r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5ceaca9fd4ad000cb435820812fc69c8
8168397aaf7b572c89a9c83f46c0b65e4ac509f2
9c4e52e7e17158307d752db0bc3d1fbedae4f305cc301fd73b260f73ab796492
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7643
Expires: Tue, 06 Dec 2022 23:51:44 GMT
Date: Tue, 06 Dec 2022 21:44:21 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f83c5e33ba42e312ee398848bbb711f5
caa1fd23b1fbbe883292ded04404c1cfd861eb09
106d08fba45f1e13f85b4b5abc456594878494238933e54b6a06e21ed8a52bc9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 157
Cache-Control: max-age=132574
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:44:21 GMT
Etag: "638f19f6-1d7"
Expires: Thu, 08 Dec 2022 10:33:55 GMT
Last-Modified: Tue, 06 Dec 2022 10:31:18 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 06 Dec 2022 21:20:26 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1435
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a0abf10fb7e96c1c98dacf2f013a68b4
acdd839bce85eadc78a8e821e32e00a958d5c0c8
b85d98f8df05431777d96c767ce4c152302ec3f653cdf6e61c8c3fa9574f3255
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B85D98F8DF05431777D96C767CE4C152302EC3F653CDF6E61C8C3FA9574F3255"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12892
Expires: Wed, 07 Dec 2022 01:19:13 GMT
Date: Tue, 06 Dec 2022 21:44:21 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: h24dbGCp0a0fT5I0bonOMiH8CjoB7iYMWDLucAhSON82ioqvZwg42UazGlO3eoeMu2RASuLHddc=
x-amz-request-id: XZ236HV0K2Q5JCGP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 06 Dec 2022 20:49:06 GMT
age: 3315
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
boccalupo.com.mx/ue/index.php?QBOT.zip
192.185.131.153301 Moved Permanently 0 B URL HTTP/1.1 boccalupo.com.mx/ue/index.php?QBOT.zip
IP 192.185.131.153:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /ue/index.php?QBOT.zip HTTP/1.1
Host: boccalupo.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 06 Dec 2022 21:44:21 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: http://boccalupo.com.mx/ue/?QBOT.zip
Content-Length: 0
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 21:44:21 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 06 Dec 2022 21:08:58 GMT
cache-control: public,max-age=3600
age: 2124
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0f7dcaa590e32cfd1c075255188d5f06
d4bb4954fefdb3b59560b54adf500e806e252e39
195795c2511b31519134f5eb4442d8708918ecaff72f8e821a5473ad7c97c448
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 136
Cache-Control: max-age=127484
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:44:22 GMT
Etag: "638f062a-1d7"
Expires: Thu, 08 Dec 2022 09:09:06 GMT
Last-Modified: Tue, 06 Dec 2022 09:06:50 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
fonts.googleapis.com/css?family=Open+Sans:400:|Oswald:700:,700,200|Roboto:500:,400normal,400|Peralta:400:&subsets=latin&display=swap
142.250.74.74200 OK 969 B URL HTTP/1.1 fonts.googleapis.com/css?family=Open+Sans:400:|Oswald:700:,700,200|Roboto:500:,400normal,400|Peralta:400:&subsets=latin&display=swap
IP 142.250.74.74:0
Hash b3a0924b8fa1d74a29ff8b3d802b1699
67db4a32a07fbf8e8b088cc73243e3ad77569044
95b244f9e2eb7b4d6c31dda633176e54d9fb8d7699e3b37f20ada1528fa9ccdc
GET /css?family=Open+Sans:400:|Oswald:700:,700,200|Roboto:500:,400normal,400|Peralta:400:&subsets=latin&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://boccalupo.com.mx
Connection: keep-alive
Referer: http://boccalupo.com.mx/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Tue, 06 Dec 2022 21:44:22 GMT
Date: Tue, 06 Dec 2022 21:44:22 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
fonts.googleapis.com/css?family=Open+Sans%3A400%3A%7COswald%3A700%3A%2C700%2C200%7CRoboto%3A500%3A%2C400normal%2C400%7CPeralta%3A400%3A&ver=6.1.1
142.250.74.74200 OK 951 B URL HTTP/1.1 fonts.googleapis.com/css?family=Open+Sans%3A400%3A%7COswald%3A700%3A%2C700%2C200%7CRoboto%3A500%3A%2C400normal%2C400%7CPeralta%3A400%3A&ver=6.1.1
