01-08T18:47:47.216215Z","last_seen":"2026-04-13T00:21:38.804228Z","times_seen":8,"resource_available":false,"data":null}},"time_used":685,"timings":{"blocked":562,"dns":0,"connect":0,"send":0,"wait":122,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"prowebimages.blob.core.windows.net/guatemala/0008942_casa-santo-domingo-spa-12-de-descuento-en-masajes_635.png","fqdn":"prowebimages.blob.core.windows.net","domain":"prowebimages.blob.core.windows.net","tld":"blob.core.windows.net"},"ip":{"addr":"20.209.162.193","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.578Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.blob.core.windows.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft Azure RSA TLS Issuing CA 03","organization":"Microsoft Corporation"},"validity":{"start":"Sun, 28 Sep 2025 16:48:26 GMT","end":"Fri, 27 Mar 2026 16:48:26 GMT"},"fingerprint":{"sha1":"F5:13:AA:13:09:76:83:78:38:09:52:3B:F7:12:7B:8C:50:CD:27:DD","sha256":"B5:3C:74:0B:F7:38:74:A1:60:92:C0:A8:D4:0B:E3:25:3F:8A:81:47:44:77:85:9D:4A:BD:C0:C7:F9:76:EA:9C"}}},"request":{"raw":"GET /guatemala/0008942_casa-santo-domingo-spa-12-de-descuento-en-masajes_635.png HTTP/1.1\r\nHost: prowebimages.blob.core.windows.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Length: 690247\r\nContent-Type: image/png\r\nContent-MD5: UUmIjd1Jt6NrGUmHMGasEg==\r\nLast-Modified: Wed, 10 Dec 2025 03:46:38 GMT\r\nETag: 0x8DE379EB9196883\r\nServer: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0\r\nx-ms-request-id: 9ea79b5f-a01e-0047-24cf-803e81000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\nDate: Thu, 08 Jan 2026 18:47:12 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Microsoft HTTPAPI:2.0","description":"Microsoft HTTPAPI is a kernel-mode HTTP driver in the Windows operating system responsible for handling HTTP requests and responses with efficiency, scalability, and security.","website":"https://learn.microsoft.com/en-us/windows/win32/http/http-api-start-page","common_platform_enumeration":"","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}],"data":{"size":690247,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 635 x 635, 8-bit/color RGBA, non-interlaced","md5":"5149888ddd49b7a36b1949873066ac12","sha1":"7f9de7af22ec5daaf9936c754784468687382097","sha256":"b01a11e283f1871e7da3a8567529dd856ceda87f60135d65cff7666a0c0d1436","sha512":"11807c09a895976a00321191d3302bf6ad6f7f4b14c70a513134e0241cdbf89da3b86229e4125e3459d02282f414b551a7057fbe280ebb999b8b7fa8ec11c60d","ssdeep":"12288:+NSbJx84Ngkh/bp1J5pIqq39hBefoxhojuvrjTvDghmctiauSwr0kO7WVD6KwB39:+oJxROO/bpT3/4BfxWjILv85mDlw99Xr","tlshash":"51e42393a17630a64d5f35bfa787a6b27ff24624c3bc8904749163efc647714278e122","first_seen":"2026-01-08T18:47:47.217267Z","last_seen":"2026-01-08T18:47:47.217267Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2118,"timings":{"blocked":1598,"dns":0,"connect":0,"send":0,"wait":121,"receive":399,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Content/Images/twitter.png?v=1","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:12.565Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Content/Images/twitter.png?v=1 HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala/Themes/Element/Content/CSS/ClubPromerica.css?v=2\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174; _gcl_au=1.1.76622958.1767898032\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nEtag: \"0cb4f71593ddb1:0\"\r\nLast-Modified: Sat, 23 Nov 2024 03:40:30 GMT\r\nContent-Type: image/png\r\nContent-Length: 1769\r\nDate: Thu, 08 Jan 2026 18:47:12 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nX-Iinfo: 8-14178468-14175705 2VNN RT(1767898030386 2135) q(0 0 0 -1) r(1 1) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]}],"data":{"size":1769,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 142 x 142, 8-bit/color RGBA, non-interlaced","md5":"64544bd4e6671b1cc39b488f612f1ded","sha1":"6160af020c987fb981b306f6b499bad830dc1788","sha256":"87c44ed479c22d12bc4235624bb8a20743ffc9d6904f233152efde7a9dd27231","sha512":"1a0e1947592cce0e66b2773ccfe41cfc4b35b2d2e30c0a2c6d6f14187ea7e212ce4b276c46b0ad31bb8380fe4a153bc0473d65b9592a86faf0a95d64fd734e4e","ssdeep":"","tlshash":"7c3129e38368f181ca83333f5e876fb38c2758af15a7350af15e882d1299d288e1c201","first_seen":"2026-01-08T18:47:47.21835Z","last_seen":"2026-04-13T00:21:38.928291Z","times_seen":8,"resource_available":false,"data":null}},"time_used":111,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":111,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/nunitosans/v19/pe0AMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfUVwoNnq4CLz0_kJ3xzHGAVFIF2w.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.clubpromerica.com/","date":"2026-01-08T18:46:54.972Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/nunitosans/v19/pe0AMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfUVwoNnq4CLz0_kJ3xzHGAVFIF2w.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.clubpromerica.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 49580\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 08 Jan 2026 16:33:18 GMT\r\nexpires: Fri, 08 Jan 2027 16:33:18 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 16 Sep 2025 13:31:20 GMT\r\ncontent-type: font/woff2\r\nage: 8017\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":49580,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 49580, version 1.0","md5":"700f45bd8200afec6e792096b626f88c","sha1":"d5deafd7f3bf1d1e81c457ed33e4bfcae9491332","sha256":"b8649c5603466af5eac426de0f7949e40cc3d7fab35f0d7db0a756a61028231d","sha512":"4e04907d7700e7b1d5e4c7e755a99fd27970322cef9235de1e038f9ed8e46eb17b368566aba13752c70008877d11db282454024c1405646d6d713244f045e8b6","ssdeep":"1536:yVdrD5lVFgypda4uI+pU3LNCb/h+39uwdT:Wrl5TpgxZa3JCb/Qow5","tlshash":"7b230290baa4b4e45b7abf3776e350b4740cc2f9b89901ac54aca39bbd71034e191c02","first_seen":"2025-09-17T07:38:58.307435Z","last_seen":"2026-06-10T17:34:13.691044Z","times_seen":2069,"resource_available":false,"data":null}},"time_used":328,"timings":{"blocked":153,"dns":1,"connect":9,"send":0,"wait":13,"receive":2,"ssl":146},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Themes/Element/Content/scripts/element.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.501Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Themes/Element/Content/scripts/element.js HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nEtag: \"033d97a593ddb1:0\"\r\nLast-Modified: Sat, 23 Nov 2024 03:40:46 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 4730\r\nContent-Encoding: gzip\r\nDate: Thu, 08 Jan 2026 18:47:11 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nX-Iinfo: 12-64928826-64925927 2VNN RT(1767898014018 17929) q(0 0 0 -1) r(1 1) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]}],"data":{"size":24093,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"6f114861fa30339fbb5cd7be6d2eb747","sha1":"a1b0a17acfea9d5377abbdf1cfe01cb7b113713a","sha256":"2956b00edaf510343771d6a6cd78bfc65b575c969bb0456ea8abbee5ea6e7425","sha512":"e90b06b87705944ffd073897aa1daec2e09db80f0534d735f48cea5eea9bcbf9d1984999554657d9cbc01cc3835ae1ef1f26fbda9a86c8e5ad67710a2a3205c2","ssdeep":"384:Hv77oQzetsbm3JG61f48J0fJBIOgK5lCp:xUNAq0RWK5Up","tlshash":"1fb24319b11033a454bf3379da779084ef3b522b81459350bdac6b8d1fb2090b6a7f9e","first_seen":"2026-01-08T18:47:47.220462Z","last_seen":"2026-04-13T00:21:38.969225Z","times_seen":8,"resource_available":true,"data":null}},"time_used":1551,"timings":{"blocked":1428,"dns":0,"connect":0,"send":0,"wait":122,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Themes/Element/Content/CSS/modal-popup.css","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.503Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Themes/Element/Content/CSS/modal-popup.css HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nEtag: \"033d97a593ddb1:0\"\r\nLast-Modified: Sat, 23 Nov 2024 03:40:46 GMT\r\nContent-Type: text/css\r\nContent-Length: 559\r\nContent-Encoding: gzip\r\nDate: Thu, 08 Jan 2026 18:47:11 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nX-Iinfo: 8-14178468-14175705 2VNN RT(1767898030386 1619) q(0 0 0 -1) r(1 1) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]}],"data":{"size":1717,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"6cb9ae0eb621f9b0ff3204f80305472f","sha1":"b6005ca60ba93c164ae857c3407dcc9405ddc1ee","sha256":"bbd469d3ae10ffa8379a01125fd34a9bd78853d36d574cc53d02bc205c03d276","sha512":"8b633eb9351a06c58d62906d1ff7b00be98ee80036b52eed36841ad88ddd9d5b8f43e18b35264f25d4c88776ced360caafa9788d9004200ffe5b80c797401cec","ssdeep":"","tlshash":"0031cc64ce112182a57b83695bf14b2cc37980a7df03466c77e9734a9fb02782461fd8","first_seen":"2026-01-08T18:47:47.22208Z","last_seen":"2026-04-13T00:21:38.829209Z","times_seen":8,"resource_available":false,"data":null}},"time_used":1605,"timings":{"blocked":1497,"dns":0,"connect":0,"send":0,"wait":108,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/_Incapsula_Resource?SWKMTFSR=1\u0026e=0.42119935136611175","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.clubpromerica.com/","date":"2026-01-08T18:46:55.008Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /_Incapsula_Resource?SWKMTFSR=1\u0026e=0.42119935136611175 HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; ___utmvc=60f3CLHZuLBDKMcE+6Bty7gdWUvtUeVJsIk3H5s23kT9ZWwz0QTiZ2jkoMqFG9vG3ig5upt9KaW6x5+WtDM38FnKDZ+d1DtalpQ4sU4NMWyUOMqyjrpcV/zgFJmhUb3d9pnyZsBj3g7jBPspi5BQK3QK5PUIy75zByEzaPsH6fDrUR/7GxiQT5zu5/yfTY0O4GCith89OejKymbu9d18HbQzrHsKGturcKyl7PMuHHMxPiRRFU3mHBqqobeThyFRu2BZsh0pWnoo4fR40nMupOyY5fAJ1GsOtlYSijh5rJvhoGj62PP7VSuZpeD5nSeDboMRpb6JJODTbV2X1SrN/+upi+TxA2IK9MwH0qr6Xm+vsYwrmHAXPC5GtJVERHu69sGa5hEikfzv33KcfxaDq/5UteJOQwul6EJ0sZmURO9J+y9F4V07LvS1mZt17x1sIz9joSdjFsBxDAhFp5Lw5IOxuDMi8PvR9NYDhoMLiGrVJcUXXPVDgKD0xLoH1/1PasUIZoNtwVrkU0gz8Fw2/2kaj3+4JgrwCdFk/E0r2fO0QCwiV9xmiQK3sf94F4hCRpCZt/yD8r+ZBFBF+BR347pkq/zFNV2cC0acPxEhdjgs+mO9KAMna6QUHj1ACK2CW4hRnOMVHG+BQ0SMI+I8aNpw3M49qKiIaqnbwRmvUUIQ+kkETfP8kdihkZKmrPaukbF/sm5b+4KWfMn8Yy5H/kBxfIR/TrvxtJfmCyk68r2nQptOX5IssA4bQyHAjXHHgekn7T2TZHbTlCaVhC/6pQd4ddTQeNEVk3Y01p1ajXKUddJkY6USy4d+Y/RPhq3R4MHp4jzcZHV0KMN8ezYcOpvUEx9PKD4EOAHmxujzDCt1Spf9aOPWhA7IIwXHvKZK6p0X8OHZUfNg9CCeIwt1KsbPu4W4jsROx43la0+njOWQ8VFufCRQo927PbfFlXhFHembjKH/+5NYF4MMhL5qyfux6g2lqDLiy0rHke6xvJZzWIS+FDLf+ufDbl6n1bVylmNMeF2O5gMGNw0EAuIthXb9i1NYZTXADZI0QR7y24SZbZirl68NmazPrz1cYpd1beoSGwr0aV2ODf8T01VjrNnCYN8o+012Ae9WdkeAHRRV7kJBuoNf2O5pvn5UGVyL0WuDYRI9W3jXR7Fj3o4XjX+YQq25OTcm1za1QojylwuSOJ2oQX0bjwZSCkcVYVo8+ogZvUNUmYlkihiSPRO0pVfhPtYRgGTv12EtceSOgox4hq64qehSDrVY2SKTIELcocViBxwMCdohnwxa1Hkf6Z/rlfiFVAclWEG1ugkHyPHjYW8oerPzkP8ipYVvsWUd2K02Hwva6UZ064OwSvgT5FpXedUSAMK71SzAk66iiSQoL8CatCHbQVTPBmlEwcctE6a/SC5tpgvsTJ/hmSzvb5GztpsrxxqhGyU3zQ2VuouUh9VlI3ScpE+lgC7NngzbDM5AGzJMYg4b1byr60Hjrmu5dRP43Vxl2Sv15fBVxpZnfbiJ0j6i98Walg5LzgBUyMNB3MGqqqyS2IoLCWfNXq0f8OJ93pATaqtn8edUL2W1JXhaeyaYa4F7KPjiQy7+ra2qAAwSkfNSYkY7gsZ+I0gSh8b9dmi6IfDE75WjPkmRP1bwhLyly8slVHHW3ZpJucyk1qTix1WKb4dssEazhzKUgh9ZXJEGCKt2Q3LlgJm3tt9TlM2I/XiJpVk2vzkZxSy2EhVujwkmEPXrEB03iF9nHaTLQx+K9JuFYAbFCreNooahvvKse0AuRkvFaUM62D6t1m5m9jUTOpywAYNRs80AdiMlrDYeLDculnNcuYiF7i4CeQH6W7gEIg+7zER1rlt22AFQnpFP52hEF00eDF+veu48o37CzOPbvu3ZorEloTmy6+OoXxfedi1pHZcAhgxL0BNdX5c6P4RLowZfhhcQ2bFNUpsV6/91aC2UkpGOGIjviO1jN71vrRrlFFFDVpWbXxByWqqLSlV19mOXju7+dHfOffiDAiKIW04POtBkQhbQyD7RWuFT0pwjJqn/4PbcmswoJc228y8iVb+FMk/jeE2mgqJbrtG7hQnJ9x+dw25Q+0ZiDkhaJ0ltpQLcGxIysqI/IDoD4E1w0AREPogTIuIJh5C1fMziSxE7xdmT+vY0yH0j4pJ4tcQEYY3imDLNjganpSOdygFmYYb2DgYri++db//I82rXj/x9jjRDhC0xzmd09HRHlkstqVXc5QxvNgUhe1lsAuvaQUDo2mALCaSPqup1lNCvGYM7001sgofM2XdFCy9SDxByDlsF/enGDCCRw90YOPEvGh1CpsIMgM//wWpGi6wYGjuO61+CbvlV3g67g+RfuzLiUYUFulcSLgYSmSAnqmODP8ZVNsETZKE++qPIidD4ULJ1BUwGClWkocv7QmElyaQN3elQEPOHw4K2d/9duCxihue12TsxnT/LjiOsxYkMCK3uJxi8e2OmHhrghvK70mQM1eAaexTVphXwnPwFGmZxDkC1wo/G/0u7fvAL9TRMGVOMSUWbf1DxbnOFI/c0eP/CmWItpLjSVMkgP8GUFmSV8zplNnJu0s3tfC4JwU+FXOtFZ3OshpGKbJUcE+eaehSgoWEIL2W9sDFb7FQ3M8J7WAOqzk504fJe0T+Moeft+c95315MXstLIftf2Hc9JjEC3SHdKWzuGSBJHj3yY/t5hux+XEJTnYvI0zGb+FtLmcVVbMEPpGDmQRyE1111IPD+TVrmQ/BfoyusZrtBHfYhSSUclKZWR9CxQ0QZNiiOjrASnvlIqEi0d8c4h6S8CerL5b/3KTAYX2n8DaKAbrv3V1oPQg15Jtl+GccazDBqTjHXWOLmZmmSaGkEOyvqezKYhnIsZGlnZXN0PTE5NzMyNCxzPTk2NzFhZjg4ODQ4ZTY1YjFhZjg2NjI4ODc1ODA2NzY5YTc2YzYzN2RhMzdmNjE4MjlkYWI2ZDY5YWI5ODhhOTM5ZTgyOWM5ZTdiYTA3NDcw\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: no-cache, no-store\r\nContent-Type: text/plain\r\nX-Robots-Tag: noindex\r\nContent-Length: 1\r\nStrict-Transport-Security: max-age=31536000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1,"size_decoded":0,"mime_type":"text/plain","magic":"very short file (no magic)","md5":"c4ca4238a0b923820dcc509a6f75849b","sha1":"356a192b7913b04c54574d18c28d46e6395428ab","sha256":"6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b","sha512":"4dff4ea340f0a823f15d3f4f01ab62eae0e5da579ccb851f8db9dfe84c58b2b37b89903a740e1ee172da793a6e79d560e5f7f9bd058a12a280433ed6fa46510a","ssdeep":"","tlshash":"c70000000c000000c00000300000000000000000000000000000000000000000000030","first_seen":"2023-03-07T01:10:09Z","last_seen":"2026-06-11T02:01:17.609872Z","times_seen":115302,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Themes/Element/Content/img/rating-sprite.png","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:12.622Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Themes/Element/Content/img/rating-sprite.png HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174; _gcl_au=1.1.76622958.1767898032\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nEtag: \"033d97a593ddb1:0\"\r\nLast-Modified: Sat, 23 Nov 2024 03:40:46 GMT\r\nContent-Type: image/png\r\nContent-Length: 1520\r\nDate: Thu, 08 Jan 2026 18:47:12 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nX-Iinfo: 14-127319190-127294725 2VNN RT(1767898030426 2435) q(0 0 0 -1) r(1 1) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1520,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 32, 8-bit/color RGBA, non-interlaced","md5":"22bc718d6895009f2b0e419058b9c162","sha1":"568c686077a84d8e6f1f10482a82668883518aa6","sha256":"d5a883f98b7129314342bf94ba693944635522eed2845daa50034617633f8084","sha512":"e868be166c0f3502aaa181d462ee660f0996eab24d9536b45b629db21042ad9e6229c7f2c24817b014b9c9a089e87447098559b1280327d78372ef4d1f9ece0d","ssdeep":"","tlshash":"4631f71bb9003403be9ce2d21af6c02746234e50f6d0e49bfa0ac08788d01b2a665ae3","first_seen":"2026-01-08T18:47:47.224204Z","last_seen":"2026-02-11T19:56:04.23145Z","times_seen":2,"resource_available":false,"data":null}},"time_used":345,"timings":{"blocked":222,"dns":0,"connect":0,"send":0,"wait":123,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/ruxitagentjs_ICANVfgqru_10327251022105625.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.clubpromerica.com/","date":"2026-01-08T18:46:54.668Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /ruxitagentjs_ICANVfgqru_10327251022105625.js HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nEtag: \"fc600b43\"\r\nLast-Modified: Wed, 03 Mar 2010 07:01:40 GMT\r\nContent-Type: text/javascript; charset=utf-8\r\nContent-Length: 74791\r\nContent-Encoding: gzip\r\nDate: Thu, 08 Jan 2026 18:46:53 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nX-Iinfo: 12-64928826-64927860 2CNN RT(1767898014018 670) q(0 0 0 -1) r(0 0) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]}],"data":{"size":189881,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1629)","md5":"03fa71a1cf8ec7040d1fa1c672f93a9d","sha1":"d01306070c6d04a331b671074e0a7228457fd249","sha256":"0c796a7884170d8fa0e5100de60dc2272ad05a9a0b436f15d9766bb27c8243ae","sha512":"00856b036edc1d0619f5660c1f7c95d294449b9c97a6386620cadc0bb1ca1a698c6d224f6b0ccc471984e22031cd9087979b06e5fd18115833a6398882d16694","ssdeep":"3072:japP/GJe7FoVdzvkN33PXzO4qKwaINhayzByuVtjg:8P/GJJdzsN33PzO4kNbzByEjg","tlshash":"d6043a99b71270668b9711b950bf020bf3b86d94984c8498d195f8e83d74efe42f7f28","first_seen":"2026-01-08T18:47:47.225462Z","last_seen":"2026-05-11T13:54:57.820089Z","times_seen":12,"resource_available":true,"data":null}},"time_used":122,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":80,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Scripts/jquery-migrate-1.2.1.min.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.469Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Scripts/jquery-migrate-1.2.1.min.js HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nEtag: \"06a879593ddb1:0\"\r\nLast-Modified: Sat, 23 Nov 2024 03:40:44 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 3068\r\nContent-Encoding: gzip\r\nDate: Thu, 08 Jan 2026 18:47:10 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nX-Iinfo: 14-127319190-127299931 2VNN RT(1767898030426 1047) q(0 0 0 -1) r(1 1) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7200,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (7085), with CRLF line terminators","md5":"512b871a2830e44259bc3ce3343afcd0","sha1":"875bce76a77590c3c438bbc6e014b39c23c8c88d","sha256":"c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c","sha512":"7c31817254b71d4cac10120aa2829614311658e468036d27eb43b063b392620c4611ec3db3b3600da3e48fb82a41c5579c048fbd9022156f038b2b6cb5d946b5","ssdeep":"96:tBnSz91Gwyk35YrfBewIt9jKLKDs2SFNK7wIDBRANyCfVJ45NI:znSzvGw/35YbMx9jKLKD3UIDBR8VVUq","tlshash":"27e186dc72aab5611ffa30a8503bd21b72b25aec140d95a4f08ccde5392cc5d413ab7e","first_seen":"2023-03-07T01:10:34Z","last_seen":"2026-06-11T00:59:07.193221Z","times_seen":6488,"resource_available":true,"data":null}},"time_used":1109,"timings":{"blocked":979,"dns":0,"connect":0,"send":0,"wait":130,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Administration/Scripts/kendo/2014.1.318/kendo.autocomplete.min.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.487Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Administration/Scripts/kendo/2014.1.318/kendo.autocomplete.min.js HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nEtag: \"071ed6e593ddb1:0\"\r\nLast-Modified: Sat, 23 Nov 2024 03:40:26 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 2959\r\nContent-Encoding: gzip\r\nDate: Thu, 08 Jan 2026 18:47:10 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nX-Iinfo: 8-14178468-14175398 2VNN RT(1767898030386 1282) q(0 0 0 -1) r(1 1) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6894,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (6460), with CRLF line terminators","md5":"a907183e906a3b367ca9eae8099a8bbc","sha1":"753bd6fc726d556b33f3db40111e1b517e781bfc","sha256":"4aeac08e54655a48878ffb5cec08dbfda72c4f60098e573f6d656c114b3d5f21","sha512":"847ac967600f20f08d8b1bda646a8fa62c80828412bfef509cbfce2e7ac79a6165cc90f183903359e39ba15203fa10145790d8df1ea665c22407daf102a24a20","ssdeep":"96:WS9VzsimxykdTtajWyB2BM83uym6PeWu3eI38iUxpledBnqe:WSrzJmV4jkTuN62Wc2uhD","tlshash":"5de1c68a72817b4682fb20f1123f540d333629659a0945a0b126d5ca3a39ec97377ebf","first_seen":"2023-03-09T01:01:24Z","last_seen":"2026-05-15T04:10:43.915338Z","times_seen":67,"resource_available":true,"data":null}},"time_used":1285,"timings":{"blocked":1176,"dns":0,"connect":0,"send":0,"wait":108,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Themes/Element/Content/img/search-button.png","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:12.601Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Themes/Element/Content/img/search-button.png HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174; _gcl_au=1.1.76622958.1767898032\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nEtag: \"033d97a593ddb1:0\"\r\nLast-Modified: Sat, 23 Nov 2024 03:40:46 GMT\r\nContent-Type: image/png\r\nContent-Length: 1852\r\nDate: Thu, 08 Jan 2026 18:47:12 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nX-Iinfo: 8-14178468-14175736 2VNN RT(1767898030386 2356) q(0 0 0 -1) r(1 1) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]}],"data":{"size":1852,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 60 x 80, 8-bit/color RGBA, non-interlaced","md5":"d8088ae0e0c52c7e12e2bd2131cffa5d","sha1":"0f2a58c9ca605b1a6d230de87a731681a4f1efb2","sha256":"58c3edceb3848fea79dfb95cb5356d692ff83fa697ae2bb915cbfc5bc756a3a2","sha512":"810b26d695fccf875edaf0cc247d3c3cd44869b14706e3bf0b61821e4e429a98641b2709ea0d810a17a68cdea4066504ac6e636f37315e849c198418fe8ac492","ssdeep":"","tlshash":"0731e969b90e3803916da84b7ce610265a53649055d9ab3175cbcc324f301fa04bf0eb","first_seen":"2026-01-08T18:47:47.228343Z","last_seen":"2026-06-06T06:49:15.864862Z","times_seen":9,"resource_available":false,"data":null}},"time_used":247,"timings":{"blocked":137,"dns":0,"connect":0,"send":0,"wait":110,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cpregionalcoreapi-appsrv.azurewebsites.net/regional/api/configuration","fqdn":"cpregionalcoreapi-appsrv.azurewebsites.net","domain":"cpregionalcoreapi-appsrv.azurewebsites.net","tld":"azurewebsites.net"},"ip":{"addr":"40.87.70.95","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.clubpromerica.com/","date":"2026-01-08T18:46:54.955Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.azurewebsites.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft Azure RSA TLS Issuing CA 07","organization":"Microsoft Corporation"},"validity":{"start":"Mon, 08 Dec 2025 09:48:52 GMT","end":"Sat, 06 Jun 2026 09:48:52 GMT"},"fingerprint":{"sha1":"D7:19:F1:30:92:55:8B:89:83:57:D8:E2:FF:1C:A1:F1:90:E5:E9:37","sha256":"6E:C4:2B:AA:FF:12:C0:79:FC:08:3A:13:A4:0F:C5:18:D5:CD:B8:5C:16:96:2D:08:A8:40:EA:4E:79:A0:B2:17"}}},"request":{"raw":"GET /regional/api/configuration HTTP/1.1\r\nHost: cpregionalcoreapi-appsrv.azurewebsites.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.clubpromerica.com/\r\nOrigin: https://www.clubpromerica.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Length: 541\r\nContent-Type: application/json; charset=utf-8\r\nDate: Thu, 08 Jan 2026 18:46:55 GMT\r\nServer: Microsoft-IIS/10.0\r\nAccess-Control-Allow-Origin: https://www.clubpromerica.com\r\nContent-Encoding: gzip\r\nSet-Cookie: ARRAffinity=dda7cc642ba144fdde0f733487b67dff0c9b2936e73343c7dd02b7a470b55af5;Path=/;HttpOnly;Secure;Domain=cpregionalcoreapi-appsrv.azurewebsites.net\nARRAffinitySameSite=dda7cc642ba144fdde0f733487b67dff0c9b2936e73343c7dd02b7a470b55af5;Path=/;HttpOnly;SameSite=None;Secure;Domain=cpregionalcoreapi-appsrv.azurewebsites.net\r\nVary: Accept-Encoding\r\nx-ms-middleware-request-id: 00000000-0000-0000-0000-000000000000\r\nX-Powered-By: ASP.NET\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}],"data":{"size":1669,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"680c62e9b06b2fe9036d875ab8ec011a","sha1":"bc83bfcd2225a01e32ba03ae38997ace762b11b3","sha256":"3b70689a81d4cf995f64a2ba9809baf03222fd0258a45ea111747d38fb5055e2","sha512":"b5e8f8e2a8b0461d4dcad8ee9cdc2b03016046edd4f718b7595b6b61606e9a115a450cdfdd02e71c44b5961aaa9d9922ac9bee31ec492a78639b57f0cd8d5f27","ssdeep":"","tlshash":"c831f8cbc894eee64dca525c991987c14fba5c7124bedcdc3f8d0038488aae35369772","first_seen":"2026-01-08T18:47:47.22937Z","last_seen":"2026-01-23T20:15:24.199518Z","times_seen":3,"resource_available":false,"data":null}},"time_used":747,"timings":{"blocked":315,"dns":119,"connect":93,"send":0,"wait":115,"receive":0,"ssl":102},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Plugins/SevenSpikes.Nop.Plugins.ProductRibbons/Scripts/jquery.json-2.4.min.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.497Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Plugins/SevenSpikes.Nop.Plugins.ProductRibbons/Scripts/jquery.json-2.4.min.js HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nEtag: \"0d97678593ddb1:0\"\r\nLast-Modified: Sat, 23 Nov 2024 03:40:42 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 1063\r\nContent-Encoding: gzip\r\nDate: Thu, 08 Jan 2026 18:47:11 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nX-Iinfo: 14-127319187-127294725 2VNN RT(1767898030417 1422) q(0 0 0 -1) r(1 1) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2281,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (433), with CRLF line terminators","md5":"b6ec8daaae10608b00f8c8661d97aab8","sha1":"4e87c12ca2324a181a60ca1bb0feeb1eafdd3770","sha256":"e1681eeae950bd905e159723b28b06b3c6055806a4877c80420ff2950a88cd3c","sha512":"e47ac17cccd176e0f80be0721d36777d4bf1e3ef7840c3bddc49ab3b655977cf5b160321e858983f11d1ba4f7b47670726974d5234f1c428325cbc0ad0771e21","ssdeep":"","tlshash":"e041889b32c2310600f775950407791a6e19cb10f1bc555ccaf982fdaf95d8bd02ee79","first_seen":"2023-03-14T09:38:34Z","last_seen":"2026-05-30T19:01:41.554879Z","times_seen":108,"resource_available":true,"data":null}},"time_used":1455,"timings":{"blocked":1323,"dns":0,"connect":0,"send":0,"wait":127,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"prowebimages.blob.core.windows.net/guatemala/0009358_15-de-descuento-en-le-bolsha_635.png","fqdn":"prowebimages.blob.core.windows.net","domain":"prowebimages.blob.core.windows.net","tld":"blob.core.windows.net"},"ip":{"addr":"20.209.162.193","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.555Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.blob.core.windows.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft Azure RSA TLS Issuing CA 03","organization":"Microsoft Corporation"},"validity":{"start":"Sun, 28 Sep 2025 16:48:26 GMT","end":"Fri, 27 Mar 2026 16:48:26 GMT"},"fingerprint":{"sha1":"F5:13:AA:13:09:76:83:78:38:09:52:3B:F7:12:7B:8C:50:CD:27:DD","sha256":"B5:3C:74:0B:F7:38:74:A1:60:92:C0:A8:D4:0B:E3:25:3F:8A:81:47:44:77:85:9D:4A:BD:C0:C7:F9:76:EA:9C"}}},"request":{"raw":"GET /guatemala/0009358_15-de-descuento-en-le-bolsha_635.png HTTP/1.1\r\nHost: prowebimages.blob.core.windows.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Length: 718543\r\nContent-Type: image/png\r\nContent-MD5: zWMp2ErLKYgfI/79xdcvDw==\r\nLast-Modified: Tue, 06 Jan 2026 15:18:34 GMT\r\nETag: 0x8DE4D36DBC4C91D\r\nServer: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0\r\nx-ms-request-id: c6384feb-a01e-00b3-48cf-80f577000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\nDate: Thu, 08 Jan 2026 18:47:12 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]},{"name":"Microsoft HTTPAPI:2.0","description":"Microsoft HTTPAPI is a kernel-mode HTTP driver in the Windows operating system responsible for handling HTTP requests and responses with efficiency, scalability, and security.","website":"https://learn.microsoft.com/en-us/windows/win32/http/http-api-start-page","common_platform_enumeration":"","icon":"Microsoft.svg","categories":["Web servers"]}],"data":{"size":718543,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 635 x 635, 8-bit/color RGBA, non-interlaced","md5":"cd6329d84acb29881f23fefdc5d72f0f","sha1":"eba2997fa94b73cf5b5989e0dc737f854e63dbe3","sha256":"acdea039d3fcceb89cb957f5b6295f69da13c78c05688745487f287353800760","sha512":"a467aa13416cc13a8753ee1c3d86388d9091984ea417160ab0479dc4131209af9e60298470005afdd91a8d65a239df193335323136211d7e4a668932f263f2c9","ssdeep":"12288:MhYsgtCnomwWpr+XaE7rP4LqXa/2+8gVU8rvt649kOCtO5JfmXrcxif46:C3hnomdpr+X37rPBcVFztfCk5MXrcxEx","tlshash":"cae42384a24d851c759f08ef4132814c6dc9350d77f20906e86329ada95f7abefc7ab2","first_seen":"2026-01-08T18:47:47.230843Z","last_seen":"2026-01-08T18:47:47.230843Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2432,"timings":{"blocked":2282,"dns":0,"connect":0,"send":0,"wait":133,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-WKJR4G6G","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.142.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:12.140Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:49:27 GMT","end":"Wed, 25 Feb 2026 15:49:26 GMT"},"fingerprint":{"sha1":"2C:B9:1B:62:2A:F9:04:B9:16:E2:30:B0:A8:B2:85:0C:68:BC:79:25","sha256":"AE:CB:A0:2C:92:1E:CB:D2:CB:6C:0D:37:5E:A2:4E:27:AE:4E:CA:0C:EC:53:D5:50:E6:C1:3D:EB:17:C1:F2:C9"}}},"request":{"raw":"GET /gtm.js?id=GTM-WKJR4G6G HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Thu, 08 Jan 2026 18:47:12 GMT\r\nexpires: Thu, 08 Jan 2026 18:47:12 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Thu, 08 Jan 2026 18:12:55 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 131882\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":385195,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5340)","md5":"4c120c18098013bac921a431d2f79382","sha1":"2e8a97b50ebbd27987bf27e40307b5a8bd5b218e","sha256":"be612584c324aec7daca9565b5b474e56ca61c84c026d838ecc718388296db16","sha512":"42c9cafeb5f6b6af7b196cb79b312784908b931e3109c83fee3b90d74cd735da054b09c297a4459e4376d2c3b0dd6174b9732d30a099c82113b715f1b24a85de","ssdeep":"6144:9rVrf0o6qWro03izhJ3kc1/po7YAOTkx7gjQiTV4N:xyqLOi19xTkvN","tlshash":"a78429cdb3c6746693a3a478503f118ba57b6991f44cc895f186cce42e74aaa0237f7c","first_seen":"2026-01-08T18:47:47.231702Z","last_seen":"2026-01-08T18:47:47.231702Z","times_seen":1,"resource_available":true,"data":null}},"time_used":54,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":31,"receive":23,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Content/Images/facebook.png?v=1","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:12.514Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Content/Images/facebook.png?v=1 HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala/Themes/Element/Content/CSS/ClubPromerica.css?v=2\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174; _gcl_au=1.1.76622958.1767898032\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: image/png\r\nLast-Modified: Sat, 23 Nov 2024 03:40:28 GMT\r\nAccept-Ranges: bytes\r\nETag: \"09e1e70593ddb1:0\"\r\nServer: Microsoft-IIS/10.0\r\nServer-Timing: dtSInfo;desc=\"0\", dtRpid;desc=\"-1968207245\"\r\nDate: Thu, 08 Jan 2026 18:47:12 GMT\r\nContent-Length: 1563\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nX-Iinfo: 14-127319189-127304155 2NNN RT(1767898030419 2069) q(0 0 0 -1) r(3 3) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]},{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":1563,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 142 x 142, 8-bit/color RGBA, non-interlaced","md5":"440f0451a40fb4d3ade34547c02a070b","sha1":"6a1390d127802d6ba8539e1eb80e394cdaf3f0a0","sha256":"9d0246f4c0eb79c35367dd1e0ea3679ddafec8e637e868b772f7045f83b003b0","sha512":"8c3170f5b0ce5de5f1ba6188458c31d8d1f3cb61c5da7bbd7493a7c795ce11bb53efa60207a6f033fd14a50c43e607ff225c7b570e62ba9ab3de424f99f79cf7","ssdeep":"","tlshash":"bc31e7731abc6c7bc4586bd8897d15e72af4433048dc8ec9fa310f564d23b098429392","first_seen":"2026-01-08T18:47:47.232423Z","last_seen":"2026-04-13T00:21:38.96662Z","times_seen":8,"resource_available":false,"data":null}},"time_used":317,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":316,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Themes/Element/Content/CSS/styles.css","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.398Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Themes/Element/Content/CSS/styles.css HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: text/css\r\nLast-Modified: Sat, 23 Nov 2024 03:40:46 GMT\r\nAccept-Ranges: bytes\r\nETag: \"033d97a593ddb1:0\"\r\nServer: Microsoft-IIS/10.0\r\nServer-Timing: dtSInfo;desc=\"0\", dtRpid;desc=\"-886423763\"\r\nDate: Thu, 08 Jan 2026 18:47:10 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nContent-Encoding: gzip\r\nTransfer-Encoding: chunked\r\nX-Iinfo: 8-14178468-14175398 2NYN RT(1767898030386 39) q(0 0 0 -1) r(4 4) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]},{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":156523,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"35ec26e26fe16ab76ab6626def8220fa","sha1":"92bf88cab9e001da2e79a15d5c6c5de1884892be","sha256":"2acb128d7a2afb2a14ba44f1136066bb079bf79a51392523f654ac139ead9229","sha512":"c8e133c846ddad8588b011e18fc6e4418118c66aa1db9288534201c63b441ff90f1b802c0681249ca7360c415633fa3d620d5e8e10ba29821cc838976756ac4a","ssdeep":"768:Gcu+m6bE0LlVvx4GaCxL5qNF5U8L9JPuFECkTG3qxAiMQewiD09LX8my0O/8QCgg:GculLPc7wiD09LXu1/e3J7G+uvHu","tlshash":"1ae3525cc653114ba1378734abb21285ff1960339b438578badc72948fb90ba9672fcd","first_seen":"2026-01-08T18:47:47.233231Z","last_seen":"2026-04-13T00:21:38.955688Z","times_seen":8,"resource_available":false,"data":null}},"time_used":776,"timings":{"blocked":22,"dns":1,"connect":8,"send":0,"wait":417,"receive":289,"ssl":35},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Themes/Element/Content/CSS/tables.css","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.408Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Themes/Element/Content/CSS/tables.css HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nEtag: \"033d97a593ddb1:0\"\r\nLast-Modified: Sat, 23 Nov 2024 03:40:46 GMT\r\nContent-Type: text/css\r\nContent-Length: 584\r\nContent-Encoding: gzip\r\nDate: Thu, 08 Jan 2026 18:47:10 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nX-Iinfo: 14-127319187-127318668 2VNN RT(1767898030417 34) q(0 0 0 -1) r(4 4) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]}],"data":{"size":1581,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"d35aa22a5cbf5fe5b6edd3145d81be3a","sha1":"55bbdae3a03614d15c714085960f92e2c4f88a57","sha256":"ea4b26c14f8fc005f6d2ac44957b493c06be141df8e119005e9c4bb5fd6262ed","sha512":"06f70b60b9d6a5f80bfb023e9c98bda7805a9516c44f76c4380e7fe1c64cc71a027e96da9664d1e1860176c4ed5d10f14096e2815964284109e7d7b7243f521d","ssdeep":"","tlshash":"a831112ef750204fb447e670b676a3efea3c1049ea5b08743098977443498d3dd32da6","first_seen":"2025-10-22T05:00:46.463588Z","last_seen":"2026-04-13T00:21:38.844204Z","times_seen":9,"resource_available":false,"data":null}},"time_used":511,"timings":{"blocked":25,"dns":1,"connect":21,"send":0,"wait":429,"receive":1,"ssl":30},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Plugins/SevenSpikes.Nop.Plugins.ProductRibbons/Scripts/ProductRibbons.min.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.498Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Plugins/SevenSpikes.Nop.Plugins.ProductRibbons/Scripts/ProductRibbons.min.js HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nEtag: \"0d97678593ddb1:0\"\r\nLast-Modified: Sat, 23 Nov 2024 03:40:42 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 1021\r\nContent-Encoding: gzip\r\nDate: Thu, 08 Jan 2026 18:47:11 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nX-Iinfo: 14-127319189-127319238 2VNN RT(1767898030419 1488) q(0 0 0 -1) r(1 1) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]}],"data":{"size":2383,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2232), with CRLF line terminators","md5":"19a299aef303bb834c4f923117236ca3","sha1":"58889eeadac240fdafc359ea928b6e75ed0825ac","sha256":"3639180e9fcc23f092494b476605c05609049de04b19b261cd413659b8285364","sha512":"4aadb0a68421c08db1ec9e785f0180bad72aef683de5a0a91a562c1a3f256f8a3f50852f1a6467b6c62f60932a84185bfe6b0cc2b240b9f6d60adf60360e0f5a","ssdeep":"","tlshash":"af41edcce2bc11a5809714f8705f25cabda2ac1e58e74dc5480bf14a1891e5ea338c9d","first_seen":"2023-03-14T06:03:28Z","last_seen":"2026-05-12T03:33:01.831203Z","times_seen":31,"resource_available":true,"data":null}},"time_used":1509,"timings":{"blocked":1384,"dns":0,"connect":0,"send":0,"wait":125,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/destination?id=AW-10883915179\u0026cx=c\u0026gtm=4e6170","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.142.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:12.337Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:49:27 GMT","end":"Wed, 25 Feb 2026 15:49:26 GMT"},"fingerprint":{"sha1":"2C:B9:1B:62:2A:F9:04:B9:16:E2:30:B0:A8:B2:85:0C:68:BC:79:25","sha256":"AE:CB:A0:2C:92:1E:CB:D2:CB:6C:0D:37:5E:A2:4E:27:AE:4E:CA:0C:EC:53:D5:50:E6:C1:3D:EB:17:C1:F2:C9"}}},"request":{"raw":"GET /gtag/destination?id=AW-10883915179\u0026cx=c\u0026gtm=4e6170 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Thu, 08 Jan 2026 18:47:12 GMT\r\nexpires: Thu, 08 Jan 2026 18:47:12 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Thu, 08 Jan 2026 18:12:55 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\ncontent-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgsrsghrgc:72:0\r\ncross-origin-opener-policy-report-only: same-origin; report-to=ascgsrsghrgc:72:0\r\nreport-to: {\"group\":\"ascgsrsghrgc:72:0\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgsrsghrgc:72:0\"}],}\r\nserver: Google Tag Manager\r\ncontent-length: 133528\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":397376,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5911)","md5":"85e4fdbbfceece7c37eb0a1b4dc20d30","sha1":"a6b951fb9e3b0b363d5b329436a47b79384c5b4d","sha256":"958b19dbbca0ee3641f009de7d4ea7abfd357b1d52e7b580ede0486df7ffc4a9","sha512":"aeb47090d915bdce471f2e82778f773161c7e1863b8053ed2cc6e6248cbab28d623275d687c9c827165ea8f0dd122879005cf3ced5e2067a562b68900dabf767","ssdeep":"6144:LrVrl0o6qWro03izhJ3kc1/po7YAOTkIzE6vajQiDv:fAqLOi19xTkIje","tlshash":"738429ce73c674269397a478403f018ba57b69e2b44cc895f189cce42e74a9a4277f7c","first_seen":"2026-01-08T18:47:47.23621Z","last_seen":"2026-01-08T18:47:47.23621Z","times_seen":1,"resource_available":true,"data":null}},"time_used":57,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":29,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"prowebimages.blob.core.windows.net/regional/favicon.ico","fqdn":"prowebimages.blob.core.windows.net","domain":"prowebimages.blob.core.windows.net","tld":"blob.core.windows.net"},"ip":{"addr":"20.209.162.193","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.clubpromerica.com/","date":"2026-01-08T18:46:55.343Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.blob.core.windows.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft Azure RSA TLS Issuing CA 03","organization":"Microsoft Corporation"},"validity":{"start":"Sun, 28 Sep 2025 16:48:26 GMT","end":"Fri, 27 Mar 2026 16:48:26 GMT"},"fingerprint":{"sha1":"F5:13:AA:13:09:76:83:78:38:09:52:3B:F7:12:7B:8C:50:CD:27:DD","sha256":"B5:3C:74:0B:F7:38:74:A1:60:92:C0:A8:D4:0B:E3:25:3F:8A:81:47:44:77:85:9D:4A:BD:C0:C7:F9:76:EA:9C"}}},"request":{"raw":"GET /regional/favicon.ico HTTP/1.1\r\nHost: prowebimages.blob.core.windows.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Length: 1150\r\nContent-Type: image/x-icon\r\nContent-MD5: c7/ZTzGpHjWeYJaIc0WbUQ==\r\nLast-Modified: Fri, 22 Dec 2023 02:14:58 GMT\r\nETag: 0x8DC0293CBF6541D\r\nServer: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0\r\nx-ms-request-id: 9ea77c6f-a01e-0047-7acf-803e81000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\nDate: Thu, 08 Jan 2026 18:46:55 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Microsoft HTTPAPI:2.0","description":"Microsoft HTTPAPI is a kernel-mode HTTP driver in the Windows operating system responsible for handling HTTP requests and responses with efficiency, scalability, and security.","website":"https://learn.microsoft.com/en-us/windows/win32/http/http-api-start-page","common_platform_enumeration":"","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}],"data":{"size":1150,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel","md5":"73bfd94f31a91e359e60968873459b51","sha1":"b05ff82b091d5be8f1a41108775b2fe1073aeeb0","sha256":"8e0186b2156c248726d60566ca848ace21fd914fad18b1418561f0075af790fb","sha512":"1e4c94de12c5e17ccb3eed07eded74ccb02d4fad9cc8fcaf75c573e3fa9acc01eb4852f2625405ef5c97c8475d3cebbb986a381a2a79d3e0ce07564b90101288","ssdeep":"","tlshash":"cc21c9c6b30df808e5561d32f1c03e19818d01279c281e35f964e8e62cb909ca696fe2","first_seen":"2026-01-08T18:47:47.236975Z","last_seen":"2026-04-13T00:21:38.970507Z","times_seen":10,"resource_available":false,"data":null}},"time_used":99,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.142.