IP 142.250.74.74:0
Hash 7f22e881cf2e7e0fdaeee7ed37bb2d91
a97e96648cd8ca17773af990e48a30c27cd43ad5
51c323e098d3c1f8b31e5c175106c30351ab01f5cc50cd9e9bb0f04cb5a5f21a
GET /css?family=Open+Sans%3A400%3A%7COswald%3A700%3A%2C700%2C200%7CRoboto%3A500%3A%2C400normal%2C400%7CPeralta%3A400%3A&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://boccalupo.com.mx/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Tue, 06 Dec 2022 21:44:22 GMT
Date: Tue, 06 Dec 2022 21:44:22 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
boccalupo.com.mx/ue/?QBOT.zip
192.185.131.153404 Not Found 47 kB URL HTTP/1.1 boccalupo.com.mx/ue/?QBOT.zip
IP 192.185.131.153:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (40377), with CRLF, LF line terminators
Hash 24461118d6e5acc93614c3b4b775892f
36c5693cb7487ed42ec2a7f1c6b61a794f472c18
bdbb2bf25b439faa4e8fd69076603488c7e54084c2f8b6734a579d4ede638b2e
Analyzer Verdict Alert quad9 Sinkholed
GET /ue/?QBOT.zip HTTP/1.1
Host: boccalupo.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 404 Not Found
Date: Tue, 06 Dec 2022 21:44:21 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://boccalupo.com.mx/wp-json/>; rel="https://api.w.org/"
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
boccalupo.com.mx/wp-includes/css/classic-themes.min.css?ver=1
192.185.131.153200 OK 189 B URL HTTP/1.1 boccalupo.com.mx/wp-includes/css/classic-themes.min.css?ver=1
IP 192.185.131.153:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: boccalupo.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://boccalupo.com.mx/ue/?QBOT.zip
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 21:44:22 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 25 Oct 2022 18:45:16 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 189
Keep-Alive: timeout=5, max=75
Content-Type: text/css
boccalupo.com.mx/wp-content/themes/brooklyn/css/ut.core.fonts.min.css?ver=6.1.1
192.185.131.153200 OK 9.7 kB URL HTTP/1.1 boccalupo.com.mx/wp-content/themes/brooklyn/css/ut.core.fonts.min.css?ver=6.1.1
IP 192.185.131.153:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (30447), with CRLF line terminators
Hash a31d3bf6e73dd953b941755858baf8da
afc08f289b57550806f9817484573f16c852f87b
4ff8cdc5bc33803760a6c2799e933cac6dea59807b7cac1f035bf7ef66bd2c7d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/brooklyn/css/ut.core.fonts.min.css?ver=6.1.1 HTTP/1.1
Host: boccalupo.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://boccalupo.com.mx/ue/?QBOT.zip
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 21:44:22 GMT
Server: Apache
Last-Modified: Wed, 10 Aug 2022 18:16:06 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 9731
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/css
push.services.mozilla.com/
52.38.146.2101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.38.146.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: SiPykloqmbWA8FrjmoqiTA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: UgHb+yF6WprzFD7xu+mTUzK5E+4=
boccalupo.com.mx/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
192.185.131.153409 Conflict 83 B URL HTTP/1.1 boccalupo.com.mx/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
IP 192.185.131.153:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4 HTTP/1.1
Host: boccalupo.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://boccalupo.com.mx/ue/?QBOT.zip
HTTP/1.1 409 Conflict
Date: Tue, 06 Dec 2022 21:44:22 GMT
Server: Apache
Content-Length: 83
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
boccalupo.com.mx/wp-content/themes/brooklyn/css/ut.shortcode.min.css?ver=6.1.1
192.185.131.153200 OK 9.5 kB URL HTTP/1.1 boccalupo.com.mx/wp-content/themes/brooklyn/css/ut.shortcode.min.css?ver=6.1.1
IP 192.185.131.153:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (38181), with no line terminators
Hash bb2f4ad07211ef03d0c50dfd7030117e
870e9990dc4440e96899f5ad006db27702d83b49
d81b543ad9256a70a1a2ef50c9fa0d812adb89e0c35ae003a8509c0de0f67c28