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.504Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:49:27 GMT","end":"Wed, 25 Feb 2026 15:49:26 GMT"},"fingerprint":{"sha1":"2C:B9:1B:62:2A:F9:04:B9:16:E2:30:B0:A8:B2:85:0C:68:BC:79:25","sha256":"AE:CB:A0:2C:92:1E:CB:D2:CB:6C:0D:37:5E:A2:4E:27:AE:4E:CA:0C:EC:53:D5:50:E6:C1:3D:EB:17:C1:F2:C9"}}},"request":{"raw":"GET /gtag/js?id= HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Thu, 08 Jan 2026 18:47:10 GMT\r\nexpires: Thu, 08 Jan 2026 18:47:10 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Thu, 08 Jan 2026 18:12:55 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 74819\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":202243,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (3463)","md5":"aee63d53f6560cccd649955e943ab4fd","sha1":"01b558b4828d0b07b4df191b31f971cfeccb2c2d","sha256":"587e0611b34f7527515dc68a2013ac6fd8a7f99ce3b8698301bb032252a0d0df","sha512":"192aeb65223125a66f78eff89e27dd80339c3a8268e69ed8d19520e338910f2f674396bf769075a72d56f80d2ba02ee52ad757622a6d17f540a2b28304b479ff","ssdeep":"3072:AVhadKE70MisCfW88CogQN6PTm6Sv6YqaphtnAm+6h06lbd4dlw5Eqt:ldV7m5oYnSv6Yq0tAn6h06td4nw5EI","tlshash":"371429c9b7ca706653d365b8503f010bb17a7992f84cc8d0e182d9d82e74aaa1277f7d","first_seen":"2026-01-08T18:47:47.237873Z","last_seen":"2026-01-08T18:47:47.237873Z","times_seen":1,"resource_available":true,"data":null}},"time_used":756,"timings":{"blocked":341,"dns":0,"connect":8,"send":0,"wait":19,"receive":15,"ssl":370},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/pagead/1p-conversion/10883915179/?random=1767898032552\u0026cv=11\u0026fst=1767898032552\u0026bg=ffffff\u0026guid=ON\u0026async=1\u0026en=conversion\u0026gtm=45be6170z89178607596za20gzb9178607596zd9178607596xea\u0026gcd=13l3l3l2l1l1\u0026dma_cps=syphamo\u0026dma=1\u0026tag_exp=103116026~103200004~104527906~104528500~104684208~104684211~105391253~115938465~115938468~116682877~116744867\u0026u_w=1280\u0026u_h=1024\u0026url=https%3A%2F%2Fwww.clubpromerica.com%2Fguatemala\u0026ref=https%3A%2F%2Fwww.clubpromerica.com%2F\u0026label=e4ffCJO0jJ4aEKu77cUo\u0026frm=0\u0026tiba=Club%20Promerica\u0026bttype=purchase\u0026value=0\u0026hn=www.google.com\u0026npa=1\u0026pscdl=noapi\u0026auid=76622958.1767898032\u0026ec_mode=a\u0026_tu=CA\u0026gcl_ctr=1~0\u0026em=tv.1~em.wwU1Sdf-YHL5qdek9JGXNWTcl3VJ-9kpLKePGGQXJBQ\u0026gcp=1\u0026sscte=1\u0026ct_cookie_present=1\u0026fmt=7","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.100","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:12.581Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:57:20 GMT","end":"Wed, 25 Feb 2026 15:57:19 GMT"},"fingerprint":{"sha1":"13:5B:80:5A:23:15:61:AE:98:37:1B:0A:3C:F6:E2:BD:63:8E:3B:D6","sha256":"22:03:24:94:F7:E3:5F:66:1B:39:CE:18:75:20:3D:01:AC:FE:93:AA:1A:73:8C:D5:34:98:AB:2B:E5:19:37:12"}}},"request":{"raw":"GET /pagead/1p-conversion/10883915179/?random=1767898032552\u0026cv=11\u0026fst=1767898032552\u0026bg=ffffff\u0026guid=ON\u0026async=1\u0026en=conversion\u0026gtm=45be6170z89178607596za20gzb9178607596zd9178607596xea\u0026gcd=13l3l3l2l1l1\u0026dma_cps=syphamo\u0026dma=1\u0026tag_exp=103116026~103200004~104527906~104528500~104684208~104684211~105391253~115938465~115938468~116682877~116744867\u0026u_w=1280\u0026u_h=1024\u0026url=https%3A%2F%2Fwww.clubpromerica.com%2Fguatemala\u0026ref=https%3A%2F%2Fwww.clubpromerica.com%2F\u0026label=e4ffCJO0jJ4aEKu77cUo\u0026frm=0\u0026tiba=Club%20Promerica\u0026bttype=purchase\u0026value=0\u0026hn=www.google.com\u0026npa=1\u0026pscdl=noapi\u0026auid=76622958.1767898032\u0026ec_mode=a\u0026_tu=CA\u0026gcl_ctr=1~0\u0026em=tv.1~em.wwU1Sdf-YHL5qdek9JGXNWTcl3VJ-9kpLKePGGQXJBQ\u0026gcp=1\u0026sscte=1\u0026ct_cookie_present=1\u0026fmt=7 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.clubpromerica.com/\r\nOrigin: https://www.clubpromerica.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\np3p: policyref=\"https://www.googleadservices.com/pagead/p3p.xml\", CP=\"NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC\"\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ndate: Thu, 08 Jan 2026 18:47:12 GMT\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, must-revalidate\r\ncontent-type: application/json; charset=UTF-8\r\naccess-control-allow-origin: https://www.clubpromerica.com\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\ncontent-disposition: attachment; filename=\"f.txt\"\r\ncontent-encoding: gzip\r\nserver: cafe\r\ncontent-length: 997\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1541,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"ASCII text, with very long lines (1524)","md5":"cb7b6a6bd756cefaa5a2bc67c05b4c3f","sha1":"00a4d887e2532d0dbe1fa81f18dca46d4eeceacc","sha256":"9ec1b5f1f62d685b7449e4ebb2a49914e84a2ecf1b84b2fbe0e8656f750b1a68","sha512":"bb43f7a2c030e923b2c607494d577143aed8daac91dc527c0400a0476a532e9cd6955b6163c2259bbcc9ff23466882469be5bbb3730b4a3d25a60f01e3b8109b","ssdeep":"","tlshash":"b631b5e61e112f228ee3bd589ca06f026e867aff51798e8c34ac40e3191fb543578344","first_seen":"2026-01-08T18:47:47.238852Z","last_seen":"2026-01-08T18:47:47.238852Z","times_seen":1,"resource_available":false,"data":null}},"time_used":48,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":48,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-08T18:46:53.842Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: text/html\r\nLast-Modified: Mon, 22 Jul 2024 23:44:18 GMT\r\nAccept-Ranges: bytes\r\nETag: \"a529e1291dcda1:0:dtagent10327251022105625IUWH\"\r\nServer: Microsoft-IIS/10.0\r\nX-Powered-By: ASP.NET\r\ntraceresponse: 00-0204a8f82442344b5487593871da80cd-7828fe8d058b8a8d-01\r\nx-dt-tracestate: d4751df5-dd6af23e@dt\r\nX-OneAgent-JS-Injection: true\r\nX-ruxit-JS-Agent: true\r\nServer-Timing: dtSInfo;desc=\"0\", dtRpid;desc=\"-107151684\"\r\nDate: Thu, 08 Jan 2026 18:46:53 GMT\r\nSet-Cookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; Path=/; Domain=.clubpromerica.com\nvisid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; expires=Thu, 07 Jan 2027 23:56:34 GMT; HttpOnly; path=/; Domain=.clubpromerica.com; Secure; SameSite=None\nnlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; HttpOnly; path=/; Domain=.clubpromerica.com; Secure; SameSite=None\nincap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; path=/; Domain=.clubpromerica.com; Secure; SameSite=None\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nContent-Encoding: gzip\r\nTransfer-Encoding: chunked\r\nX-Iinfo: 12-64928826-64928833 NNYN CT(104 222 0) RT(1767898014018 32) q(0 1 4 1) r(5 5) U12\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Dynatrace RUM","description":"Dynatrace RUM is a AI powered, full stack, automated real user monutoring platform built by Dynatrace.","website":"https://www.dynatrace.com/platform/real-user-monitoring","common_platform_enumeration":"","icon":"Dynatrace.svg","categories":["RUM"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]},{"name":"Dynatrace","description":"Dynatrace is a technology company that produces a software intelligence platform based on artificial intelligence to monitor and optimise application performance and development, IT infrastructure, and user experience for businesses and government agencies throughout the world.","website":"https://www.dynatrace.com","common_platform_enumeration":"","icon":"Dynatrace.svg","categories":["Analytics"]},{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]}],"data":{"size":7218,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (401), with CRLF line terminators","md5":"96cc93500e6cfc956adf812d75aac5dc","sha1":"b1c225845e746c04b3ae8adae2baf3a7c01062c5","sha256":"457060d3de52480f7a977011124578bbc104c57fccc69e3e39b7aa38dcb3e63d","sha512":"f033b00d43c00eb6e64da98ff5d59bcd7c8768217f8bc3a7518f67f27a8d6e655cb819139a6b72d7a2d9d8093669ac6e6e08ce3c9638d17c031d9cee934333bd","ssdeep":"192:5b5dK4BY40h3sCdj96QQO5ZKVmdiSigtU:5b3K4BCsC9QO56EiSigm","tlshash":"4ae1a61e4a011946a1739368efd3e64efb6180078241ca9dbfdc93158fb39989072fe8","first_seen":"2026-01-08T18:47:47.239768Z","last_seen":"2026-01-08T18:47:47.239768Z","times_seen":1,"resource_available":false,"data":null}},"time_used":837,"timings":{"blocked":188,"dns":138,"connect":21,"send":0,"wait":460,"receive":1,"ssl":26},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Plugins/SevenSpikes.Nop.Plugins.MegaMenu/Scripts/MegaMenu.min.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.490Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Plugins/SevenSpikes.Nop.Plugins.MegaMenu/Scripts/MegaMenu.min.js HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nEtag: \"0d97678593ddb1:0\"\r\nLast-Modified: Sat, 23 Nov 2024 03:40:42 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 665\r\nContent-Encoding: gzip\r\nDate: Thu, 08 Jan 2026 18:47:11 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nX-Iinfo: 14-127319190-127318544 2VNN RT(1767898030426 1302) q(0 0 0 -1) r(3 3) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1660,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1514), with CRLF line terminators","md5":"6c95385523f669d5c1cf53aa586b1329","sha1":"5574e6487f1db63b14e6a41909a67fae7fbc712d","sha256":"49d5c99ef0648abf931ea3369358703d63226e208bf16a6c9a9c676cf3c63754","sha512":"18c6757eca45c0e2a9db235eb5b594e67cb58f1baffccb8fc5bda7129b13a658108da43c1ebb1c3225be4c789c23ec3571cc4032bdbca76da1ace85f7262543b","ssdeep":"","tlshash":"c231221c706471b238bb22bd72bbc40076636dbd86128158749ac3940b3eeb81273f5e","first_seen":"2025-06-25T06:02:02.700439Z","last_seen":"2026-04-13T00:21:38.839763Z","times_seen":10,"resource_available":true,"data":null}},"time_used":1534,"timings":{"blocked":1219,"dns":0,"connect":0,"send":0,"wait":315,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Scripts/UtilsJs/utils-js.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:12.362Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Scripts/UtilsJs/utils-js.js HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174; _gcl_au=1.1.76622958.1767898032\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nEtag: \"06a879593ddb1:0\"\r\nLast-Modified: Sat, 23 Nov 2024 03:40:44 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 539\r\nContent-Encoding: gzip\r\nCache-Control: max-age=0\r\nDate: Thu, 08 Jan 2026 18:47:11 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nX-Iinfo: 12-64928826-0 0CNN RT(1767898014018 18361) q(0 -1 -1 -1) r(0 -1)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]}],"data":{"size":1940,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with CRLF line terminators","md5":"d55eb1bea2a0023a39b61198d398c2f2","sha1":"f9edd19d68a67b18c359e0c3253d84edcd6d4d82","sha256":"b0bdbc9aa0406f5d7cf97dbfa42d766e16899ed1ee60d707ed4484b9311a6ea7","sha512":"cade20c89c1b5894374c8e40626eac5add63b6e5b7b713d4d1b7b0e56788888d5156afd51b961c55096068f1e7b2012ad631603c35fe0d95bf552fa107ba41cc","ssdeep":"","tlshash":"d9414a5b719226f486bb777f1b63864af83000ab88046200bcdc1e607fb4d5993b9fe0","first_seen":"2026-01-08T18:47:47.242091Z","last_seen":"2026-04-13T00:21:38.866753Z","times_seen":8,"resource_available":true,"data":null}},"time_used":26,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"prowebimages.blob.core.windows.net/regional/clubpromericaregional.jpg?\u0026auto=compress\u0026cs=tinysrgb","fqdn":"prowebimages.blob.core.windows.net","domain":"prowebimages.blob.core.windows.net","tld":"blob.core.windows.net"},"ip":{"addr":"20.209.162.193","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.clubpromerica.com/","date":"2026-01-08T18:46:54.946Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.blob.core.windows.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft Azure RSA TLS Issuing CA 03","organization":"Microsoft Corporation"},"validity":{"start":"Sun, 28 Sep 2025 16:48:26 GMT","end":"Fri, 27 Mar 2026 16:48:26 GMT"},"fingerprint":{"sha1":"F5:13:AA:13:09:76:83:78:38:09:52:3B:F7:12:7B:8C:50:CD:27:DD","sha256":"B5:3C:74:0B:F7:38:74:A1:60:92:C0:A8:D4:0B:E3:25:3F:8A:81:47:44:77:85:9D:4A:BD:C0:C7:F9:76:EA:9C"}}},"request":{"raw":"GET /regional/clubpromericaregional.jpg?\u0026auto=compress\u0026cs=tinysrgb HTTP/1.1\r\nHost: prowebimages.blob.core.windows.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Length: 397925\r\nContent-Type: image/jpeg\r\nLast-Modified: Tue, 18 Jun 2019 16:56:14 GMT\r\nETag: 0x8D6F40DDFAE20CA\r\nServer: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0\r\nx-ms-request-id: c6382cb1-a01e-00b3-7ccf-80f577000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\nDate: Thu, 08 Jan 2026 18:46:54 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]},{"name":"Microsoft HTTPAPI:2.0","description":"Microsoft HTTPAPI is a kernel-mode HTTP driver in the Windows operating system responsible for handling HTTP requests and responses with efficiency, scalability, and security.","website":"https://learn.microsoft.com/en-us/windows/win32/http/http-api-start-page","common_platform_enumeration":"","icon":"Microsoft.svg","categories":["Web servers"]}],"data":{"size":397925,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1280, components 3","md5":"c8c318dc4701dd40441a6b0cf51a5482","sha1":"bcc72eb4303d455cc279b09005cebc31de823690","sha256":"48b7f34f469f6e71ab405baedc25d7fcaf5ca25a0f847b4a8da0e58790b2618e","sha512":"4ea02dad2537bd67398a440c8e12727a2a229b9df7851bde7adf9f98707aad9d1d39f2d9c5ca0b21e4b327939e676119643659bc026a40cc2c5eee3066d2b200","ssdeep":"12288:mentpH71fRru9pXRVUodnJlCwQX205PZR0dFBp:mentpH7ruvfJo9X20J4dF3","tlshash":"fa8423e6548acfe272aa2bd934d2177bb54ec8239883c45dc483674530db41c7d7ea78","first_seen":"2026-01-08T18:47:47.243115Z","last_seen":"2026-01-23T20:15:24.205091Z","times_seen":3,"resource_available":false,"data":null}},"time_used":987,"timings":{"blocked":204,"dns":1,"connect":92,"send":0,"wait":111,"receive":466,"ssl":110},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/nunitosans/v19/pe0AMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfUVwoNnq4CLz0_kJ3xzHGAVFIF2w.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.clubpromerica.com/","date":"2026-01-08T18:46:55.426Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/nunitosans/v19/pe0AMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfUVwoNnq4CLz0_kJ3xzHGAVFIF2w.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.clubpromerica.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 49580\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 08 Jan 2026 16:33:18 GMT\r\nexpires: Fri, 08 Jan 2027 16:33:18 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 16 Sep 2025 13:31:20 GMT\r\ncontent-type: font/woff2\r\nage: 8017\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":49580,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 49580, version 1.0","md5":"700f45bd8200afec6e792096b626f88c","sha1":"d5deafd7f3bf1d1e81c457ed33e4bfcae9491332","sha256":"b8649c5603466af5eac426de0f7949e40cc3d7fab35f0d7db0a756a61028231d","sha512":"4e04907d7700e7b1d5e4c7e755a99fd27970322cef9235de1e038f9ed8e46eb17b368566aba13752c70008877d11db282454024c1405646d6d713244f045e8b6","ssdeep":"1536:yVdrD5lVFgypda4uI+pU3LNCb/h+39uwdT:Wrl5TpgxZa3JCb/Qow5","tlshash":"7b230290baa4b4e45b7abf3776e350b4740cc2f9b89901ac54aca39bbd71034e191c02","first_seen":"2025-09-17T07:38:58.307435Z","last_seen":"2026-06-10T17:34:13.691044Z","times_seen":2069,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":8,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Scripts/public.ajaxcart.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.475Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Scripts/public.ajaxcart.js HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nEtag: \"06a879593ddb1:0\"\r\nLast-Modified: Sat, 23 Nov 2024 03:40:44 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 827\r\nContent-Encoding: gzip\r\nDate: Thu, 08 Jan 2026 18:47:11 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nX-Iinfo: 12-64928826-64925927 2VNN RT(1767898014018 17544) q(0 0 0 -1) r(1 1) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3988,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with CRLF line terminators","md5":"5d787f7c98695151b3806cf1527a6b95","sha1":"2986bb30d4da14530b6dfcb24ff80e3620df2d5f","sha256":"93d64eeb84b1989afe8f13add9a8e4921daa3db2ef6b24cee5fad5dec097ad69","sha512":"21e2673176701964cbf23a440edd415d395395da337a3cfb4ee39892c7be255c49352ad783a87c081910848b1db66f3aef4527ff323a4d90c62c3af059e7f3c3","ssdeep":"","tlshash":"4781e08e221518badbf772bb9e071986f733825b1603855bbcbd40d02f31654a362e7d","first_seen":"2023-03-10T08:07:40Z","last_seen":"2026-06-09T19:56:01.865397Z","times_seen":69,"resource_available":true,"data":null}},"time_used":1191,"timings":{"blocked":1069,"dns":0,"connect":0,"send":0,"wait":122,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Plugins/SevenSpikes.Nop.Plugins.SmartProductCollections/Scripts/Products.min.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.478Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Plugins/SevenSpikes.Nop.Plugins.SmartProductCollections/Scripts/Products.min.js HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/javascript\r\nLast-Modified: Sat, 23 Nov 2024 03:40:42 GMT\r\nAccept-Ranges: bytes\r\nETag: \"0d97678593ddb1:0\"\r\nServer: Microsoft-IIS/10.0\r\nServer-Timing: dtSInfo;desc=\"0\", dtRpid;desc=\"1662768206\"\r\nDate: Thu, 08 Jan 2026 18:47:11 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nContent-Encoding: gzip\r\nTransfer-Encoding: chunked\r\nX-Iinfo: 8-14178468-14175398 2NYN RT(1767898030386 1165) q(0 0 0 -1) r(1 1) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]},{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4802,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"bef77a8de77e8da6b61b177618c5b69b","sha1":"0a0b168af2482c96c5d95e06ae52f5f317f5ce4b","sha256":"b719b4495175fa4362bcfda0794e6469dd73bb4b365a238a72eb8e5dd0f297e5","sha512":"86d3d59b041474258d300304f88355adf86640af309e4f541e45d4696cb6c741d50f9ccc23061c63fbde34cdcf182ee34c600672380c86e98b852e6ebdd3aea1","ssdeep":"96:TBvUFNHAlVXtd5sk2x/apC6/P8Q4knjHVrBkrllkm:tCBOdd5skI/H6/P8Q4kjHVrBElkm","tlshash":"99a1c94df27a34e35077b272551ba244fa302db39961898238fe95f40f398a12631f2f","first_seen":"2026-01-08T18:47:47.244725Z","last_seen":"2026-04-13T00:21:38.852063Z","times_seen":8,"resource_available":true,"data":null}},"time_used":1185,"timings":{"blocked":1069,"dns":0,"connect":0,"send":0,"wait":115,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"prowebimages.blob.core.windows.net/guatemala/0008792_ingreso-a-lounge-casa-del-ron_635.jpeg","fqdn":"prowebimages.blob.core.windows.net","domain":"prowebimages.blob.core.windows.net","tld":"blob.core.windows.net"},"ip":{"addr":"20.209.162.193","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.581Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.blob.core.windows.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft Azure RSA TLS Issuing CA 03","organization":"Microsoft Corporation"},"validity":{"start":"Sun, 28 Sep 2025 16:48:26 GMT","end":"Fri, 27 Mar 2026 16:48:26 GMT"},"fingerprint":{"sha1":"F5:13:AA:13:09:76:83:78:38:09:52:3B:F7:12:7B:8C:50:CD:27:DD","sha256":"B5:3C:74:0B:F7:38:74:A1:60:92:C0:A8:D4:0B:E3:25:3F:8A:81:47:44:77:85:9D:4A:BD:C0:C7:F9:76:EA:9C"}}},"request":{"raw":"GET /guatemala/0008792_ingreso-a-lounge-casa-del-ron_635.jpeg HTTP/1.1\r\nHost: prowebimages.blob.core.windows.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Length: 69977\r\nContent-Type: image/jpeg\r\nContent-MD5: 13EvVgCyI6fcTm2i+VYPfg==\r\nLast-Modified: Tue, 02 Dec 2025 22:19:31 GMT\r\nETag: 0x8DE31F0DDA3BDA1\r\nServer: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0\r\nx-ms-request-id: 5f72669d-c01e-00d7-11cf-8004ef000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\nDate: Thu, 08 Jan 2026 18:47:12 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Microsoft HTTPAPI:2.0","description":"Microsoft HTTPAPI is a kernel-mode HTTP driver in the Windows operating system responsible for handling HTTP requests and responses with efficiency, scalability, and security.","website":"https://learn.microsoft.com/en-us/windows/win32/http/http-api-start-page","common_platform_enumeration":"","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}],"data":{"size":69977,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 635x635, components 3","md5":"d7712f5600b223a7dc4e6da2f9560f7e","sha1":"ad5a684e9d3d909662c104d7a6f39f081f1f185c","sha256":"4597bc9f07929a84c5f452134ddd979303f9f0a8d2b38d1db489ffa7ad6bae83","sha512":"a11595eb2c57238f3716b92c3c6e0aa9ef546d55f80538e1c8e571c74d44554344b8e31b6a627cb81cfcbad95a96feaf799e12a9b9c850c5319cf83f5782da06","ssdeep":"1536:X0NdRf0qxbOUX9BWU9NVxpPschMTMD7eUPLck0Ri1XDasAOaNUpDwGC/Um:ENdRfzN/91pPPeUPoH4ashaADw0m","tlshash":"996302bb3a69dc1638be1d26b45293904781d7a6b1fa790128c3411df25c5ce8afdac8","first_seen":"2026-01-08T18:47:47.245963Z","last_seen":"2026-01-08T18:47:47.245963Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2126,"timings":{"blocked":1596,"dns":0,"connect":100,"send":0,"wait":105,"receive":192,"ssl":133},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Themes/Element/Content/CSS/720.css","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.421Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Themes/Element/Content/CSS/720.css HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nEtag: \"033d97a593ddb1:0\"\r\nLast-Modified: Sat, 23 Nov 2024 03:40:46 GMT\r\nContent-Type: text/css\r\nContent-Length: 3227\r\nContent-Encoding: gzip\r\nDate: Thu, 08 Jan 2026 18:47:10 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nX-Iinfo: 13-88454096-88451775 2VNN RT(1767898014715 15732) q(0 0 0 -1) r(4 4) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]}],"data":{"size":15353,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"64d0c41ea00d366b5a4733a1e446ade2","sha1":"e12e3a0342dd640638a9fe9926ca8c5f8f1194df","sha256":"cf78a717418c9e949f5fc52516c7220b5a3b04ba0ebe8778a961f5e8fab113c3","sha512":"a9d49b3c6961624f58249675964cffbb9afdf74a65a5469d1bcc26faa56928053efac934678801013c46b3436246b91e0b16275e73eed60d38d359243bdcd169","ssdeep":"384:iwU3eu1YsPNdlTUosJ9n07mGESBP1MIYclsQIJoRlosfJDVRJtpJ1a5k0YsxN/aN:iwU3eGRPNdlTUosJ9n0iGESBP1MIYcGU","tlshash":"846251c886a0368df70797297bf153557d0db0f0af5f0abca42952a8e3875a51a331cb","first_seen":"2026-01-08T18:47:47.247429Z","last_seen":"2026-04-13T00:21:38.950451Z","times_seen":8,"resource_available":false,"data":null}},"time_used":427,"timings":{"blocked":8,"dns":0,"connect":0,"send":0,"wait":419,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Themes/Element/Content/img/loading.gif","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:12.126Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Themes/Element/Content/img/loading.gif HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala/Themes/Element/Content/CSS/styles.css\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nEtag: \"033d97a593ddb1:0\"\r\nLast-Modified: Sat, 23 Nov 2024 03:40:46 GMT\r\nContent-Type: image/gif\r\nContent-Length: 21055\r\nDate: Thu, 08 Jan 2026 18:47:12 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nX-Iinfo: 14-127319189-127294725 2VNN RT(1767898030419 1775) q(0 0 0 -1) r(1 1) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]}],"data":{"size":21055,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 70 x 70","md5":"72aac3330743d2d1816ca55d621438a1","sha1":"69f174ba313ece877b643e336fbb866a602e3b23","sha256":"a5afe25c7781f6dc80b148723fe7baa41922211e1af2ca9825d5a8e1fd14c85c","sha512":"1e2d8147c9c915a3611ac8cb993a081cac43a3a0cca0a5c771dd393cdb1ed9a12ad53c470a87219a1b1d5771b5854dc2262c9886bb846c6a53e79e970f288e7b","ssdeep":"384:gM+FhNeTT/b4nIhCbN/h4qxq9TshTfxmDK:qS/bnCbOa8u","tlshash":"b892bf64d7b47e92d92ad9fc4c3f924dccf025c48d76c4aa7012c429de146a64fed3a2","first_seen":"2025-09-12T13:38:27.329964Z","last_seen":"2026-06-06T06:49:15.83842Z","times_seen":13,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":51,"dns":0,"connect":0,"send":0,"wait":124,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Plugins/SevenSpikes.Nop.Plugins.AnywhereSliders/Themes/Element/Content/nivo/loader.gif","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:12.461Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Plugins/SevenSpikes.Nop.Plugins.AnywhereSliders/Themes/Element/Content/nivo/loader.gif HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala/Plugins/SevenSpikes.Nop.Plugins.AnywhereSliders/Themes/Element/Content/nivo/nivo.css\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174; _gcl_au=1.1.76622958.1767898032\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: image/gif\r\nLast-Modified: Sat, 23 Nov 2024 03:40:40 GMT\r\nAccept-Ranges: bytes\r\nETag: \"0ac4577593ddb1:0\"\r\nServer: Microsoft-IIS/10.0\r\nServer-Timing: dtSInfo;desc=\"0\", dtRpid;desc=\"-2133308009\"\r\nDate: Thu, 08 Jan 2026 18:47:12 GMT\r\nContent-Length: 21055\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nX-Iinfo: 12-64928826-64927862 2NNN RT(1767898014018 18461) q(0 0 0 -1) r(2 2) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]},{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":21055,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 70 x 70","md5":"72aac3330743d2d1816ca55d621438a1","sha1":"69f174ba313ece877b643e336fbb866a602e3b23","sha256":"a5afe25c7781f6dc80b148723fe7baa41922211e1af2ca9825d5a8e1fd14c85c","sha512":"1e2d8147c9c915a3611ac8cb993a081cac43a3a0cca0a5c771dd393cdb1ed9a12ad53c470a87219a1b1d5771b5854dc2262c9886bb846c6a53e79e970f288e7b","ssdeep":"384:gM+FhNeTT/b4nIhCbN/h4qxq9TshTfxmDK:qS/bnCbOa8u","tlshash":"b892bf64d7b47e92d92ad9fc4c3f924dccf025c48d76c4aa7012c429de146a64fed3a2","first_seen":"2025-09-12T13:38:27.329964Z","last_seen":"2026-06-06T06:49:15.83842Z","times_seen":13,"resource_available":false,"data":null}},"time_used":219,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":218,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Themes/Element/Content/img/header-navigation-sprite-grey.png","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:12.577Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Themes/Element/Content/img/header-navigation-sprite-grey.png HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala/Themes/Element/Content/CSS/1000.css\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174; _gcl_au=1.1.76622958.1767898032\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: image/png\r\nLast-Modified: Sat, 23 Nov 2024 03:40:46 GMT\r\nAccept-Ranges: bytes\r\nETag: \"033d97a593ddb1:0\"\r\nServer: Microsoft-IIS/10.0\r\nServer-Timing: dtSInfo;desc=\"0\", dtRpid;desc=\"2059314245\"\r\nDate: Thu, 08 Jan 2026 18:47:12 GMT\r\nContent-Length: 4817\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nX-Iinfo: 8-14178468-14175398 2NNN RT(1767898030386 2246) q(0 0 0 -1) r(1 1) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]}],"data":{"size":4817,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 300 x 50, 8-bit/color RGBA, non-interlaced","md5":"d13ea8b95b6844c280aed9be130a9116","sha1":"88bedb280eaf0af4d853c38a282e6703715b63db","sha256":"ee5e20a359f781007fe88a1adf6555c93b14a5b16217f67c39cd7e55a474ee64","sha512":"eb133655a74451c809db4c5ecb478d01ceac5e710cab3ca51d52bcbe3dc5cbdf4f6ce4ce07de9c9e8360d8241c718acb685d9d18e2c0498bf587cdb008a22461","ssdeep":"96:BcynuqpZxXHkSK1kE2Yrco73tQNsOY9ixcnKxzsQ8etvyCRKkbzsafc:LxvxXHyz2YwsrhocnKOQ8etvFIklE","tlshash":"f2a18ea3d2719697c9e769387252e294dc820afb4612a295cc7134929f028f6f71b11f","first_seen":"2026-01-08T18:47:47.251574Z","last_seen":"2026-04-13T00:21:38.85152Z","times_seen":8,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":51,"dns":0,"connect":0,"send":0,"wait":109,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"googleads.g.doubleclick.net/pagead/viewthroughconversion/10883915179/?random=1767898032552\u0026cv=11\u0026fst=1767898032552\u0026fmt=3\u0026bg=ffffff\u0026guid=ON\u0026async=1\u0026en=conversion\u0026gtm=45be6170z89178607596za20gzb9178607596zd9178607596xea\u0026gcd=13l3l3l2l1l1\u0026dma_cps=syphamo\u0026dma=1\u0026tag_exp=103116026~103200004~104527906~104528500~104684208~104684211~105391253~115938465~115938468~116682877~116744867\u0026u_w=1280\u0026u_h=1024\u0026url=https%3A%2F%2Fwww.clubpromerica.com%2Fguatemala\u0026ref=https%3A%2F%2Fwww.clubpromerica.com%2F\u0026label=e4ffCJO0jJ4aEKu77cUo\u0026frm=0\u0026tiba=Club%20Promerica\u0026bttype=purchase\u0026value=0\u0026hn=www.google.com\u0026npa=1\u0026pscdl=noapi\u0026auid=76622958.1767898032\u0026ec_mode=a\u0026_tu=CA\u0026gcl_ctr=1~0\u0026em=tv.1~em.wwU1Sdf-YHL5qdek9JGXNWTcl3VJ-9kpLKePGGQXJBQ\u0026gcp=1\u0026ct_cookie_present=1","fqdn":"googleads.g.doubleclick.net","domain":"doubleclick.net","tld":"net"},"ip":{"addr":"142.250.74.98","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:12.585Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.g.doubleclick.net","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:49:25 GMT","end":"Wed, 25 Feb 2026 15:49:24 GMT"},"fingerprint":{"sha1":"91:C9:D2:96:3C:37:B7:AA:92:08:CB:D8:91:FB:4B:EC:F0:31:EE:14","sha256":"F9:FB:99:62:9D:67:65:04:DE:83:94:21:A9:3D:E7:BF:DB:C8:AF:30:5A:64:53:01:12:4A:34:94:55:B4:42:2A"}}},"request":{"raw":"GET /pagead/viewthroughconversion/10883915179/?random=1767898032552\u0026cv=11\u0026fst=1767898032552\u0026fmt=3\u0026bg=ffffff\u0026guid=ON\u0026async=1\u0026en=conversion\u0026gtm=45be6170z89178607596za20gzb9178607596zd9178607596xea\u0026gcd=13l3l3l2l1l1\u0026dma_cps=syphamo\u0026dma=1\u0026tag_exp=103116026~103200004~104527906~104528500~104684208~104684211~105391253~115938465~115938468~116682877~116744867\u0026u_w=1280\u0026u_h=1024\u0026url=https%3A%2F%2Fwww.clubpromerica.com%2Fguatemala\u0026ref=https%3A%2F%2Fwww.clubpromerica.com%2F\u0026label=e4ffCJO0jJ4aEKu77cUo\u0026frm=0\u0026tiba=Club%20Promerica\u0026bttype=purchase\u0026value=0\u0026hn=www.google.com\u0026npa=1\u0026pscdl=noapi\u0026auid=76622958.1767898032\u0026ec_mode=a\u0026_tu=CA\u0026gcl_ctr=1~0\u0026em=tv.1~em.wwU1Sdf-YHL5qdek9JGXNWTcl3VJ-9kpLKePGGQXJBQ\u0026gcp=1\u0026ct_cookie_present=1 HTTP/1.1\r\nHost: googleads.g.doubleclick.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\np3p: policyref=\"https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml\", CP=\"CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ndate: Thu, 08 Jan 2026 18:47:12 GMT\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, must-revalidate\r\ncontent-type: image/gif\r\nx-content-type-options: nosniff\r\nserver: cafe\r\ncontent-length: 42\r\nx-xss-protection: 0\r\nset-cookie: test_cookie=CheckForPermission; expires=Thu, 08-Jan-2026 19:02:12 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":42,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"d89746888da2d9510b64a9f031eaecd5","sha1":"d5fceb6532643d0d84ffe09c40c481ecdf59e15a","sha256":"ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629","sha512":"d5da26b5d496edb0221df1a4057a8b0285d15592a8f8dc7016a294df37ed335f3fde6a2252962e0df38b62847f8b771463a0124ef3f84299f262ed9d9d3cee4c","ssdeep":"","tlshash":"c4900023fa808000c3a8c2300a0b238a2b8c80200a28030b80ae208cec3a3a22c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-06-11T01:58:33.19137Z","times_seen":944807,"resource_available":true,"data":null}},"time_used":179,"timings":{"blocked":67,"dns":1,"connect":8,"send":0,"wait":44,"receive":0,"ssl":56},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"prowebimages.blob.core.windows.net/regional/loading.gif","fqdn":"prowebimages.blob.core.windows.net","domain":"prowebimages.blob.core.windows.net","tld":"blob.core.windows.net"},"ip":{"addr":"20.209.162.193","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.clubpromerica.com/","date":"2026-01-08T18:46:54.953Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.blob.core.windows.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft Azure RSA TLS Issuing CA 03","organization":"Microsoft Corporation"},"validity":{"start":"Sun, 28 Sep 2025 16:48:26 GMT","end":"Fri, 27 Mar 2026 16:48:26 GMT"},"fingerprint":{"sha1":"F5:13:AA:13:09:76:83:78:38:09:52:3B:F7:12:7B:8C:50:CD:27:DD","sha256":"B5:3C:74:0B:F7:38:74:A1:60:92:C0:A8:D4:0B:E3:25:3F:8A:81:47:44:77:85:9D:4A:BD:C0:C7:F9:76:EA:9C"}}},"request":{"raw":"GET /regional/loading.gif HTTP/1.1\r\nHost: prowebimages.blob.core.windows.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Length: 21055\r\nContent-Type: image/gif\r\nContent-MD5: cqrDMwdD0tGBbKVdYhQ4oQ==\r\nLast-Modified: Fri, 22 Dec 2023 02:14:58 GMT\r\nETag: 0x8DC0293CBF62D14\r\nServer: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0\r\nx-ms-request-id: 9ea77be0-a01e-0047-6ecf-803e81000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\nDate: Thu, 08 Jan 2026 18:46:54 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Microsoft HTTPAPI:2.0","description":"Microsoft HTTPAPI is a kernel-mode HTTP driver in the Windows operating system responsible for handling HTTP requests and responses with efficiency, scalability, and security.","website":"https://learn.microsoft.com/en-us/windows/win32/http/http-api-start-page","common_platform_enumeration":"","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}],"data":{"size":21055,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 70 x 70","md5":"72aac3330743d2d1816ca55d621438a1","sha1":"69f174ba313ece877b643e336fbb866a602e3b23","sha256":"a5afe25c7781f6dc80b148723fe7baa41922211e1af2ca9825d5a8e1fd14c85c","sha512":"1e2d8147c9c915a3611ac8cb993a081cac43a3a0cca0a5c771dd393cdb1ed9a12ad53c470a87219a1b1d5771b5854dc2262c9886bb846c6a53e79e970f288e7b","ssdeep":"384:gM+FhNeTT/b4nIhCbN/h4qxq9TshTfxmDK:qS/bnCbOa8u","tlshash":"b892bf64d7b47e92d92ad9fc4c3f924dccf025c48d76c4aa7012c429de146a64fed3a2","first_seen":"2025-09-12T13:38:27.329964Z","last_seen":"2026-06-06T06:49:15.83842Z","times_seen":13,"resource_available":false,"data":null}},"time_used":182,"timings":{"blocked":81,"dns":0,"connect":0,"send":0,"wait":100,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Plugins/SevenSpikes.Nop.Plugins.AnywhereSliders/Themes/Element/Content/nivo/nivo.css","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.438Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Plugins/SevenSpikes.Nop.Plugins.AnywhereSliders/Themes/Element/Content/nivo/nivo.css HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nEtag: \"0ac4577593ddb1:0\"\r\nLast-Modified: Sat, 23 Nov 2024 03:40:40 GMT\r\nContent-Type: text/css\r\nContent-Length: 902\r\nContent-Encoding: gzip\r\nDate: Thu, 08 Jan 2026 18:47:10 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nX-Iinfo: 14-127319189-127318668 2VNN RT(1767898030419 717) q(0 0 0 -1) r(1 1) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]}],"data":{"size":2497,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"bfbdbd69c710bb8a769e7dcb1fc2e087","sha1":"33c7a425b5681d64951026e00c29453be4042e69","sha256":"04e7230953c31e4be43a620b110f1ca2be6387be926047c8e0a0efafa4b63a26","sha512":"6a65dcb260ed14f5381adda79e3de522416e7341465d5d79e8a2f9be998c65648343a3afb41b2fe1ea88fcadf75ff51605ea71eb67e8bcb19025d4257038be34","ssdeep":"","tlshash":"5d51de7da780324a61e3f36833b19b018dac94a3bb0f4fbcb5d9391753590855e27ac5","first_seen":"2026-01-08T18:47:47.253157Z","last_seen":"2026-04-13T00:21:38.887259Z","times_seen":8,"resource_available":false,"data":null}},"time_used":799,"timings":{"blocked":680,"dns":0,"connect":0,"send":0,"wait":119,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"prowebimages.blob.core.windows.net/guatemala/0008511.png","fqdn":"prowebimages.blob.core.windows.net","domain":"prowebimages.blob.core.windows.net","tld":"blob.core.windows.net"},"ip":{"addr":"20.209.162.193","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.547Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.blob.core.windows.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft Azure RSA TLS Issuing CA 03","organization":"Microsoft Corporation"},"validity":{"start":"Sun, 28 Sep 2025 16:48:26 GMT","end":"Fri, 27 Mar 2026 16:48:26 GMT"},"fingerprint":{"sha1":"F5:13:AA:13:09:76:83:78:38:09:52:3B:F7:12:7B:8C:50:CD:27:DD","sha256":"B5:3C:74:0B:F7:38:74:A1:60:92:C0:A8:D4:0B:E3:25:3F:8A:81:47:44:77:85:9D:4A:BD:C0:C7:F9:76:EA:9C"}}},"request":{"raw":"GET /guatemala/0008511.png HTTP/1.1\r\nHost: prowebimages.blob.core.windows.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Length: 1556435\r\nContent-Type: image/png\r\nContent-MD5: ruxziPblA9j/nPmpO6RUPw==\r\nLast-Modified: Thu, 06 Nov 2025 06:50:46 GMT\r\nETag: 0x8DE1D00D0261999\r\nServer: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0\r\nx-ms-request-id: c6384f30-a01e-00b3-17cf-80f577000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\nDate: Thu, 08 Jan 2026 18:47:12 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Microsoft HTTPAPI:2.0","description":"Microsoft HTTPAPI is a kernel-mode HTTP driver in the Windows operating system responsible for handling HTTP requests and responses with efficiency, scalability, and security.","website":"https://learn.microsoft.com/en-us/windows/win32/http/http-api-start-page","common_platform_enumeration":"","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}],"data":{"size":1556435,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1920 x 820, 8-bit/color RGBA, non-interlaced","md5":"96029617d0047b57c860ff95a463c8e3","sha1":"20e5d21659ffb853b000fb23d61a80aa55dfd6e7","sha256":"2b9ea721042523d841be9c3effb43f7ac75b4c89bd6978eef5b59be4ba0e99e6","sha512":"065d3fd99fbff1207dd19aa107424251406c4d48efd07675d064facb3eccb8fe765adc11e34b6e9ca71ef193c288c48e1b6616a83f256fbaeec6a4b91f45b3c9","ssdeep":"24576:nrH2QrXDBwZptHInLfiSUWwfBag1VYtCtZrq:rH2uXD+ftHInr4dVucW","tlshash":"9e25339871be9fb08d1f0d198669ec17841f573964f6db0408dde65ab90ef29c08ee32","first_seen":"2026-01-08T18:47:47.2542Z","last_seen":"2026-01-08T18:47:47.2542Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2289,"timings":{"blocked":1940,"dns":0,"connect":0,"send":0,"wait":134,"receive":215,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Plugins/SevenSpikes.Nop.Plugins.InstantSearch/Themes/Element/Content/InstantSearch.css","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.432Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Plugins/SevenSpikes.Nop.Plugins.InstantSearch/Themes/Element/Content/InstantSearch.css HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: text/css\r\nLast-Modified: Sat, 23 Nov 2024 03:40:42 GMT\r\nAccept-Ranges: bytes\r\nETag: \"0d97678593ddb1:0\"\r\nServer: Microsoft-IIS/10.0\r\nServer-Timing: dtSInfo;desc=\"0\", dtRpid;desc=\"-734101477\"\r\nDate: Thu, 08 Jan 2026 18:47:11 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nContent-Encoding: gzip\r\nTransfer-Encoding: chunked\r\nX-Iinfo: 14-127319190-127303957 2NYN RT(1767898030426 491) q(0 0 0 -1) r(4 4) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]}],"data":{"size":4482,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"468d37c71c45d83bc43c3579af4b6678","sha1":"2851fb83d7fff543c2a18f23a638739ca6c733cc","sha256":"73ffc9c194e950e04bc15c016fb6e97b0d9be778e2d84661addbd64946ca235d","sha512":"43d3b65dc5c694c04ca692315dcbc7b96db84ebb2cc17a8b33583b3ab2a66c228f4bb06afdf2bb94e001b376ffed71a0193e43d06b3b4a808bc847d5aecc5312","ssdeep":"96:qRJJKuWhz6d2edxtbWcN2fnIQx1DrCKvKf+wNjsKVtioswVpI:qfJYg/VKm2fLBKf+OiKm","tlshash":"3491dd7e9595200e762eab65b7b63b39bf4c00b4af070279b4fe7264824786715333c6","first_seen":"2025-10-22T05:00:47.268026Z","last_seen":"2026-04-13T00:21:38.888186Z","times_seen":9,"resource_available":false,"data":null}},"time_used":896,"timings":{"blocked":464,"dns":0,"connect":0,"send":0,"wait":432,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Plugins/SevenSpikes.Nop.Plugins.AnywhereSliders/Scripts/nivo/jquery.nivo.slider.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.494Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Plugins/SevenSpikes.Nop.Plugins.AnywhereSliders/Scripts/nivo/jquery.nivo.slider.js HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/javascript\r\nLast-Modified: Sat, 23 Nov 2024 03:40:40 GMT\r\nAccept-Ranges: bytes\r\nETag: \"0ac4577593ddb1:0\"\r\nServer: Microsoft-IIS/10.0\r\nServer-Timing: dtSInfo;desc=\"0\", dtRpid;desc=\"1156684142\"\r\nDate: Thu, 08 Jan 2026 18:47:11 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nContent-Encoding: gzip\r\nTransfer-Encoding: chunked\r\nX-Iinfo: 8-14178468-14175398 2NYN RT(1767898030386 1390) q(0 0 0 -1) r(1 1) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]},{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":30318,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (386), with CRLF line terminators","md5":"40e45ecb07eda8ef6c157ab6970f9df4","sha1":"bef36c2e27521277ef66bf3893ee1f513785d4ff","sha256":"d05c6a9d5d907f8191e106b8eff806c801d996b0997ac3a091f18cb4374fcfc9","sha512":"4c23fa1bfe32b4cacc95a337a51a2d99d2564b5627b804d712adb286faf3d2f6f24bf2229aa4ba63d5a959820b6b4d7c151a013405174815b1e24e632d476e5d","ssdeep":"192:TgM/zDfBzxP+sJzRDIBOdSUbv4YcFNYcZ3yOiekKjoH1VrqjoHqVrc5ap7jacCTH:0M/P+0zE1NWMVoIxf2Ztat8VveCrR5","tlshash":"5ed2200eb16119a5d9f2327abf2e8908debb52131512cb34bcfc024d5fb50849667fe9","first_seen":"2023-03-12T23:34:05Z","last_seen":"2026-06-04T16:53:24.582577Z","times_seen":32,"resource_available":true,"data":null}},"time_used":1393,"timings":{"blocked":1277,"dns":0,"connect":0,"send":0,"wait":111,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"prowebimages.blob.core.windows.net/guatemala/0000733.png","fqdn":"prowebimages.blob.core.windows.net","domain":"prowebimages.blob.core.windows.net","tld":"blob.core.windows.net"},"ip":{"addr":"20.209.162.193","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.505Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.blob.core.windows.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft Azure RSA TLS Issuing CA 03","organization":"Microsoft Corporation"},"validity":{"start":"Sun, 28 Sep 2025 16:48:26 GMT","end":"Fri, 27 Mar 2026 16:48:26 GMT"},"fingerprint":{"sha1":"F5:13:AA:13:09:76:83:78:38:09:52:3B:F7:12:7B:8C:50:CD:27:DD","sha256":"B5:3C:74:0B:F7:38:74:A1:60:92:C0:A8:D4:0B:E3:25:3F:8A:81:47:44:77:85:9D:4A:BD:C0:C7:F9:76:EA:9C"}}},"request":{"raw":"GET /guatemala/0000733.png HTTP/1.1\r\nHost: prowebimages.blob.core.windows.