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/brooklyn/css/ut.shortcode.min.css?ver=6.1.1 HTTP/1.1
Host: boccalupo.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://boccalupo.com.mx/ue/?QBOT.zip
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 21:44:22 GMT
Server: Apache
Last-Modified: Wed, 10 Aug 2022 18:16:06 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 9519
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: text/css
boccalupo.com.mx/wp-content/plugins/aurora-heatmap/style.css?ver=1.5.6
192.185.131.153200 OK 2.7 kB URL HTTP/1.1 boccalupo.com.mx/wp-content/plugins/aurora-heatmap/style.css?ver=1.5.6
IP 192.185.131.153:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash e0b9bac5258be021ae554915bddcc6b6
26c070ae655e42b8a8004f4e474986378d263dfc
9a0eb9df48c868d49ab85cc2072ff79630ed04c4785080926aa1252a00628a19
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/aurora-heatmap/style.css?ver=1.5.6 HTTP/1.1
Host: boccalupo.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://boccalupo.com.mx/ue/?QBOT.zip
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 21:44:23 GMT
Server: Apache
Last-Modified: Wed, 16 Nov 2022 00:41:23 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2730
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: text/css
boccalupo.com.mx/wp-content/themes/brooklyn/style.css?ver=6.1.1
192.185.131.153200 OK 67 kB URL HTTP/1.1 boccalupo.com.mx/wp-content/themes/brooklyn/style.css?ver=6.1.1
IP 192.185.131.153:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (394), with CRLF line terminators
Hash 625dbd7ac5d3bfbc39e050a7b65e9849
fa3f7c317ecc9f7ae620153e2eead476b937e0b4
45bfac82833c36764f97b4fc1aa825839b91597688c5389d4b59d63050221dca
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/brooklyn/style.css?ver=6.1.1 HTTP/1.1
Host: boccalupo.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://boccalupo.com.mx/ue/?QBOT.zip
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 21:44:22 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 10 Aug 2022 18:16:07 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/css
boccalupo.com.mx/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.5.3
192.185.131.153200 OK 62 kB URL HTTP/1.1 boccalupo.com.mx/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.5.3
IP 192.185.131.153:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65536), with no line terminators
Hash 92e8ec7d79ffb360abc23e3859567527
8e260181161b644c3bd28cab1fbe74e2dfa77a36
e1169e5f72f94ec0dcaa41af60cbef78449b17e94cd85062222b9996054cfb37
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.5.3 HTTP/1.1
Host: boccalupo.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://boccalupo.com.mx/ue/?QBOT.zip
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 21:44:22 GMT
Server: Apache
Last-Modified: Wed, 10 Aug 2022 18:18:51 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
boccalupo.com.mx/wp-content/themes/brooklyn/css/ut.theme.min.css?ver=4.9.7.4
192.185.131.153200 OK 5.0 kB URL HTTP/1.1 boccalupo.com.mx/wp-content/themes/brooklyn/css/ut.theme.min.css?ver=4.9.7.4
IP 192.185.131.153:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (28604), with no line terminators
Hash fb4599565fd2c5192def23d06e4e9e37
4ff8459fc50abf48ff7f0933fcbd69f387692f5c
5b850aecddfcdd7cccfc00fca148868934c9967cce729b42b0e74e952762f36e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/brooklyn/css/ut.theme.min.css?ver=4.9.7.4 HTTP/1.1
Host: boccalupo.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://boccalupo.com.mx/ue/?QBOT.zip
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 21:44:23 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 10 Aug 2022 18:16:06 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5040
Keep-Alive: timeout=5, max=75
Content-Type: text/css
boccalupo.com.mx/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