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Length: 4658\r\nContent-Type: image/png\r\nContent-MD5: 7UxhLJTJZ/jj9op4E6xTgw==\r\nLast-Modified: Wed, 17 Jul 2019 15:11:41 GMT\r\nETag: 0x8D70AC9127FAF1D\r\nServer: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0\r\nx-ms-request-id: c6384e7e-a01e-00b3-6fcf-80f577000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\nDate: Thu, 08 Jan 2026 18:47:11 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]},{"name":"Microsoft HTTPAPI:2.0","description":"Microsoft HTTPAPI is a kernel-mode HTTP driver in the Windows operating system responsible for handling HTTP requests and responses with efficiency, scalability, and security.","website":"https://learn.microsoft.com/en-us/windows/win32/http/http-api-start-page","common_platform_enumeration":"","icon":"Microsoft.svg","categories":["Web servers"]}],"data":{"size":4658,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 400 x 80, 8-bit/color RGBA, non-interlaced","md5":"ed4c612c94c967f8e3f68a7813ac5383","sha1":"23417e351c6be6a8082a7c648c6295bdd3ae5cff","sha256":"5da63449067579cd4ceafa83a3259ee1f861d273ea59586c8822b6a742217d8e","sha512":"6d2c9b9e52f3531d0e573b7c427cb7300ffd8ab76ecd1317f91de533e6810b124aecff607736411d6f4c260d87ffe48559493f29e5387269b9407979d75eaa6c","ssdeep":"96:qR52my5rZwtbptPnPt9khC9ru077Me8U2NP1Q1U2F:qRsN1kbptHt9gkb77D8U2zQn","tlshash":"97a17ce887baf142ee2b9a7203662faba5d71ac451d223b6f9c8580d4518fb04004aa1","first_seen":"2026-01-08T18:47:47.257397Z","last_seen":"2026-04-13T00:21:38.834977Z","times_seen":8,"resource_available":false,"data":null}},"time_used":1772,"timings":{"blocked":1672,"dns":0,"connect":0,"send":0,"wait":100,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"prowebimages.blob.core.windows.net/guatemala/0007702_15-de-descuento-en-lili-pink_635.jpeg","fqdn":"prowebimages.blob.core.windows.net","domain":"prowebimages.blob.core.windows.net","tld":"blob.core.windows.net"},"ip":{"addr":"20.209.162.193","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.713Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.blob.core.windows.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft Azure RSA TLS Issuing CA 03","organization":"Microsoft Corporation"},"validity":{"start":"Sun, 28 Sep 2025 16:48:26 GMT","end":"Fri, 27 Mar 2026 16:48:26 GMT"},"fingerprint":{"sha1":"F5:13:AA:13:09:76:83:78:38:09:52:3B:F7:12:7B:8C:50:CD:27:DD","sha256":"B5:3C:74:0B:F7:38:74:A1:60:92:C0:A8:D4:0B:E3:25:3F:8A:81:47:44:77:85:9D:4A:BD:C0:C7:F9:76:EA:9C"}}},"request":{"raw":"GET /guatemala/0007702_15-de-descuento-en-lili-pink_635.jpeg HTTP/1.1\r\nHost: prowebimages.blob.core.windows.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Length: 46339\r\nContent-Type: image/jpeg\r\nContent-MD5: imB776Pb5m4OGENQ0aiOnw==\r\nLast-Modified: Wed, 11 Jun 2025 01:12:00 GMT\r\nETag: 0x8DDA884F7EDC371\r\nServer: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0\r\nx-ms-request-id: c6384eab-a01e-00b3-1acf-80f577000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\nDate: Thu, 08 Jan 2026 18:47:11 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Microsoft HTTPAPI:2.0","description":"Microsoft HTTPAPI is a kernel-mode HTTP driver in the Windows operating system responsible for handling HTTP requests and responses with efficiency, scalability, and security.","website":"https://learn.microsoft.com/en-us/windows/win32/http/http-api-start-page","common_platform_enumeration":"","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}],"data":{"size":46339,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 635x635, components 3","md5":"8a607befa3dbe66e0e184350d1a88e9f","sha1":"c34d65de141caf0076d1fb72d4fc09eff7e5429d","sha256":"f1e909f62fc89bb5817c7ec961d2f29b33ca65f3dd9aa438c4eb8dcbf0c77271","sha512":"5972f96849b4e113e032fa33085b4682fd9949b285570152ac132278d0017b8bf80e9441e22d0d1eb3c52f6f800e3a6a16cb4823b39d27bb246f11cfd9e73bfb","ssdeep":"768:XRGzLLrMMdzd95sBpzyj73rHAStCTnM8SY/9qBiGCxK8EpIt2y9wdA7hfa:XRG3xL5sBV646CTZSo4BiGCxdEpItt2h","tlshash":"c523010bca14883397707d7965da1cc8404997b923853bf9263b3f522f5f9b5248f2a7","first_seen":"2026-01-08T18:47:47.258323Z","last_seen":"2026-01-08T18:47:47.258323Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1667,"timings":{"blocked":1564,"dns":0,"connect":0,"send":0,"wait":101,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"prowebimages.blob.core.windows.net/regional/clubpromericalogo.png","fqdn":"prowebimages.blob.core.windows.net","domain":"prowebimages.blob.core.windows.net","tld":"blob.core.windows.net"},"ip":{"addr":"20.209.162.193","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.clubpromerica.com/","date":"2026-01-08T18:46:54.674Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.blob.core.windows.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft Azure RSA TLS Issuing CA 03","organization":"Microsoft Corporation"},"validity":{"start":"Sun, 28 Sep 2025 16:48:26 GMT","end":"Fri, 27 Mar 2026 16:48:26 GMT"},"fingerprint":{"sha1":"F5:13:AA:13:09:76:83:78:38:09:52:3B:F7:12:7B:8C:50:CD:27:DD","sha256":"B5:3C:74:0B:F7:38:74:A1:60:92:C0:A8:D4:0B:E3:25:3F:8A:81:47:44:77:85:9D:4A:BD:C0:C7:F9:76:EA:9C"}}},"request":{"raw":"GET /regional/clubpromericalogo.png HTTP/1.1\r\nHost: prowebimages.blob.core.windows.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Length: 6451\r\nContent-Type: image/png\r\nLast-Modified: Tue, 18 Jun 2019 16:56:19 GMT\r\nETag: 0x8D6F40DE2EAA753\r\nServer: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0\r\nx-ms-request-id: 9ea77ba5-a01e-0047-39cf-803e81000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\nDate: Thu, 08 Jan 2026 18:46:54 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]},{"name":"Microsoft HTTPAPI:2.0","description":"Microsoft HTTPAPI is a kernel-mode HTTP driver in the Windows operating system responsible for handling HTTP requests and responses with efficiency, scalability, and security.","website":"https://learn.microsoft.com/en-us/windows/win32/http/http-api-start-page","common_platform_enumeration":"","icon":"Microsoft.svg","categories":["Web servers"]}],"data":{"size":6451,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 619 x 108, 8-bit/color RGBA, non-interlaced","md5":"90ef2eb11a1b5bf3458a54e87aac71d1","sha1":"4c000098d0ee029940694cc02deb2657e53cf95b","sha256":"403c3f8976c4797641d4d8b284174b22d9fd0795ff90c9738c8643d5a0e527c0","sha512":"05166b754f43799208d381a109646ba6aadcf8455b661d03843f9922180eed34d7d151c5af02dad42de8f31d213727e94675d08faa3ef201b8a083ca064e9a55","ssdeep":"192:lSUCrRZNCATfcXrRB+/9NwKFFjLVwKtVOjtDAfrP3U0IH+2+a/:E5rRnX0ylFd5woOjtDG3UbHP+G","tlshash":"e9d19f45c583a398c81913f04ace5d80d535e871d6d3eaa556b7e89c1c4cf31b0d5eed","first_seen":"2026-01-08T18:47:47.259314Z","last_seen":"2026-01-23T20:15:24.200412Z","times_seen":3,"resource_available":false,"data":null}},"time_used":624,"timings":{"blocked":257,"dns":59,"connect":96,"send":0,"wait":102,"receive":0,"ssl":107},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Plugins/SevenSpikes.Nop.Plugins.ProductRibbons/Themes/Element/Content/Ribbons.css","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.449Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Plugins/SevenSpikes.Nop.Plugins.ProductRibbons/Themes/Element/Content/Ribbons.css HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nEtag: \"0d97678593ddb1:0\"\r\nLast-Modified: Sat, 23 Nov 2024 03:40:42 GMT\r\nContent-Type: text/css\r\nContent-Length: 444\r\nContent-Encoding: gzip\r\nDate: Thu, 08 Jan 2026 18:47:11 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nX-Iinfo: 14-127319187-127319238 2VNN RT(1767898030417 728) q(0 0 0 -1) r(0 4) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]}],"data":{"size":1021,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"e326def7b2049d5cf1995ad8669b5b5e","sha1":"6e82557ee031a5153885454da6c240eff206642b","sha256":"ca8b9a749bf81f9b0c7e7649fc947718d01295deac9a9f8feeb405babe938782","sha512":"4d17a5044748ff13812d693992b61baea56e1f77935584ab077ce1db46c8521b59aa6011651e3ae654cff9c349d6e13b604159e231af3765b08e7bb4f6da57d9","ssdeep":"","tlshash":"9a11af889939b64a1303f37df3b41259ff14b0f0ff6f8099b285914ba7480644731c4a","first_seen":"2026-01-08T18:47:47.260258Z","last_seen":"2026-04-13T00:21:38.837454Z","times_seen":8,"resource_available":false,"data":null}},"time_used":1101,"timings":{"blocked":679,"dns":0,"connect":0,"send":0,"wait":422,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Plugins/SevenSpikes.Core/Scripts/SevenSpikesExtensions.min.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.489Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Plugins/SevenSpikes.Core/Scripts/SevenSpikesExtensions.min.js HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nEtag: \"0ac4577593ddb1:0\"\r\nLast-Modified: Sat, 23 Nov 2024 03:40:40 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 4033\r\nContent-Encoding: gzip\r\nDate: Thu, 08 Jan 2026 18:47:11 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nX-Iinfo: 14-127319187-127319238 2VNN RT(1767898030417 1297) q(0 0 0 -1) r(1 1) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":13642,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (13634), with no line terminators","md5":"42b7b45918c98621d58101ffdf23b129","sha1":"3edd16e64b167005fa8d6ae3465b72a4255cccd3","sha256":"60115c0285de95078e8bb36ed0de24f38bd86b45e9b1cef3c7815767a06526d9","sha512":"0657bf70089ef3329903930e1aea31317f5c9e3d3057506dff164ad2e6aeaf1461b796a2b64a940d0b52f0440bd520dde45e97b5b26d6c2f5da25f31e51048d7","ssdeep":"384:Use8S/w0+ApWoi2DP28GgVYdZz41Ud7y1T4L:7Hsw0+ApWoi2DPTNVqZz4+lyUL","tlshash":"2752b4487111353445ff51bef02f1406b2337e6bca0a4891a56c8e5e0badd6aa273f6f","first_seen":"2025-06-25T06:02:02.71689Z","last_seen":"2026-05-12T03:33:01.944639Z","times_seen":12,"resource_available":true,"data":null}},"time_used":1330,"timings":{"blocked":1207,"dns":0,"connect":0,"send":0,"wait":122,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"prowebimages.blob.core.windows.net/guatemala/0009240_hasta-50-de-descuento-en-baby-fresh_635.png","fqdn":"prowebimages.blob.core.windows.net","domain":"prowebimages.blob.core.windows.net","tld":"blob.core.windows.net"},"ip":{"addr":"20.209.162.193","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.552Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.blob.core.windows.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft Azure RSA TLS Issuing CA 03","organization":"Microsoft Corporation"},"validity":{"start":"Sun, 28 Sep 2025 16:48:26 GMT","end":"Fri, 27 Mar 2026 16:48:26 GMT"},"fingerprint":{"sha1":"F5:13:AA:13:09:76:83:78:38:09:52:3B:F7:12:7B:8C:50:CD:27:DD","sha256":"B5:3C:74:0B:F7:38:74:A1:60:92:C0:A8:D4:0B:E3:25:3F:8A:81:47:44:77:85:9D:4A:BD:C0:C7:F9:76:EA:9C"}}},"request":{"raw":"GET /guatemala/0009240_hasta-50-de-descuento-en-baby-fresh_635.png HTTP/1.1\r\nHost: prowebimages.blob.core.windows.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Length: 580447\r\nContent-Type: image/png\r\nContent-MD5: Um8PRwfp2qiKVLnL2BCUog==\r\nLast-Modified: Thu, 01 Jan 2026 20:21:02 GMT\r\nETag: 0x8DE497348CF3CA5\r\nServer: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0\r\nx-ms-request-id: 5f7266fc-c01e-00d7-66cf-8004ef000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\nDate: Thu, 08 Jan 2026 18:47:12 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Microsoft HTTPAPI:2.0","description":"Microsoft HTTPAPI is a kernel-mode HTTP driver in the Windows operating system responsible for handling HTTP requests and responses with efficiency, scalability, and security.","website":"https://learn.microsoft.com/en-us/windows/win32/http/http-api-start-page","common_platform_enumeration":"","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}],"data":{"size":580447,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 635 x 635, 8-bit/color RGBA, non-interlaced","md5":"526f0f4707e9daa88a54b9cbd81094a2","sha1":"05c0b66ee6f42a7f275eca812ec1a7baeeec8da6","sha256":"703f6d41928dfbf8fd22b610ea8237d07cdd86dcc4dd8d5f09ef9e41a5bab7b7","sha512":"429b08c9d07cfdeb32af791ac31785f6d9add6804662badfbcf0b99d1071848c181a98cac193028432632d9e60dfab55c8c4b8e260e78cd0f018d180c6ad627d","ssdeep":"12288:ABh0WMqxWs9fVmp1sAuhvs/Og/fUFRynk0f4ur6kqSj8F:ih0Pyf2shyfUC1r3p4F","tlshash":"35c423562d84c87f78edf1863d8ef26cda64245ff57c936cb30ae41441e22aa911cf68","first_seen":"2026-01-08T18:47:47.261961Z","last_seen":"2026-01-08T18:47:47.261961Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2599,"timings":{"blocked":2155,"dns":0,"connect":0,"send":0,"wait":137,"receive":307,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"prowebimages.blob.core.windows.net/guatemala/0008499_2x1-en-platos-seleccionados-en-tre-fratelli_635.png","fqdn":"prowebimages.blob.core.windows.net","domain":"prowebimages.blob.core.windows.net","tld":"blob.core.windows.net"},"ip":{"addr":"20.209.162.193","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.618Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.blob.core.windows.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft Azure RSA TLS Issuing CA 03","organization":"Microsoft Corporation"},"validity":{"start":"Sun, 28 Sep 2025 16:48:26 GMT","end":"Fri, 27 Mar 2026 16:48:26 GMT"},"fingerprint":{"sha1":"F5:13:AA:13:09:76:83:78:38:09:52:3B:F7:12:7B:8C:50:CD:27:DD","sha256":"B5:3C:74:0B:F7:38:74:A1:60:92:C0:A8:D4:0B:E3:25:3F:8A:81:47:44:77:85:9D:4A:BD:C0:C7:F9:76:EA:9C"}}},"request":{"raw":"GET /guatemala/0008499_2x1-en-platos-seleccionados-en-tre-fratelli_635.png HTTP/1.1\r\nHost: prowebimages.blob.core.windows.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Length: 980240\r\nContent-Type: image/png\r\nContent-MD5: 77+6Epb6q5rdsGYIZKkQ6w==\r\nLast-Modified: Thu, 06 Nov 2025 04:58:00 GMT\r\nETag: 0x8DE1CF10F6B1F48\r\nServer: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0\r\nx-ms-request-id: 61b44a46-801e-0022-48cf-8090c5000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\nDate: Thu, 08 Jan 2026 18:47:11 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Microsoft HTTPAPI:2.0","description":"Microsoft HTTPAPI is a kernel-mode HTTP driver in the Windows operating system responsible for handling HTTP requests and responses with efficiency, scalability, and security.","website":"https://learn.microsoft.com/en-us/windows/win32/http/http-api-start-page","common_platform_enumeration":"","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}],"data":{"size":980240,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 635 x 635, 8-bit/color RGBA, non-interlaced","md5":"efbfba1296faab9addb0660864a910eb","sha1":"c3d46d1da7b6d97a0f6e5f3bd2b4b95db6329248","sha256":"b40eb240ea18ada1328744a79d57aebcad86faace4c05179cd158bccba5f23d1","sha512":"8764cfb66aa1f376558a799be604c46e66563cda7669b896527cee926875a0c250596eefa73c85b586d0c023fde19a362eca1f6e4968e55fd63afab06c611ee5","ssdeep":"24576:T95wDCN46aRJTf0C/ewkFvD/C75BFY1Cn5OsliA4LbLaXvBv:TDwDCipRdcC/mFve75UcnZliPbABv","tlshash":"562523db97361327d3aad3c3aa00cfacd8e2658be864cd500f985d8d00b55d56a4edb3","first_seen":"2026-01-08T18:47:47.262924Z","last_seen":"2026-01-08T18:47:47.262924Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2495,"timings":{"blocked":1559,"dns":0,"connect":92,"send":0,"wait":132,"receive":572,"ssl":139},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Plugins/SevenSpikes.Nop.Plugins.SmartProductCollections/Themes/Element/Content/images/loader.gif","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:12.619Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Plugins/SevenSpikes.Nop.Plugins.SmartProductCollections/Themes/Element/Content/images/loader.gif HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174; _gcl_au=1.1.76622958.1767898032\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nEtag: \"0d97678593ddb1:0\"\r\nLast-Modified: Sat, 23 Nov 2024 03:40:42 GMT\r\nContent-Type: image/gif\r\nContent-Length: 21055\r\nDate: Thu, 08 Jan 2026 18:47:12 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nX-Iinfo: 14-127319189-127318849 2VNN RT(1767898030419 2386) q(0 0 0 -1) r(1 1) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]}],"data":{"size":21055,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 70 x 70","md5":"72aac3330743d2d1816ca55d621438a1","sha1":"69f174ba313ece877b643e336fbb866a602e3b23","sha256":"a5afe25c7781f6dc80b148723fe7baa41922211e1af2ca9825d5a8e1fd14c85c","sha512":"1e2d8147c9c915a3611ac8cb993a081cac43a3a0cca0a5c771dd393cdb1ed9a12ad53c470a87219a1b1d5771b5854dc2262c9886bb846c6a53e79e970f288e7b","ssdeep":"384:gM+FhNeTT/b4nIhCbN/h4qxq9TshTfxmDK:qS/bnCbOa8u","tlshash":"b892bf64d7b47e92d92ad9fc4c3f924dccf025c48d76c4aa7012c429de146a64fed3a2","first_seen":"2025-09-12T13:38:27.329964Z","last_seen":"2026-06-06T06:49:15.83842Z","times_seen":13,"resource_available":false,"data":null}},"time_used":323,"timings":{"blocked":168,"dns":0,"connect":0,"send":0,"wait":125,"receive":30,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Plugins/SevenSpikes.Nop.Plugins.AnywhereSliders/Styles/nivo/nivo-slider.css","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.436Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Plugins/SevenSpikes.Nop.Plugins.AnywhereSliders/Styles/nivo/nivo-slider.css HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: text/css\r\nLast-Modified: Sat, 23 Nov 2024 03:40:40 GMT\r\nAccept-Ranges: bytes\r\nETag: \"0ac4577593ddb1:0\"\r\nServer: Microsoft-IIS/10.0\r\nServer-Timing: dtSInfo;desc=\"0\", dtRpid;desc=\"1991914929\"\r\nDate: Thu, 08 Jan 2026 18:47:10 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nContent-Encoding: gzip\r\nTransfer-Encoding: chunked\r\nX-Iinfo: 14-127319187-127299931 2NYN RT(1767898030417 601) q(0 0 0 -1) r(1 1) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]},{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":2490,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"d68dd0b4042cbc36523d1a1fe4d6d782","sha1":"6d9f5cb16a552bf5c3882de8adf72dabfa9af288","sha256":"8db8026ddecf275c75c1fee18e71161b6951b6038d1b7d0e8203ef2539209a59","sha512":"ffec40e597b931d799757fac716e782db5163834de94890574fd7dd8b27f3f725e80fb18148268f980da65fb3378c0c4f8e17a6b18da043dbba207c4b64488d7","ssdeep":"","tlshash":"a551212e9201124152f3e3b47fd7475de87940a76b02009cbae496928fbb2d99972ee0","first_seen":"2023-06-13T21:49:09Z","last_seen":"2026-06-02T18:03:52.187596Z","times_seen":48,"resource_available":false,"data":null}},"time_used":691,"timings":{"blocked":560,"dns":0,"connect":0,"send":0,"wait":131,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-08T18:47:00.318Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; ___utmvc=60f3CLHZuLBDKMcE+6Bty7gdWUvtUeVJsIk3H5s23kT9ZWwz0QTiZ2jkoMqFG9vG3ig5upt9KaW6x5+WtDM38FnKDZ+d1DtalpQ4sU4NMWyUOMqyjrpcV/zgFJmhUb3d9pnyZsBj3g7jBPspi5BQK3QK5PUIy75zByEzaPsH6fDrUR/7GxiQT5zu5/yfTY0O4GCith89OejKymbu9d18HbQzrHsKGturcKyl7PMuHHMxPiRRFU3mHBqqobeThyFRu2BZsh0pWnoo4fR40nMupOyY5fAJ1GsOtlYSijh5rJvhoGj62PP7VSuZpeD5nSeDboMRpb6JJODTbV2X1SrN/+upi+TxA2IK9MwH0qr6Xm+vsYwrmHAXPC5GtJVERHu69sGa5hEikfzv33KcfxaDq/5UteJOQwul6EJ0sZmURO9J+y9F4V07LvS1mZt17x1sIz9joSdjFsBxDAhFp5Lw5IOxuDMi8PvR9NYDhoMLiGrVJcUXXPVDgKD0xLoH1/1PasUIZoNtwVrkU0gz8Fw2/2kaj3+4JgrwCdFk/E0r2fO0QCwiV9xmiQK3sf94F4hCRpCZt/yD8r+ZBFBF+BR347pkq/zFNV2cC0acPxEhdjgs+mO9KAMna6QUHj1ACK2CW4hRnOMVHG+BQ0SMI+I8aNpw3M49qKiIaqnbwRmvUUIQ+kkETfP8kdihkZKmrPaukbF/sm5b+4KWfMn8Yy5H/kBxfIR/TrvxtJfmCyk68r2nQptOX5IssA4bQyHAjXHHgekn7T2TZHbTlCaVhC/6pQd4ddTQeNEVk3Y01p1ajXKUddJkY6USy4d+Y/RPhq3R4MHp4jzcZHV0KMN8ezYcOpvUEx9PKD4EOAHmxujzDCt1Spf9aOPWhA7IIwXHvKZK6p0X8OHZUfNg9CCeIwt1KsbPu4W4jsROx43la0+njOWQ8VFufCRQo927PbfFlXhFHembjKH/+5NYF4MMhL5qyfux6g2lqDLiy0rHke6xvJZzWIS+FDLf+ufDbl6n1bVylmNMeF2O5gMGNw0EAuIthXb9i1NYZTXADZI0QR7y24SZbZirl68NmazPrz1cYpd1beoSGwr0aV2ODf8T01VjrNnCYN8o+012Ae9WdkeAHRRV7kJBuoNf2O5pvn5UGVyL0WuDYRI9W3jXR7Fj3o4XjX+YQq25OTcm1za1QojylwuSOJ2oQX0bjwZSCkcVYVo8+ogZvUNUmYlkihiSPRO0pVfhPtYRgGTv12EtceSOgox4hq64qehSDrVY2SKTIELcocViBxwMCdohnwxa1Hkf6Z/rlfiFVAclWEG1ugkHyPHjYW8oerPzkP8ipYVvsWUd2K02Hwva6UZ064OwSvgT5FpXedUSAMK71SzAk66iiSQoL8CatCHbQVTPBmlEwcctE6a/SC5tpgvsTJ/hmSzvb5GztpsrxxqhGyU3zQ2VuouUh9VlI3ScpE+lgC7NngzbDM5AGzJMYg4b1byr60Hjrmu5dRP43Vxl2Sv15fBVxpZnfbiJ0j6i98Walg5LzgBUyMNB3MGqqqyS2IoLCWfNXq0f8OJ93pATaqtn8edUL2W1JXhaeyaYa4F7KPjiQy7+ra2qAAwSkfNSYkY7gsZ+I0gSh8b9dmi6IfDE75WjPkmRP1bwhLyly8slVHHW3ZpJucyk1qTix1WKb4dssEazhzKUgh9ZXJEGCKt2Q3LlgJm3tt9TlM2I/XiJpVk2vzkZxSy2EhVujwkmEPXrEB03iF9nHaTLQx+K9JuFYAbFCreNooahvvKse0AuRkvFaUM62D6t1m5m9jUTOpywAYNRs80AdiMlrDYeLDculnNcuYiF7i4CeQH6W7gEIg+7zER1rlt22AFQnpFP52hEF00eDF+veu48o37CzOPbvu3ZorEloTmy6+OoXxfedi1pHZcAhgxL0BNdX5c6P4RLowZfhhcQ2bFNUpsV6/91aC2UkpGOGIjviO1jN71vrRrlFFFDVpWbXxByWqqLSlV19mOXju7+dHfOffiDAiKIW04POtBkQhbQyD7RWuFT0pwjJqn/4PbcmswoJc228y8iVb+FMk/jeE2mgqJbrtG7hQnJ9x+dw25Q+0ZiDkhaJ0ltpQLcGxIysqI/IDoD4E1w0AREPogTIuIJh5C1fMziSxE7xdmT+vY0yH0j4pJ4tcQEYY3imDLNjganpSOdygFmYYb2DgYri++db//I82rXj/x9jjRDhC0xzmd09HRHlkstqVXc5QxvNgUhe1lsAuvaQUDo2mALCaSPqup1lNCvGYM7001sgofM2XdFCy9SDxByDlsF/enGDCCRw90YOPEvGh1CpsIMgM//wWpGi6wYGjuO61+CbvlV3g67g+RfuzLiUYUFulcSLgYSmSAnqmODP8ZVNsETZKE++qPIidD4ULJ1BUwGClWkocv7QmElyaQN3elQEPOHw4K2d/9duCxihue12TsxnT/LjiOsxYkMCK3uJxi8e2OmHhrghvK70mQM1eAaexTVphXwnPwFGmZxDkC1wo/G/0u7fvAL9TRMGVOMSUWbf1DxbnOFI/c0eP/CmWItpLjSVMkgP8GUFmSV8zplNnJu0s3tfC4JwU+FXOtFZ3OshpGKbJUcE+eaehSgoWEIL2W9sDFb7FQ3M8J7WAOqzk504fJe0T+Moeft+c95315MXstLIftf2Hc9JjEC3SHdKWzuGSBJHj3yY/t5hux+XEJTnYvI0zGb+FtLmcVVbMEPpGDmQRyE1111IPD+TVrmQ/BfoyusZrtBHfYhSSUclKZWR9CxQ0QZNiiOjrASnvlIqEi0d8c4h6S8CerL5b/3KTAYX2n8DaKAbrv3V1oPQg15Jtl+GccazDBqTjHXWOLmZmmSaGkEOyvqezKYhnIsZGlnZXN0PTE5NzMyNCxzPTk2NzFhZjg4ODQ4ZTY1YjFhZjg2NjI4ODc1ODA2NzY5YTc2YzYzN2RhMzdmNjE4MjlkYWI2ZDY5YWI5ODhhOTM5ZTgyOWM5ZTdiYTA3NDcw\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nSec-Fetch-User: ?1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: private\r\nContent-Type: text/html; charset=utf-8\r\nServer: Microsoft-IIS/10.0\r\nx-dt-tracestate: d4751df5-dd6af23e@dt\r\ntraceresponse: 00-3c8e1a263c3c95eb31e0d33e2cf9a144-5712376fd7d26693-01\r\nSet-Cookie: NOPCOMMERCE.AUTH=; expires=Tue, 12-Oct-1999 05:00:00 GMT; path=/; HttpOnly; SameSite=Lax\nNop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174; expires=Fri, 08-Jan-2027 18:47:00 GMT; path=/; HttpOnly\n___utmvc=a; Max-Age=0; path=/; expires=Fri, 12 Dec 2025 23:48:37 GMT\r\nX-OneAgent-JS-Injection: true\r\nX-ruxit-JS-Agent: true\r\nServer-Timing: dtSInfo;desc=\"0\", dtRpid;desc=\"1855477304\"\r\nDate: Thu, 08 Jan 2026 18:47:10 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nContent-Encoding: gzip\r\nTransfer-Encoding: chunked\r\nX-Iinfo: 12-64928826-64928833 SNYN RT(1767898014018 6318) q(0 0 0 -1) r(100 100) U12\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"nopCommerce","description":"nopCommerce is an open-source ecommerce solution based on Microsoft's ASP​.NET Core framework and MS SQL Server 2012 (or higher) backend database.","website":"https://www.nopcommerce.com","common_platform_enumeration":"","icon":"nopCommerce.png","categories":["Ecommerce"]},{"name":"Dynatrace RUM","description":"Dynatrace RUM is a AI powered, full stack, automated real user monutoring platform built by Dynatrace.","website":"https://www.dynatrace.com/platform/real-user-monitoring","common_platform_enumeration":"","icon":"Dynatrace.svg","categories":["RUM"]},{"name":"Google Tag Manager","description":"Google Tag Manager is a tag management system (TMS) that allows you to quickly and easily update measurement codes and related code fragments collectively known as tags on your website or mobile app.","website":"https://www.google.com/tagmanager","common_platform_enumeration":"","icon":"Google Tag Manager.svg","categories":["Tag managers"]},{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"jQuery UI:1.10.3","description":"jQuery UI is a collection of GUI widgets, animated visual effects, and themes implemented with jQuery, Cascading Style Sheets, and HTML.","website":"https://jqueryui.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery_ui:*:*:*:*:*:*:*:*","icon":"jQuery UI.svg","categories":["JavaScript libraries"]},{"name":"Dynatrace","description":"Dynatrace is a technology company that produces a software intelligence platform based on artificial intelligence to monitor and optimise application performance and development, IT infrastructure, and user experience for businesses and government agencies throughout the world.","website":"https://www.dynatrace.com","common_platform_enumeration":"","icon":"Dynatrace.svg","categories":["Analytics"]},{"name":"jQuery Migrate:1.2.1","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"jQuery:3.5.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":168605,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (22791), with CRLF line terminators","md5":"61a5745170e1b4911b370ca27680e65a","sha1":"ec782b5704cb91a1eac16cc57005ff20a4eeac13","sha256":"40915808b93491d69c3d460344640ce8a004995ca9586f2353480c70969200c8","sha512":"27c34ae0ce1b471ee7ac3d13c21ac0ece8694a676301790f8a035a21e3a93d08d83ed0d795d2ec5cf7bf4ad9b80a67eb5e5a9e140ee6b951ebb72d7fdb5ea77e","ssdeep":"768:hXtlAwbRp/Zra+Dooleg5m/pkNG1+tmK7uDZk+9/VSSsG/DP4gL6gz+qpqDLJIdb:hXtlAwdpx7fOyHzFO+FO","tlshash":"a4f3df7294d68633067b42a05ab05bd9fe83a383d6839a8136ec6bd76ff3d41dd27005","first_seen":"2026-01-08T18:47:47.264364Z","last_seen":"2026-01-08T18:47:47.264364Z","times_seen":1,"resource_available":false,"data":null}},"time_used":10290,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":9978,"receive":312,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Themes/Element/Content/CSS/480.css","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.419Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Themes/Element/Content/CSS/480.css HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nEtag: \"033d97a593ddb1:0\"\r\nLast-Modified: Sat, 23 Nov 2024 03:40:46 GMT\r\nContent-Type: text/css\r\nContent-Length: 1286\r\nContent-Encoding: gzip\r\nDate: Thu, 08 Jan 2026 18:47:10 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nX-Iinfo: 14-127319190-127294725 2VNN RT(1767898030426 40) q(0 0 0 -1) r(4 4) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3511,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"13fbae6ea5c2b9514dca74f869d1244f","sha1":"38f1411efa777445214556fed9af9408dbe7700e","sha256":"ae77b3115648ff07b575098de69d0a169b84b164e50219ebf94f717ff114c0df","sha512":"7fa0a73d5c0b628d27fce416f41f10bec1d094d4761161713d06048884939512587ca900a12dfbd5de451669438a5a40d1dd6d906fbddbe168436ea9570d253b","ssdeep":"","tlshash":"db7143dc8ed236dde32be75dbbf17344ae4170612f4b25e924944218d2454ae22721ce","first_seen":"2026-01-08T18:47:47.265307Z","last_seen":"2026-04-13T00:21:38.916868Z","times_seen":8,"resource_available":false,"data":null}},"time_used":542,"timings":{"blocked":29,"dns":5,"connect":26,"send":0,"wait":448,"receive":0,"ssl":28},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Plugins/SevenSpikes.Core/Scripts/footable.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.499Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Plugins/SevenSpikes.Core/Scripts/footable.js HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nEtag: \"0ac4577593ddb1:0\"\r\nLast-Modified: Sat, 23 Nov 2024 03:40:40 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 4752\r\nContent-Encoding: gzip\r\nDate: Thu, 08 Jan 2026 18:47:11 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nX-Iinfo: 8-14178468-14175398 2VNN RT(1767898030386 1507) q(0 0 0 -1) r(1 1) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":14868,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (14089), with CRLF line terminators","md5":"d030798dad945a60b718ee375478bdc1","sha1":"a6f2cb0abc7f94fc751f6eb0f328da6fd2da4e3b","sha256":"18e6ab19dbb2ed04d1bb34af54750f393c6cde0d1e2788d4ed0bc6fc02c9c7c6","sha512":"1f14a3bada4119359faafb14077fa23091e3aceabcacbc48213473a76fb768943c100c2494149af6a3544576a73508ee553d1c08f356d2ee4293b10e1e88aaed","ssdeep":"384:yDtDEFlDz04NFZ4Mmte3kmF/FfFsff4deTp31ZTFCkmJpxWTCTCTTNsDOE3XO+V6:yDtDEFlDgaFZ4Mmte3ky/FfFsfSeTp3P","tlshash":"4262a809726835e740a1d1b1b66f904ea137783ec54704b0b26ac3b59f78dc6b53be2e","first_seen":"2024-08-20T12:14:47.740207Z","last_seen":"2026-04-13T00:21:38.891572Z","times_seen":9,"resource_available":true,"data":null}},"time_used":1500,"timings":{"blocked":1389,"dns":0,"connect":0,"send":0,"wait":105,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Themes/Element/Content/CSS/1000.css","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.423Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Themes/Element/Content/CSS/1000.css HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: text/css\r\nLast-Modified: Sat, 23 Nov 2024 03:40:46 GMT\r\nAccept-Ranges: bytes\r\nETag: \"033d97a593ddb1:0\"\r\nServer: Microsoft-IIS/10.0\r\nServer-Timing: dtSInfo;desc=\"0\", dtRpid;desc=\"1273566420\"\r\nDate: Thu, 08 Jan 2026 18:47:10 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nContent-Encoding: gzip\r\nTransfer-Encoding: chunked\r\nX-Iinfo: 12-64928826-64919686 2NYN RT(1767898014018 16616) q(0 0 0 -1) r(4 4) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]},{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]}],"data":{"size":57001,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"6a86a79d1585bc2cb0dd8f96aec04e67","sha1":"356376aad1f999d550d15f6944cae8c47db5f393","sha256":"98834a7ee4846fd33c61b4d7284122533def6e846322c0e40f196aec562135da","sha512":"fc3e86129915e02a3b7aec204b056cb1bdcc82067a167036eeb186eebcab885d6a342fbfdcf8333fa793f7a0ef00563866141802e24993078a395bde737ebee6","ssdeep":"768:+bHNHVJxdRG/41ZPO+hi1Fe6C+OL+1dAV+6NxzdPgC7wA2Deu/0+vzornfezj7Q0:+Jwr","tlshash":"93430f1ac6932244683be334efb3429dfb275063d7428068bedd634a5f7805586a1fdd","first_seen":"2026-01-08T18:47:47.267012Z","last_seen":"2026-04-13T00:21:38.830098Z","times_seen":8,"resource_available":false,"data":null}},"time_used":803,"timings":{"blocked":185,"dns":0,"connect":0,"send":0,"wait":431,"receive":187,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Scripts/UtilsJs/utils-js.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.531Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Scripts/UtilsJs/utils-js.js HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nEtag: \"06a879593ddb1:0\"\r\nLast-Modified: Sat, 23 Nov 2024 03:40:44 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 539\r\nContent-Encoding: gzip\r\nDate: Thu, 08 Jan 2026 18:47:11 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nX-Iinfo: 14-127319190-127304155 2VNN RT(1767898030426 1617) q(0 0 0 -1) r(3 3) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]}],"data":{"size":1940,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with CRLF line terminators","md5":"d55eb1bea2a0023a39b61198d398c2f2","sha1":"f9edd19d68a67b18c359e0c3253d84edcd6d4d82","sha256":"b0bdbc9aa0406f5d7cf97dbfa42d766e16899ed1ee60d707ed4484b9311a6ea7","sha512":"cade20c89c1b5894374c8e40626eac5add63b6e5b7b713d4d1b7b0e56788888d5156afd51b961c55096068f1e7b2012ad631603c35fe0d95bf552fa107ba41cc","ssdeep":"","tlshash":"d9414a5b719226f486bb777f1b63864af83000ab88046200bcdc1e607fb4d5993b9fe0","first_seen":"2026-01-08T18:47:47.242091Z","last_seen":"2026-04-13T00:21:38.866753Z","times_seen":8,"resource_available":true,"data":null}},"time_used":1803,"timings":{"blocked":1494,"dns":0,"connect":0,"send":0,"wait":309,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Themes/Element/Content/img/close.png","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:12.603Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Themes/Element/Content/img/close.png HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174; _gcl_au=1.1.76622958.1767898032\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: image/png\r\nLast-Modified: Sat, 23 Nov 2024 03:40:46 GMT\r\nAccept-Ranges: bytes\r\nETag: \"033d97a593ddb1:0\"\r\nServer: Microsoft-IIS/10.0\r\nServer-Timing: dtSInfo;desc=\"0\", dtRpid;desc=\"-1843342314\"\r\nDate: Thu, 08 Jan 2026 18:47:12 GMT\r\nContent-Length: 1025\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nX-Iinfo: 14-127319187-127303957 2NNN RT(1767898030417 2362) q(0 0 0 -1) r(1 1) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]}],"data":{"size":1025,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced","md5":"4c8a6a227c1450e782cc9dc6b88f8075","sha1":"e7af724f264331e4be73d0499cf8c3f599e2ad26","sha256":"fe241099777be85e0199f6b7559fcf8da2a9f9391cf96d6e9b81d4db6a3f4c25","sha512":"b235703efc2f11d355bde86842dbf90647c7e679a76178209c48c270fe69c9dec3eef9e02ebc070df3b16460b8d6efd793863a9676db3fdcf06e105bc6f72543","ssdeep":"","tlshash":"b5116505f4116c43a11dd88214fe46274e23ca81eae0f52afcdfc42759602f28bed5c7","first_seen":"2026-01-08T18:47:47.267973Z","last_seen":"2026-04-13T00:21:38.912777Z","times_seen":8,"resource_available":false,"data":null}},"time_used":286,"timings":{"blocked":159,"dns":0,"connect":0,"send":0,"wait":127,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Themes/Element/Content/img/dropdown-arrow-white.png","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:12.688Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Themes/Element/Content/img/dropdown-arrow-white.png HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala/Themes/Element/Content/CSS/ClubPromerica.css?v=2\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174; _gcl_au=1.1.76622958.1767898032\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nEtag: \"033d97a593ddb1:0\"\r\nLast-Modified: Sat, 23 Nov 2024 03:40:46 GMT\r\nContent-Type: image/png\r\nContent-Length: 2857\r\nDate: Thu, 08 Jan 2026 18:47:12 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nX-Iinfo: 14-127319190-127318668 2VNN RT(1767898030426 2290) q(0 0 0 -1) r(1 1) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]}],"data":{"size":2857,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 10 x 8, 8-bit/color RGBA, non-interlaced","md5":"d080201f9eb00246e1013547ee838798","sha1":"d5da2c7d21f27ee9f8405d3963806bad21b67535","sha256":"2b57da40d7b6fe1145442b70a09d1b78775edc03fe4f279657792f6f55f56861","sha512":"b47172a557b8f3debe0eabc31c04a559ac1df8f2efa0f7d6ad8379deb338f6c224a91e022aafb8a485b5d14a7f6bf8cfcb0e2c49327b654658bfd82ced743751","ssdeep":"","tlshash":"f5518eaf88b0a08e7cce79120ecd0201e728227c85573b3c90c156df1095d07bf250b5","first_seen":"2026-01-08T18:47:47.268861Z","last_seen":"2026-04-13T00:21:38.855264Z","times_seen":8,"resource_available":false,"data":null}},"time_used":154,"timings":{"blocked":11,"dns":0,"connect":0,"send":0,"wait":143,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Themes/Element/Content/CSS/ClubPromerica.css?v=2","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.502Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Themes/Element/Content/CSS/ClubPromerica.css?v=2 HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nEtag: \"033d97a593ddb1:0\"\r\nLast-Modified: Sat, 23 Nov 2024 03:40:46 GMT\r\nContent-Type: text/css\r\nContent-Length: 2134\r\nContent-Encoding: gzip\r\nDate: Thu, 08 Jan 2026 18:47:11 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nX-Iinfo: 14-127319187-127318668 2VNN RT(1767898030417 1567) q(0 0 0 -1) r(1 1) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]}],"data":{"size":7949,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"e64cabc8f521a2403fc6183781199d50","sha1":"7ee8cfb1835f1dd1e76dc3aacaa1c9819572e8a0","sha256":"17cd3710256dfcad00f9191f8eaf75ee41517a88f90052b00b2e021e01404f87","sha512":"57e4d8253df7cae56c7178516bcb17fd5f7c1cb1379ab8d67ec9d25dc1238da3e24b33b5dd5a64ab40495eb845f264245a7df72cd251f6869740aa1add2a0a1a","ssdeep":"96:1JyA7Cu/hncmImSPnLjf1j1QJP0Cf/OpAbfYR0YtdYzuY8zYofwUgKbmtDb1VzBn:T7PctZPLB1QJZUgKbmFb1VU/wowgb7C","tlshash":"65f10c18cf122e06a233deb48b7157d4eb184063ab06426cbaad73a54fbd1684576fcc","first_seen":"2026-01-08T18:47:47.269707Z","last_seen":"2026-04-13T00:21:38.915558Z","times_seen":8,"resource_available":false,"data":null}},"time_used":1589,"timings":{"blocked":1451,"dns":0,"connect":0,"send":0,"wait":135,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"prowebimages.blob.core.windows.net/guatemala/0009341_calzado-coban_635.png","fqdn":"prowebimages.blob.core.windows.net","domain":"prowebimages.blob.core.windows.net","tld":"blob.core.windows.net"},"ip":{"addr":"20.209.162.193","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.582Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.blob.core.windows.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft Azure RSA TLS Issuing CA 03","organization":"Microsoft Corporation"},"validity":{"start":"Sun, 28 Sep 2025 16:48:26 GMT","end":"Fri, 27 Mar 2026 16:48:26 GMT"},"fingerprint":{"sha1":"F5:13:AA:13:09:76:83:78:38:09:52:3B:F7:12:7B:8C:50:CD:27:DD","sha256":"B5:3C:74:0B:F7:38:74:A1:60:92:C0:A8:D4:0B:E3:25:3F:8A:81:47:44:77:85:9D:4A:BD:C0:C7:F9:76:EA:9C"}}},"request":{"raw":"GET /guatemala/0009341_calzado-coban_635.png HTTP/1.1\r\nHost: prowebimages.blob.core.windows.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Length: 534172\r\nContent-Type: image/png\r\nContent-MD5: NSa1fhmrfFMmf/x5REj6dA==\r\nLast-Modified: Mon, 05 Jan 2026 23:35:39 GMT\r\nETag: 0x8DE4CB322A02C2D\r\nServer: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0\r\nx-ms-request-id: 38969a69-501e-00a7-47cf-80bd18000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\nDate: Thu, 08 Jan 2026 18:47:11 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]},{"name":"Microsoft HTTPAPI:2.0","description":"Microsoft HTTPAPI is a kernel-mode HTTP driver in the Windows operating system responsible for handling HTTP requests and responses with efficiency, scalability, and security.","website":"https://learn.microsoft.com/en-us/windows/win32/http/http-api-start-page","common_platform_enumeration":"","icon":"Microsoft.svg","categories":["Web servers"]}],"data":{"size":534172,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 635 x 635, 8-bit/color RGBA, non-interlaced","md5":"3526b57e19ab7c53267ffc794448fa74","sha1":"4b980d0abfc62ae2c01c335c52453a945f003431","sha256":"72e16ee8dcd87a8d0a0fb0a6d315a5caa70a273233024fe12c34094511aba93d","sha512":"9c709b04597dc0458ab00d023d0ff96c66ad008478cfac34b2bcc54cf18faf2ac1d309af8f9cdf9fb6c6596feb6edf49845dfec42634e06e6fb86d31f0c818df","ssdeep":"12288:OUacZiZWun6k1FFnO5AP00YzwRvpzOqhruunEnDiyX/vmW:YcmPn5FFnOiYzk6qluuTyX/H","tlshash":"d4b42397d4917bf5a45a1efa0bd048ce9387e449b6e79004f2e830c9785e1fea04c5ee","first_seen":"2026-01-08T18:47:47.270592Z","last_seen":"2026-01-08T18:47:47.270592Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2459,"timings":{"blocked":1595,"dns":0,"connect":95,"send":0,"wait":152,"receive":481,"ssl":136},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Content/Images/youtube.png?v=1","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:12.573Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Content/Images/youtube.png?v=1 HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala/Themes/Element/Content/CSS/ClubPromerica.css?v=2\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174; _gcl_au=1.1.76622958.1767898032\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nEtag: \"0cb4f71593ddb1:0\"\r\nLast-Modified: Sat, 23 Nov 2024 03:40:30 GMT\r\nContent-Type: image/png\r\nContent-Length: 1484\r\nDate: Thu, 08 Jan 2026 18:47:12 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nX-Iinfo: 14-127319190-127318849 2VNN RT(1767898030426 2160) q(0 0 0 -1) r(1 1) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]}],"data":{"size":1484,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 142 x 142, 8-bit/color RGBA, non-interlaced","md5":"1f1b0a27fc7745f25134f97956a85fe0","sha1":"3cf406017a5e214c9e18e1ee215acf4ea400a664","sha256":"a209a6fdc572d4513f43d8e32e25fd2c217fd1db67c4ca7cfc2d056dd45a2a0b","sha512":"d7a867baec509be096b34d417f2f766fcb4017244c85bfc48218dec5f252af28718f264d4ce49aa1adf0c5e90dc3ed048d497c45c03263f8303060df94f24733","ssdeep":"","tlshash":"ae311bf3c06fe80dc5ffbbd2158959d25aea56081a032d372484740ecba14557a177d8","first_seen":"2026-01-08T18:47:47.271512Z","last_seen":"2026-04-13T00:21:38.828515Z","times_seen":7,"resource_available":false,"data":null}},"time_used":134,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":134,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Administration/Scripts/kendo/2014.1.318/kendo.core.min.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.480Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Administration/Scripts/kendo/2014.1.318/kendo.core.min.js HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nEtag: \"071ed6e593ddb1:0\"\r\nLast-Modified: Sat, 23 Nov 2024 03:40:26 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 17179\r\nContent-Encoding: gzip\r\nDate: Thu, 08 Jan 2026 18:47:10 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nX-Iinfo: 14-127319187-127303957 2VNN RT(1767898030417 1153) q(0 0 0 -1) r(1 1) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]}],"data":{"size":44330,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32104), with CRLF line terminators","md5":"a2b6d5f16e40205d05489b4fda3625fc","sha1":"526634c8a7867287608950ac73ee37b97105202d","sha256":"4496d92d313fa13f314d147fa42b9cddccf4a061289e6b4a17692b9291acee53","sha512":"d314bedc60137e27b4ecc3ac539f843abcbcf76f429db0270732ffb225a503bb2345eeb3ccc51dd180e435f2231e2a84ec0ad0566119ca229b117472f1a25b1f","ssdeep":"768:5H+p/wZtZ0/8+79JtHeYNLpImgwCQYy0j50:Nc/OZd+79zHNLee0i","tlshash":"f1131ad976c2b46383a71165407f110ab23a8a566c4d4420f668ece1bd74c6f927ffbc","first_seen":"2023-03-09T01:01:24Z","last_seen":"2026-06-04T16:53:24.588218Z","times_seen":100,"resource_available":true,"data":null}},"time_used":1216,"timings":{"blocked":1070,"dns":0,"connect":0,"send":0,"wait":125,"receive":21,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Plugins/SevenSpikes.Nop.Plugins.InstantSearch/Scripts/InstantSearch.min.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.489Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Plugins/SevenSpikes.Nop.Plugins.InstantSearch/Scripts/InstantSearch.min.js HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nEtag: \"0d97678593ddb1:0\"\r\nLast-Modified: Sat, 23 Nov 2024 03:40:42 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 1005\r\nContent-Encoding: gzip\r\nDate: Thu, 08 Jan 2026 18:47:10 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nX-Iinfo: 12-64928826-64919686 2VNN RT(1767898014018 17666) q(0 0 0 -1) r(1 1) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]}],"data":{"size":2525,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2525), with no line terminators","md5":"83192482fc9c946450290cdcfebd5bb0","sha1":"72b0cb8adc9d7616381063834c9214e4fe97b03e","sha256":"18e14dc988b337b28449889c250a9fc92f7a8413e121a45c81c3faccab6ade73","sha512":"82b8773248016440b6494dd89cfb0aff0462163ef91ff9f21c78e23a43eedb3de75208a2caa0278a4d350192ebf794810c55a93f1e740902969e45f4cd91e83e","ssdeep":"","tlshash":"a651522f7a4410985d7f52b7488b7f0a73b27a718f110e69827dc8a07827eea151b707","first_seen":"2025-07-01T11:36:50.134783Z","last_seen":"2026-05-12T03:33:01.83604Z","times_seen":14,"resource_available":true,"data":null}},"time_used":1300,"timings":{"blocked":1178,"dns":0,"connect":0,"send":0,"wait":121,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Plugins/SevenSpikes.Nop.Plugins.AnywhereSliders/Scripts/AnywhereSliders.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.495Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Plugins/SevenSpikes.Nop.Plugins.AnywhereSliders/Scripts/AnywhereSliders.js HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/javascript\r\nLast-Modified: Sat, 23 Nov 2024 03:40:40 GMT\r\nAccept-Ranges: bytes\r\nETag: \"0ac4577593ddb1:0\"\r\nServer: Microsoft-IIS/10.0\r\nServer-Timing: dtSInfo;desc=\"0\", dtRpid;desc=\"2030198434\"\r\nDate: Thu, 08 Jan 2026 18:47:11 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nContent-Encoding: gzip\r\nTransfer-Encoding: chunked\r\nX-Iinfo: 12-64928826-64919686 2NYN RT(1767898014018 17794) q(0 0 0 -1) r(1 1) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]},{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]}],"data":{"size":5794,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"4b45def183c4e0efb52b86e47c88cd5e","sha1":"027b093b365c94469307839d207112d420ef33bb","sha256":"76e73adf37b3bcb7b11c7c7ad2efb2d671cc43cab34164a5a8e96dffc95c468c","sha512":"a125cc65e5cc334bdb9e12dc3c58f553834eb929c89db72a7d82ad8c597db0558cdd4f5b483a1dc8a01701926a8aa2306a39f79ede2fe4306800c4597c08a2c0","ssdeep":"96:VKPO0+w+6ixMfrYcYWbFWbU8kJTFP5NEeV54H:MPO0+BufrVYWZWPQ53VU","tlshash":"adc1bb6eb6805461987713b15a3e8808e6ece4770041ca6abdff69849f758082e17fcf","first_seen":"2023-03-14T06:03:28Z","last_seen":"2026-05-12T03:33:01.872185Z","times_seen":24,"resource_available":true,"data":null}},"time_used":1434,"timings":{"blocked":1293,"dns":0,"connect":0,"send":0,"wait":140,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Themes/Element/Content/css/payment-method.css","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.525Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Themes/Element/Content/css/payment-method.css HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nEtag: \"033d97a593ddb1:0\"\r\nLast-Modified: Sat, 23 Nov 2024 03:40:46 GMT\r\nContent-Type: text/css\r\nContent-Length: 1987\r\nContent-Encoding: gzip\r\nDate: Thu, 08 Jan 2026 18:47:11 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nX-Iinfo: 14-127319189-127318544 2VNN RT(1767898030419 1606) q(0 0 0 -1) r(1 1) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]}],"data":{"size":9342,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"f6fff1df4a3b55a0c89a547cc55d7d82","sha1":"701001d1949e3c544e73c5fcf1f557467cb5f0c7","sha256":"f42d787728ffc5867d6f64beaf6df115d4099284b03f15f5eec57b289dc97920","sha512":"1902f6db4fe1a3cf41f3313d091ec84bbca60ad1cf99d2e116a776b5fb42679d6cc5974e04592037a560bce9f473f4efb8e2189ae34827594a4d99e515438b73","ssdeep":"192:lqMUUMlLLMgg470TO61vh/FyRKhGD11Iu:mBgBy","tlshash":"2412e014ce521206b237e7786bb60206eb5950179b0389787fdd62808ff856c976efec","first_seen":"2026-01-08T18:47:47.275017Z","last_seen":"2026-04-13T00:21:38.825981Z","times_seen":8,"resource_available":false,"data":null}},"time_used":1611,"timings":{"blocked":1482,"dns":0,"connect":0,"send":0,"wait":121,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Raleway:400,800,300","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.529Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"A8:BA:6B:80:7C:EC:B1:6F:C1:C2:03:D7:C9:27:6E:75:DE:4B:AA:47","sha256":"4E:2C:B9:C5:81:56:5E:97:93:07:22:12:66:E2:52:C6:0A:2E:17:72:FF:9B:5F:2A:B9:E1:21:80:05:6D:8B:3D"}}},"request":{"raw":"GET /css?family=Raleway:400,800,300 HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Thu, 08 Jan 2026 18:47:10 GMT\r\ndate: Thu, 08 Jan 2026 18:47:10 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5181,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"ac4d3047a0e69c2eaf90777f8fbe3428","sha1":"1c8ad7bb1c09dbe4ca9e8e6c181c50a67dd80c15","sha256":"50e855c15a0be259424ce7fea3ced32ae68948b0360570de886c1f3f18de36c5","sha512":"e5ae13e62b82c4c793743e6a852d0b0783bfb969c2f565d0c8506485d5f5b0dffcd44edadc773cb0d9194d4975c5ac3f96a3727b16eeacc81a0d59ee8eb36e72","ssdeep":"96:vOWifOWGFZOGOWHxOWXJc+uKOWGNaOLifOLGFZOGOLHxOLXJc+uKOLGNaOw6ifOZ:3iHT+H1Dl0iaTzH0DkYimTvHYDIp","tlshash":"ccb18ca10917d404eb876dca63ce3e36ee8e62057047953a9bfd58bcbca6d36139070d","first_seen":"2025-10-17T07:38:41.031709Z","last_seen":"2026-06-06T18:20:31.884593Z","times_seen":32,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"prowebimages.blob.core.windows.net/guatemala/0009444_10-de-descuento-en-anais_635.png","fqdn":"prowebimages.blob.core.windows.net","domain":"prowebimages.blob.core.windows.net","tld":"blob.core.windows.net"},"ip":{"addr":"20.209.162.193","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.551Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.blob.core.windows.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft Azure RSA TLS Issuing CA 03","organization":"Microsoft Corporation"},"validity":{"start":"Sun, 28 Sep 2025 16:48:26 GMT","end":"Fri, 27 Mar 2026 16:48:26 GMT"},"fingerprint":{"sha1":"F5:13:AA:13:09:76:83:78:38:09:52:3B:F7:12:7B:8C:50:CD:27:DD","sha256":"B5:3C:74:0B:F7:38:74:A1:60:92:C0:A8:D4:0B:E3:25:3F:8A:81:47:44:77:85:9D:4A:BD:C0:C7:F9:76:EA:9C"}}},"request":{"raw":"GET /guatemala/0009444_10-de-descuento-en-anais_635.png HTTP/1.1\r\nHost: prowebimages.blob.core.windows.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Length: 685148\r\nContent-Type: image/png\r\nContent-MD5: TdKBese6djig1o1ccONtVA==\r\nLast-Modified: Thu, 08 Jan 2026 05:43:33 GMT\r\nETag: 0x8DE4E78DCB88627\r\nServer: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0\r\nx-ms-request-id: 9ea79c0a-a01e-0047-42cf-803e81000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\nDate: Thu, 08 Jan 2026 18:47:12 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]},{"name":"Microsoft HTTPAPI:2.0","description":"Microsoft HTTPAPI is a kernel-mode HTTP driver in the Windows operating system responsible for handling HTTP requests and responses with efficiency, scalability, and security.","website":"https://learn.microsoft.com/en-us/windows/win32/http/http-api-start-page","common_platform_enumeration":"","icon":"Microsoft.svg","categories":["Web servers"]}],"data":{"size":685148,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 635 x 635, 8-bit/color RGBA, non-interlaced","md5":"4dd2817ac7ba7638a0d68d5c70e36d54","sha1":"a4a3a3edbf6f6935236aed0c986f7c4c14e8c943","sha256":"b3fbe194b56f40a6c1ea252cfa3cdaf3009285e62a036c490034b9dcca2fed93","sha512":"eac31b7de2ad47fd73cad9af868c5cbf7bfa58a6f0562042e4f42fbc842eabfb0d05d3a5a43ff4b9434646ce17f1932a7935e4685cab29ef55eea875ca4fe5fd","ssdeep":"12288:T8NdfGqS3h5izodB86KTX6BJv5fQVixax97SiQ+mZwfHcF5AyTnA0TCVwR23hy:T8N8MobPpEi2uemoHIAyTA0TCG2hy","tlshash":"e7e4232da28700a1835924cedd39e606da7116157e8a71bb34cf762d0e6097ecf5f0ee","first_seen":"2026-01-08T18:47:47.276584Z","last_seen":"2026-01-08T18:47:47.276584Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2390,"timings":{"blocked":2147,"dns":0,"connect":0,"send":0,"wait":140,"receive":103,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"prowebimages.blob.core.windows.net/guatemala/0009265_cafetera-gratis-en-prensa-libre_635.png","fqdn":"prowebimages.blob.core.windows.net","domain":"prowebimages.blob.core.windows.net","tld":"blob.core.windows.net"},"ip":{"addr":"20.209.162.193","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.557Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.blob.core.windows.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft Azure RSA TLS Issuing CA 03","organization":"Microsoft Corporation"},"validity":{"start":"Sun, 28 Sep 2025 16:48:26 GMT","end":"Fri, 27 Mar 2026 16:48:26 GMT"},"fingerprint":{"sha1":"F5:13:AA:13:09:76:83:78:38:09:52:3B:F7:12:7B:8C:50:CD:27:DD","sha256":"B5:3C:74:0B:F7:38:74:A1:60:92:C0:A8:D4:0B:E3:25:3F:8A:81:47:44:77:85:9D:4A:BD:C0:C7:F9:76:EA:9C"}}},"request":{"raw":"GET /guatemala/0009265_cafetera-gratis-en-prensa-libre_635.png HTTP/1.1\r\nHost: prowebimages.blob.core.windows.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Length: 651433\r\nContent-Type: image/png\r\nContent-MD5: tD3020nGZE5q3aG/66Tqcg==\r\nLast-Modified: Sat, 03 Jan 2026 19:30:38 GMT\r\nETag: 0x8DE4AFE930723D4\r\nServer: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0\r\nx-ms-request-id: 9ea79c91-a01e-0047-3fcf-803e81000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\nDate: Thu, 08 Jan 2026 18:47:12 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]},{"name":"Microsoft HTTPAPI:2.0","description":"Microsoft HTTPAPI is a kernel-mode HTTP driver in the Windows operating system responsible for handling HTTP requests and responses with efficiency, scalability, and security.","website":"https://learn.microsoft.com/en-us/windows/win32/http/http-api-start-page","common_platform_enumeration":"","icon":"Microsoft.svg","categories":["Web servers"]}],"data":{"size":651433,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 635 x 635, 8-bit/color RGBA, non-interlaced","md5":"b43df4db49c6644e6adda1bfeba4ea72","sha1":"6fd87bf602c0ee68559c29888335e497e3e8f48a","sha256":"ec875e6b473409252a41d1f6e57dea4f3740232f63a379e009279790881457e5","sha512":"4b90c9c3e590dafec5cad1735b8ddeb6a25148de4a41ae82e9d008cc673a31bd62c15b689f8765d9bc79b09f6752cb1d60cd2d16a647bffa10cc8f4a0181ee1f","ssdeep":"12288:IMbhYMebITgj4K+Z5ovqHY/XkQypNI9DXPRJr:7bhYMemDb7Y/XkYtPR5","tlshash":"70d423b2a091a7d7c77f804d78b189dcc918957b73b16e72bb68488e4248f210c9dfc6","first_seen":"2026-01-08T18:47:47.277482Z","last_seen":"2026-01-08T18:47:47.277482Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2533,"timings":{"blocked":2383,"dns":0,"connect":0,"send":0,"wait":135,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/polyfill/v3/polyfill.min.js?features=Event,CustomEvent,addEventListener,removeEventListener","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.clubpromerica.com/","date":"2026-01-08T18:46:54.673Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 15 Nov 2025 20:49:06 GMT","end":"Fri, 13 Feb 2026 21:49:04 GMT"},"fingerprint":{"sha1":"9A:71:C8:6F:E2:4B:9A:91:7D:C8:4A:1D:79:98:2F:97:C1:85:D8:79","sha256":"4E:C5:BB:7A:81:A0:D9:00:73:8D:D5:57:59:3D:A0:C3:D3:BE:62:18:4E:6F:6D:98:DA:F0:90:94:5E:E0:0B:63"}}},"request":{"raw":"GET /polyfill/v3/polyfill.min.js?features=Event,CustomEvent,addEventListener,removeEventListener HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 18:46:54 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable\r\nvary: User-Agent, Accept-Encoding\r\naccess-control-allow-methods: GET,HEAD,OPTIONS\r\ncf-polyfill-version: 3.111.0\r\nx-compress-hint: on\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=KlPv9XPW359FGNq1tk18UHf7PyAZExumnENF6yPKLCpQIuzcg94smkgGT9rN%2BcYN1M1X%2Fa8ACS2F8vBNEIe3%2B8bOk8%2FnkglPGJRTvfFqytVSlhUTsk0YI3WM5Yt4mUZY%2FQSrQnsC\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\ncf-ray: 9baddc3fdb24b518-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":104,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"ASCII text","md5":"435a451090061be4c0254761f2f94e1f","sha1":"1a873f8c9a0dfb421e3213dfbbfa8aafa9960d4c","sha256":"6c68769e8470ce89a0f2270529a5d47db00917e3ef9df946dca202098f09d0a2","sha512":"0506dbdede1f984b75421ec86cdd451752ec85b44f5a6f880bc0f06bf8884f1f934f4eafad41ed89015d2118a73bd4dcb20ad4b0d2118e16f311aa25737cf1ab","ssdeep":"","tlshash":"43b012a448824f95eae305c0485602851baf5fc95405d318ce72a41cc862845b2ccc6c","first_seen":"2023-12-16T06:03:22Z","last_seen":"2026-06-11T02:31:30.597261Z","times_seen":23669,"resource_available":true,"data":null}},"time_used":256,"timings":{"blocked":17,"dns":0,"connect":3,"send":0,"wait":214,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/ruxitagentjs_ICANVfgqru_10327251022105625.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.393Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/ruxitagentjs_ICANVfgqru_10327251022105625.js HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nEtag: \"fc600b43\"\r\nLast-Modified: Wed, 03 Mar 2010 07:01:40 GMT\r\nContent-Type: text/javascript; charset=utf-8\r\nContent-Length: 74791\r\nContent-Encoding: gzip\r\nDate: Thu, 08 Jan 2026 18:47:09 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nX-Iinfo: 13-88454096-88454747 2CNN RT(1767898014715 15674) q(0 0 0 -1) r(0 0) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":189881,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1629)","md5":"03fa71a1cf8ec7040d1fa1c672f93a9d","sha1":"d01306070c6d04a331b671074e0a7228457fd249","sha256":"0c796a7884170d8fa0e5100de60dc2272ad05a9a0b436f15d9766bb27c8243ae","sha512":"00856b036edc1d0619f5660c1f7c95d294449b9c97a6386620cadc0bb1ca1a698c6d224f6b0ccc471984e22031cd9087979b06e5fd18115833a6398882d16694","ssdeep":"3072:japP/GJe7FoVdzvkN33PXzO4qKwaINhayzByuVtjg:8P/GJJdzsN33PzO4kNbzByEjg","tlshash":"d6043a99b71270668b9711b950bf020bf3b86d94984c8498d195f8e83d74efe42f7f28","first_seen":"2026-01-08T18:47:47.225462Z","last_seen":"2026-05-11T13:54:57.820089Z","times_seen":12,"resource_available":true,"data":null}},"time_used":57,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Scripts/jquery.validate.min.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.459Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Scripts/jquery.validate.min.js HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nEtag: \"06a879593ddb1:0\"\r\nLast-Modified: Sat, 23 Nov 2024 03:40:44 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 6790\r\nContent-Encoding: gzip\r\nDate: Thu, 08 Jan 2026 18:47:10 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nX-Iinfo: 14-127319190-127299931 2VNN RT(1767898030426 921) q(0 0 0 -1) r(1 1) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]}],"data":{"size":21877,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (20964), with CRLF line terminators","md5":"4ae48ca4487c449ca44008a526d8e1b5","sha1":"62a44936064dd698ef8df566a2a719058af3df54","sha256":"50cd8ccee296642df49a416de8da7c181371565eee04178a9fedb725b15bc5da","sha512":"b22e1b37e95af931c31db2e8a4a7bb18ecaf25140c5d09e6913ca4c9c7120010172a5acc0b9e1ce16ed030b3b171d8ab343f6ce21c6cae128dcfa6a02a714a9b","ssdeep":"384:lLY2OXyp7Lm+dmr9qhk0XuExz9Bcd1Jny+0xC7WpdOC8PGDm9KLNKI9ci9sk:lBfXdmr990ekpqJny+UO798NBc8Z","tlshash":"a6a2c94d7182b0465b9620f5a45b960bb2f259b8600ce03cb5f8d4d2bdf8fc951a7fb8","first_seen":"2023-04-06T21:54:39Z","last_seen":"2026-06-09T19:56:01.873238Z","times_seen":229,"resource_available":true,"data":null}},"time_used":989,"timings":{"blocked":870,"dns":0,"connect":0,"send":0,"wait":118,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Scripts/jquery.validate.unobtrusive.min.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.464Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Scripts/jquery.validate.unobtrusive.min.js HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nEtag: \"06a879593ddb1:0\"\r\nLast-Modified: Sat, 23 Nov 2024 03:40:44 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 2298\r\nContent-Encoding: gzip\r\nDate: Thu, 08 Jan 2026 18:47:10 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nX-Iinfo: 14-127319189-127303957 2VNN RT(1767898030419 995) q(0 0 0 -1) r(1 1) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]}],"data":{"size":5700,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (4762), with CRLF line terminators","md5":"dd9e6ecb410314024555b6a8f7846860","sha1":"a229f33cf76c95995bf6f70c2d5f9c55896e7edc","sha256":"c43c532923fb3bc58b4f17d98f842122978ec76cc38d428149036e045f5ff0a1","sha512":"c62f16facd624c52a591c38e56ca3311f69a4a0d68e79f15122744ebf754391c1fab6f72bd8a96e34b0a4dd6a9bf834d962b591756940f113600aaeb95a9e592","ssdeep":"96:2EUCPCoDPWKj+inSDs41tHD2zVeTccE/tB0bTCPociwrD05VXmm8zQ5CtKctR/4u:x/j+inb4u0TccE/tybTKTiwr4om8zQ5e","tlshash":"e1c17448350662a2aeb730f7518f9007f17618aab0894822f549d1e16ebffe55263f1f","first_seen":"2023-03-07T12:11:42Z","last_seen":"2026-06-09T19:56:01.873763Z","times_seen":165,"resource_available":true,"data":null}},"time_used":1052,"timings":{"blocked":930,"dns":0,"connect":0,"send":0,"wait":121,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Plugins/SevenSpikes.Core/Scripts/swipeEvents.min.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.492Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Plugins/SevenSpikes.Core/Scripts/swipeEvents.min.js HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/javascript\r\nLast-Modified: Sat, 23 Nov 2024 03:40:40 GMT\r\nAccept-Ranges: bytes\r\nETag: \"0ac4577593ddb1:0\"\r\nServer: Microsoft-IIS/10.0\r\nServer-Timing: dtSInfo;desc=\"0\", dtRpid;desc=\"-688468463\"\r\nDate: Thu, 08 Jan 2026 18:47:11 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nContent-Encoding: gzip\r\nTransfer-Encoding: chunked\r\nX-Iinfo: 14-127319189-127303957 2NYN RT(1767898030419 1355) q(0 0 0 -1) r(1 1) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]}],"data":{"size":1308,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1305), with no line terminators","md5":"1a6043dd92bd664c2146ded8831f737d","sha1":"9d841c50cde3d73f5ca6a0b78bdc6f0f7639d9b3","sha256":"2783f88a6dc2c601a55898d98b76d6b9a865ef2a598b5ee8dee39134dc23faae","sha512":"0a48f4bb6bfd5bc77fafc5f5ea4ba77000c14e41dabff6f9b7cacfac0550f2b30e9dae3ff0a8d82cebd05df42a052af800a73cfd603720fe5b7ba0a356eb3c4e","ssdeep":"","tlshash":"4d219c24936451f4976fa1b1da57cd54703824aea243c9f4491dc8ea4c3843c89f9eac","first_seen":"2023-03-07T12:57:41Z","last_seen":"2026-06-04T16:53:24.677089Z","times_seen":63,"resource_available":true,"data":null}},"time_used":1390,"timings":{"blocked":1264,"dns":0,"connect":0,"send":0,"wait":125,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Themes/Element/Content/CSS/1320.css","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.425Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Themes/Element/Content/CSS/1320.css HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: text/css\r\nLast-Modified: Sat, 23 Nov 2024 03:40:46 GMT\r\nAccept-Ranges: bytes\r\nETag: \"033d97a593ddb1:0\"\r\nServer: Microsoft-IIS/10.0\r\nServer-Timing: dtSInfo;desc=\"0\", dtRpid;desc=\"-797631448\"\r\nDate: Thu, 08 Jan 2026 18:47:10 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nContent-Encoding: gzip\r\nTransfer-Encoding: chunked\r\nX-Iinfo: 13-88454096-88452070 2NYN RT(1767898014715 16152) q(0 0 0 -1) r(4 4) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]},{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4245,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"7f5e3c019a3bba314fa25a4db15f02e7","sha1":"96c87cb8873dc96bec0402119ad30b66cece8365","sha256":"ebd0adb3f903a473ad642199e3ccb668bd702146533fe1117542850a30aadec1","sha512":"93ee5db7ea77c067cc036515098fb148a007771575242ee35b3f1380f5ef612d1e4769cf24db129332d47f178f71868b62c9a68e7fb42cbf89b11e1e5d123cfd","ssdeep":"96:FRxLHk4kgv8y4ufg7Vxih9WXphhhNXvgqRuTwyG44BvkjgLR8TAnXV0zZuCasmrS:z068y3RmmbWlV0wn92","tlshash":"ec91f08ccbd1316d6b1baa68e3b5225dbe4ab0a17f4b24fc7994434ca34d4dd21306dd","first_seen":"2026-01-08T18:47:47.28144Z","last_seen":"2026-04-13T00:21:38.923622Z","times_seen":8,"resource_available":false,"data":null}},"time_used":873,"timings":{"blocked":424,"dns":0,"connect":0,"send":0,"wait":449,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Administration/Scripts/kendo/2014.1.318/kendo.data.min.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.481Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Administration/Scripts/kendo/2014.1.318/kendo.data.min.js HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nEtag: \"071ed6e593ddb1:0\"\r\nLast-Modified: Sat, 23 Nov 2024 03:40:26 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 14051\r\nContent-Encoding: gzip\r\nDate: Thu, 08 Jan 2026 18:47:11 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nX-Iinfo: 13-88454096-88454747 2VNN RT(1767898014715 16881) q(0 0 0 -1) r(3 3) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43306,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32007), with CRLF line terminators","md5":"e816ffd11066f526c2c9ca2b5333d029","sha1":"38975b0fe3e8f8ce7001e212bec2421dc3fa2f71","sha256":"b31dca148abea883da0f31f4a98d668e5b5e7dd104b05c752b85e5cfc3a988d8","sha512":"9ef3c72aed21a9e3bb23730d57a5d790df5a602feafc1d815347303285a93793219f05ccdc560e41f7cdfa7ad4b3935d9b7fc59c0f84d19745d3f1c4fb5f9818","ssdeep":"768:5PJ03iW34oGU4560wUVWUEMsdivLvZig/y7L3SnBw/QfEzm9i+lW/:wSW33GU4E1QWTxMC+0/","tlshash":"d613b6c833d1b00247ab34a1a57f690eb33ba849840e4514f329d5dbbd39a4da27bd7d","first_seen":"2023-03-09T01:01:24Z","last_seen":"2026-05-15T04:10:43.912637Z","times_seen":67,"resource_available":true,"data":null}},"time_used":1418,"timings":{"blocked":1096,"dns":0,"connect":0,"send":0,"wait":317,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"prowebimages.blob.core.windows.net/guatemala/0009222_15-de-reintegro-en-calzado-roy-hush-puppies-par2-adoc-sportline-y-sportline-kids_635.png","fqdn":"prowebimages.blob.core.windows.net","domain":"prowebimages.blob.core.windows.net","tld":"blob.core.windows.net"},"ip":{"addr":"20.209.162.193","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.559Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.blob.core.windows.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft Azure RSA TLS Issuing CA 03","organization":"Microsoft Corporation"},"validity":{"start":"Sun, 28 Sep 2025 16:48:26 GMT","end":"Fri, 27 Mar 2026 16:48:26 GMT"},"fingerprint":{"sha1":"F5:13:AA:13:09:76:83:78:38:09:52:3B:F7:12:7B:8C:50:CD:27:DD","sha256":"B5:3C:74:0B:F7:38:74:A1:60:92:C0:A8:D4:0B:E3:25:3F:8A:81:47:44:77:85:9D:4A:BD:C0:C7:F9:76:EA:9C"}}},"request":{"raw":"GET /guatemala/0009222_15-de-reintegro-en-calzado-roy-hush-puppies-par2-adoc-sportline-y-sportline-kids_635.png HTTP/1.1\r\nHost: prowebimages.blob.core.windows.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Length: 634459\r\nContent-Type: image/png\r\nContent-MD5: HtddzOK2ysBYIAy7o2LuDw==\r\nLast-Modified: Thu, 01 Jan 2026 00:00:37 GMT\r\nETag: 0x8DE48C8CB8B6A83\r\nServer: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0\r\nx-ms-request-id: c6385044-a01e-00b3-1ccf-80f577000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\nDate: Thu, 08 Jan 2026 18:47:12 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Microsoft HTTPAPI:2.0","description":"Microsoft HTTPAPI is a kernel-mode HTTP driver in the Windows operating system responsible for handling HTTP requests and responses with efficiency, scalability, and security.","website":"https://learn.microsoft.com/en-us/windows/win32/http/http-api-start-page","common_platform_enumeration":"","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}],"data":{"size":634459,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 635 x 635, 8-bit/color RGBA, non-interlaced","md5":"1ed75dcce2b6cac058200cbba362ee0f","sha1":"47e048cbc76b53d347b63679862d881b714f4b56","sha256":"13ce3c213351a675b5641fe36ad682af5c85bd2da744c3978ff145dd35c297dc","sha512":"6611b1a2e856491e461d94aba7765a8ab225dd895845646728e3a665f7b05eeb975688e2943cf2a50ae2945d367a610fa60e15b3998ecba5e61fa0c899db5db2","ssdeep":"12288:JEKh0WZaURAGDDOHPQbah4MOAR6KLhhankdg7RNEJKZ9NbeC9FJ+:J30JUKGDDiNmMO86Shh8kdisKZj69","tlshash":"e9d43374f012f1518815903ec535a52be9ec95712d0faa089c888ef644e3dfb672fb7a","first_seen":"2026-01-08T18:47:47.283374Z","last_seen":"2026-01-08T18:47:47.283374Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2579,"timings":{"blocked":2428,"dns":0,"connect":0,"send":0,"wait":135,"receive":16,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Themes/Element/Content/img/GrupoPromericaLogo.png","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.731Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Themes/Element/Content/img/GrupoPromericaLogo.png HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nEtag: \"033d97a593ddb1:0\"\r\nLast-Modified: Sat, 23 Nov 2024 03:40:46 GMT\r\nContent-Type: image/png\r\nContent-Length: 8149\r\nDate: Thu, 08 Jan 2026 18:47:12 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nX-Iinfo: 8-14178468-14175736 2VNN RT(1767898030386 1795) q(0 0 0 -1) r(1 1) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]}],"data":{"size":8149,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 704 x 143, 8-bit/color RGBA, non-interlaced","md5":"ab2dbdb407626c3b6fc8ee5efbcd0b79","sha1":"6cf492887ad831bfbf97e752b4a16a59bd6a9edd","sha256":"d16d241789c3b9781f2df6fd96c1e18144ae816ed9aa1257d0696ec3846de75b","sha512":"82d6bf8948c57585b204f3bfbdc74c8b5dc2cdd368395d662dfaaf0fe8923393ce687740750b449d114686851404c8c2f62719e441fd2be77876c3daac955e8e","ssdeep":"192:0Syhdp8BIbcRkwgRw3dlOjf40t7lH3eI4u/JEJqisFG/Eb0xD/yB:zyhn+Girgi3dlOjf40Z1xxEocm","tlshash":"79f1af47cf20cbc7da3e2bf9faa3428e2df7815904a290430a79bc9f7d821905c39611","first_seen":"2026-01-08T18:47:47.284412Z","last_seen":"2026-04-13T00:21:38.868623Z","times_seen":8,"resource_available":false,"data":null}},"time_used":1567,"timings":{"blocked":1445,"dns":0,"connect":0,"send":0,"wait":122,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/collect?frm=0\u0026en=page_view\u0026dr=www.clubpromerica.com\u0026dl=https%3A%2F%2Fwww.clubpromerica.com%2Fguatemala\u0026scrsrc=www.googletagmanager.com\u0026rnd=1815395328.1767898032\u0026dt=Club%20Promerica\u0026auid=76622958.1767898032\u0026navt=n\u0026npa=1\u0026gtm=45He6170v9178607596za200zd9178607596xea\u0026gcd=13l3l3l2l1l1\u0026dma_cps=syphamo\u0026dma=1\u0026tag_exp=103116026~103200004~104527906~104528500~104684208~104684211~105391252~115938465~115938468~116682877~116744867~116910502\u0026tft=1767898032326\u0026tfd=12016\u0026apve=1\u0026apvf=f","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.100","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:12.328Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:57:20 GMT","end":"Wed, 25 Feb 2026 15:57:19 GMT"},"fingerprint":{"sha1":"13:5B:80:5A:23:15:61:AE:98:37:1B:0A:3C:F6:E2:BD:63:8E:3B:D6","sha256":"22:03:24:94:F7:E3:5F:66:1B:39:CE:18:75:20:3D:01:AC:FE:93:AA:1A:73:8C:D5:34:98:AB:2B:E5:19:37:12"}}},"request":{"raw":"POST /ccm/collect?frm=0\u0026en=page_view\u0026dr=www.clubpromerica.com\u0026dl=https%3A%2F%2Fwww.clubpromerica.com%2Fguatemala\u0026scrsrc=www.googletagmanager.com\u0026rnd=1815395328.1767898032\u0026dt=Club%20Promerica\u0026auid=76622958.1767898032\u0026navt=n\u0026npa=1\u0026gtm=45He6170v9178607596za200zd9178607596xea\u0026gcd=13l3l3l2l1l1\u0026dma_cps=syphamo\u0026dma=1\u0026tag_exp=103116026~103200004~104527906~104528500~104684208~104684211~105391252~115938465~115938468~116682877~116744867~116910502\u0026tft=1767898032326\u0026tfd=12016\u0026apve=1\u0026apvf=f HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.clubpromerica.com/\r\nOrigin: https://www.clubpromerica.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ndate: Thu, 08 Jan 2026 18:47:12 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-type: text/plain\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\naccess-control-allow-origin: https://www.clubpromerica.com\r\naccess-control-expose-headers: date,vary,vary,vary,server,content-length\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-11T01:58:50.778478Z","times_seen":16314134,"resource_available":true,"data":null}},"time_used":266,"timings":{"blocked":116,"dns":1,"connect":21,"send":0,"wait":33,"receive":0,"ssl":91},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Content/Images/instagram.png?v=1","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:12.566Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Content/Images/instagram.png?v=1 HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala/Themes/Element/Content/CSS/ClubPromerica.css?v=2\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174; _gcl_au=1.1.76622958.1767898032\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nEtag: \"0cb4f71593ddb1:0\"\r\nLast-Modified: Sat, 23 Nov 2024 03:40:30 GMT\r\nContent-Type: image/png\r\nContent-Length: 1876\r\nDate: Thu, 08 Jan 2026 18:47:12 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nX-Iinfo: 14-127319187-127294725 2VNN RT(1767898030417 2118) q(0 0 0 -1) r(1 1) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]}],"data":{"size":1876,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 142 x 142, 8-bit/color RGBA, non-interlaced","md5":"57981759624ba0c93162eeb9f05d3972","sha1":"dc2cc90f66c1c0d3a87f257a2cde5e9b2bb6c5a2","sha256":"7e5895c745558fe9707c6a46c06f6f6c1460e6487a48ff88fadbf341d096b39e","sha512":"b5d7072d9e717f310e548622e82880d8892963a43fb9e8b8cccbad57830c3c5624922b722d7b8d635ca6089aedbe47cd6cb223302b76041eb8ecda4c1c8dbc87","ssdeep":"","tlshash":"11311963f32c38b9dfb399080575a5b3847421f04facae9c943225dc69a3ccc1985b26","first_seen":"2026-01-08T18:47:47.285888Z","last_seen":"2026-04-13T00:21:38.947846Z","times_seen":8,"resource_available":false,"data":null}},"time_used":122,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":122,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Themes/Element/Content/css/jquery-confirm.min.css","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.528Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Themes/Element/Content/css/jquery-confirm.min.css HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nEtag: \"033d97a593ddb1:0\"\r\nLast-Modified: Sat, 23 Nov 2024 03:40:46 GMT\r\nContent-Type: text/css\r\nContent-Length: 4041\r\nContent-Encoding: gzip\r\nDate: Thu, 08 Jan 2026 18:47:11 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nX-Iinfo: 13-88454096-88454747 2VNN RT(1767898014715 17324) q(0 0 0 -1) r(1 1) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]}],"data":{"size":32970,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"f7cfa809d45cdfcab52e21314d57548a","sha1":"5d6808ad0eb3ea5752293801b6d9f1da33da8ed8","sha256":"af32a0ca234a0920f7831fe1a030bf7f6d80cb8b96bd28c186ff95d1523cf968","sha512":"40ec04665a7b64a46ef8128de16876b99a708590e7913e08d8e7cd037d0acce8c9abd3bc055ef3051658701d9d6e8a4ce41819d7493ccc5951ddc24107ba0de1","ssdeep":"384:8VnoNfrysJt7ovxXu8h9naSDFaFwe/AMd:+xXu8hwxAMd","tlshash":"7ee2533f890d0c4761334f2847a6ba1deb2773e3894297afbe9e14448fbdd184d85a19","first_seen":"2026-01-08T18:47:47.286771Z","last_seen":"2026-04-13T00:21:38.877483Z","times_seen":8,"resource_available":false,"data":null}},"time_used":1618,"timings":{"blocked":1493,"dns":0,"connect":0,"send":0,"wait":123,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/collect?frm=0\u0026en=page_view\u0026dr=www.clubpromerica.com\u0026dl=https%3A%2F%2Fwww.clubpromerica.com%2Fguatemala\u0026scrsrc=www.googletagmanager.com\u0026rnd=1815395328.1767898032\u0026dt=Club%20Promerica\u0026auid=76622958.1767898032\u0026navt=n\u0026npa=1\u0026gtm=45He6170v9178607596za200zd9178607596xea\u0026gcd=13l3l3l2l1l1\u0026dma_cps=syphamo\u0026dma=1\u0026tag_exp=103116026~103200004~104527906~104528500~104684208~104684211~105391252~115938465~115938468~116682877~116744867~116910502\u0026tft=1767898032326\u0026tfd=12016\u0026apve=1\u0026apvf=f\u0026img=1","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.100","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:12.776Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:49:27 GMT","end":"Wed, 25 Feb 2026 15:49:26 GMT"},"fingerprint":{"sha1":"47:99:FB:97:02:C2:03:A6:B6:60:07:03:D3:B7:37:4B:99:D1:7F:1F","sha256":"01:72:D6:C3:FA:E5:7E:F5:EF:15:83:1F:EE:A5:BF:37:4C:78:02:B4:CD:BF:8D:EF:62:9F:53:B1:B3:1A:B6:EB"}}},"request":{"raw":"GET /ccm/collect?frm=0\u0026en=page_view\u0026dr=www.clubpromerica.com\u0026dl=https%3A%2F%2Fwww.clubpromerica.com%2Fguatemala\u0026scrsrc=www.googletagmanager.com\u0026rnd=1815395328.1767898032\u0026dt=Club%20Promerica\u0026auid=76622958.1767898032\u0026navt=n\u0026npa=1\u0026gtm=45He6170v9178607596za200zd9178607596xea\u0026gcd=13l3l3l2l1l1\u0026dma_cps=syphamo\u0026dma=1\u0026tag_exp=103116026~103200004~104527906~104528500~104684208~104684211~105391252~115938465~115938468~116682877~116744867~116910502\u0026tft=1767898032326\u0026tfd=12016\u0026apve=1\u0026apvf=f\u0026img=1 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\npragma: no-cache\r\ndate: Thu, 08 Jan 2026 18:47:12 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-type: text/plain\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-11T01:58:50.778478Z","times_seen":16314134,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/nunitosans/v19/pe0AMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfUVwoNnq4CLz0_kJ3xzHGAVFIF2w.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.clubpromerica.com/","date":"2026-01-08T18:46:54.964Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/nunitosans/v19/pe0AMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfUVwoNnq4CLz0_kJ3xzHGAVFIF2w.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.clubpromerica.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 49580\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 08 Jan 2026 16:33:18 GMT\r\nexpires: Fri, 08 Jan 2027 16:33:18 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 16 Sep 2025 13:31:20 GMT\r\ncontent-type: font/woff2\r\nage: 8017\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":49580,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 49580, version 1.0","md5":"700f45bd8200afec6e792096b626f88c","sha1":"d5deafd7f3bf1d1e81c457ed33e4bfcae9491332","sha256":"b8649c5603466af5eac426de0f7949e40cc3d7fab35f0d7db0a756a61028231d","sha512":"4e04907d7700e7b1d5e4c7e755a99fd27970322cef9235de1e038f9ed8e46eb17b368566aba13752c70008877d11db282454024c1405646d6d713244f045e8b6","ssdeep":"1536:yVdrD5lVFgypda4uI+pU3LNCb/h+39uwdT:Wrl5TpgxZa3JCb/Qow5","tlshash":"7b230290baa4b4e45b7abf3776e350b4740cc2f9b89901ac54aca39bbd71034e191c02","first_seen":"2025-09-17T07:38:58.307435Z","last_seen":"2026-06-10T17:34:13.691044Z","times_seen":2069,"resource_available":false,"data":null}},"time_used":158,"timings":{"blocked":69,"dns":1,"connect":7,"send":0,"wait":9,"receive":10,"ssl":58},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Plugins/SevenSpikes.Nop.Plugins.ProductRibbons/Styles/Ribbons.common.css","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.445Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Plugins/SevenSpikes.Nop.Plugins.ProductRibbons/Styles/Ribbons.common.css HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nEtag: \"0d97678593ddb1:0\"\r\nLast-Modified: Sat, 23 Nov 2024 03:40:42 GMT\r\nContent-Type: text/css\r\nContent-Length: 628\r\nContent-Encoding: gzip\r\nDate: Thu, 08 Jan 2026 18:47:11 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nX-Iinfo: 8-14178468-14175705 2VNN RT(1767898030386 746) q(0 0 0 -1) r(4 4) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1942,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"14121e8d8faec2fe192598e33421798e","sha1":"98248edfb600a29f724c120321650757f6aa9ff1","sha256":"cffdf3061226a8f0b40f4ba0040e2b32dba3f2f295e6be708aed12cb34840d9f","sha512":"bd0bccbb576fc50426f88e2ecf95fa1fdc57bd6d2ed94f6d8e25f66b442aaa501dd9a7ab5eccc7aeda47dcffd86c873f088ec42283d8f49b2a7810fbf8e9c453","ssdeep":"","tlshash":"604179948aa192059617bb5eb2fd2700ef3480e0af9b601df14ae65f27d74d41233e97","first_seen":"2025-06-05T22:38:59.573524Z","last_seen":"2026-04-13T00:21:38.842568Z","times_seen":16,"resource_available":false,"data":null}},"time_used":1101,"timings":{"blocked":682,"dns":0,"connect":0,"send":0,"wait":419,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.clubpromerica.com/guatemala/Scripts/jquery-1.10.2.min.js","fqdn":"www.clubpromerica.com","domain":"clubpromerica.com","tld":"com"},"ip":{"addr":"45.60.78.39","port":443,"asn":19551,"as":"INCAPSULA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.clubpromerica.com/guatemala","date":"2026-01-08T18:47:10.457Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.clubpromerica.com","organization":"Promerica Financial Corporation"},"issuer":{"commonName":"GlobalSign GCC R3 EV TLS CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 04 Dec 2025 20:21:08 GMT","end":"Tue, 05 Jan 2027 20:21:07 GMT"},"fingerprint":{"sha1":"C4:92:FC:50:47:4F:5C:63:CB:72:F6:A3:94:6E:12:41:1A:E8:CD:FD","sha256":"92:7F:6F:4B:89:96:88:85:DA:F2:85:EF:39:B2:2D:E2:0B:CD:06:E4:97:7D:BE:06:64:BB:17:82:14:C3:4C:37"}}},"request":{"raw":"GET /guatemala/Scripts/jquery-1.10.2.min.js HTTP/1.1\r\nHost: www.clubpromerica.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/guatemala\r\nCookie: dtCookie=v_4_srv_3_sn_D4F1F903FD2EFE12FF461975B6882B03_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; visid_incap_2440767=yaBGW8N7S8+h073RJJtdc537X2kAAAAAQUIPAAAAAAC8AuOKS9tFiDSJyyz61fw+; nlbi_2440767=JspPbekTgVv/AGIXyUPlqQAAAACkEs2sSG0LZYgSsqn1Fdp1; incap_ses_7234_2440767=H1nfYxkiB3L4BmNTJVVkZJ37X2kAAAAAb5QlTRIl1T5L2Ags7MDU1A==; Nop.customer=e3c1ceb2-3948-4ed5-b4cd-36573808a174\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nEtag: \"06a879593ddb1:0\"\r\nLast-Modified: Sat, 23 Nov 2024 03:40:44 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 32812\r\nContent-Encoding: gzip\r\nDate: Thu, 08 Jan 2026 18:47:10 GMT\r\nStrict-Transport-Security: max-age=31536000\r\nX-CDN: Imperva\r\nCache-Control: max-age=0\r\nX-Iinfo: 13-88454096-88452070 2VNN RT(1767898014715 16601) q(0 0 0 -1) r(1 1) U18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Imperva","description":"Imperva is a cyber security software and services company for networking, data, and application security.","website":"https://www.imperva.com/","common_platform_enumeration":"","icon":"Imperva.svg","categories":["Security","CDN"]}],"data":{"size":93113,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32072), with CRLF line terminators","md5":"11468602df014a21b203dc9bcd84d369","sha1":"2cf8733fe01e2d149140cb840595fa5d21769f93","sha256":"29c9e8752f25b17961e3c6ff72de34b1f1a157dfc5fabb68bd148b8ec9002b17","sha512":"e5e527b6a1808e474b7d64d3ce360db14b1a4871a5aee01185cbafab06ed6f40e50b4281acec12dc2fe8663296d4ce5032e40769aeb9f32d7a6c9aa4d2525e11","ssdeep":"1536:O4mCgi8DyCuXXFiJ+L0kJQsJVPEKLQRZdC/RAfDknv+p0WzH/Io9Z7qABZnu0sFy:OGsKXAI2p0WP9bDrstfa5","tlshash":"be93f8ddb2d1b06257bb21bd006f540ff236195e280d8850f129e8eabc74a4d9277fad","first_seen":"2023-03-07T01:20:48Z","last_seen":"2026-06-09T19:56:01.864192Z","times_seen":9560,"resource_available":true,"data":null}},"time_used":973,"timings":{"blocked":841,"dns":0,"connect":0,"send":0,"wait":122,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.clubpromerica.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Nunito+Sans:opsz,wght@6..12,200;6..12,300;6..12,400;6..12,700;6..12,800\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.clubpromerica.com/","date":"2026-01-08T18:46:54.671Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"A8:BA:6B:80:7C:EC:B1:6F:C1:C2:03:D7:C9:27:6E:75:DE:4B:AA:47","sha256":"4E:2C:B9:C5:81:56:5E:97:93:07:22:12:66:E2:52:C6:0A:2E:17:72:FF:9B:5F:2A:B9:E1:21:80:05:6D:8B:3D"}}},"request":{"raw":"GET /css2?family=Nunito+Sans:opsz,wght@6..12,200;6..12,300;6..12,400;6..12,700;6..12,800\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.clubpromerica.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Thu, 08 Jan 2026 18:46:54 GMT\r\ndate: Thu, 08 Jan 2026 18:46:54 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11110,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"8c432371f9f6f2b169b2d9fd990f4fe2","sha1":"5094cf15be9a2ca2b8c2dc051df9355f385fa490","sha256":"931cb490157b40df311855f675b469ce2a47032ce1ca1a0ba06dd78c0778a3f5","sha512":"990c9dd1e083011c20e5122ccb8a99e419ab8800583fe8b311b0904d0154338effaa33178fdfe271633207f532c5359eebaf679e125fac402d4fdc741bed5127","ssdeep":"192:9v1NvCkvQvIrvOv1mvCTvPvI8vrv1DvC2vKvI1v6v1SvCnv7vIAv3v1fvCqvWvI1:3wNntmvz9yu","tlshash":"6432c081053b9044d647acc1238fbf39eeaeb0123051d07daffd9899dc5ad6da265b0d","first_seen":"2026-01-08T18:47:47.288833Z","last_seen":"2026-01-23T20:15:24.197646Z","times_seen":3,"resource_available":false,"data":null}},"time_used":223,"timings":{"blocked":97,"dns":1,"connect":9,"send":0,"wait":22,"receive":0,"ssl":91},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}