192.185.131.153200 OK 39 kB URL HTTP/1.1 boccalupo.com.mx/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 192.185.131.153:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65447)
Hash 32f58a61f7c5a7e10f8b2dcf8e9a8e34
865c25589283ab1debd45bdfa6c4d8c6ecf15ad3
481cb2216fbdb0797af8c61b69c0bda2c10d025f7b11f2cdfac382d35dc45d63
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: boccalupo.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://boccalupo.com.mx/ue/?QBOT.zip
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 21:44:23 GMT
Server: Apache
Last-Modified: Mon, 19 Sep 2022 19:16:24 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
boccalupo.com.mx/wp-content/themes/brooklyn/css/ut.vc.shortcodes.min.css?ver=6.1.1
192.185.131.153200 OK 42 kB URL HTTP/1.1 boccalupo.com.mx/wp-content/themes/brooklyn/css/ut.vc.shortcodes.min.css?ver=6.1.1
IP 192.185.131.153:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65536), with no line terminators
Hash d56130459f6e5924a7ee9701246a8b88
c98ef308355ffc3d10542ab3e11803ec0821ce14
9a009617696fbfd7c76c1398fd0eddac171c71e5aca880237125519e5af122e4
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/brooklyn/css/ut.vc.shortcodes.min.css?ver=6.1.1 HTTP/1.1
Host: boccalupo.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://boccalupo.com.mx/ue/?QBOT.zip
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 21:44:22 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 10 Aug 2022 18:16:06 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/css
boccalupo.com.mx/wp-content/plugins/ut-shortcodes/js/plugins/modernizr/modernizr.min.js?ver=2.6.2
192.185.131.153200 OK 14 kB URL HTTP/1.1 boccalupo.com.mx/wp-content/plugins/ut-shortcodes/js/plugins/modernizr/modernizr.min.js?ver=2.6.2
IP 192.185.131.153:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, Unicode text, UTF-8 text, with very long lines (3665)
Hash 310d1a87626390fb9c0d511d788c3ab9
61f8712e259ebe6aebf6a26e65679a6421b55032
62e444debb4a566e20a7c7444e905a9ceba13a3359450de6547cea4c7e708bac
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/ut-shortcodes/js/plugins/modernizr/modernizr.min.js?ver=2.6.2 HTTP/1.1
Host: boccalupo.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://boccalupo.com.mx/ue/?QBOT.zip
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 21:44:23 GMT
Server: Apache
Last-Modified: Wed, 10 Aug 2022 18:18:55 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 14261
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: application/javascript
boccalupo.com.mx/wp-content/plugins/aurora-heatmap/js/mobile-detect.min.js?ver=1.4.5
192.185.131.153200 OK 17 kB URL HTTP/1.1 boccalupo.com.mx/wp-content/plugins/aurora-heatmap/js/mobile-detect.min.js?ver=1.4.5
IP 192.185.131.153:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (32257)
Hash a70d195a80ab59077534af6b7add3940
2e59c99dddc71501f30ef2866217f408eea46316
c298398fc20ddd56e34632b4e5632c182eabe02da06b97ef61961385d1c7de7e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/aurora-heatmap/js/mobile-detect.min.js?ver=1.4.5 HTTP/1.1
Host: boccalupo.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://boccalupo.com.mx/ue/?QBOT.zip
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 21:44:23 GMT
Server: Apache
Last-Modified: Wed, 16 Nov 2022 00:41:23 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 17164
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: application/javascript
boccalupo.com.mx/wp-content/plugins/aurora-heatmap/js/reporter.js?ver=1.5.6
192.185.131.153200 OK 3.6 kB URL HTTP/1.1 boccalupo.com.mx/wp-content/plugins/aurora-heatmap/js/reporter.js?ver=1.5.6
IP 192.185.131.153:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash f25c6bed362b2e530f7fb108e423a531
4edbc8df0e0251f076999992c1c536f6256c1708
5cf459ea433a5a1794f9bfe1420ed309ae468954a1e80addf469d6608f2be905
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/aurora-heatmap/js/reporter.js?ver=1.5.6 HTTP/1.1
Host: boccalupo.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://boccalupo.com.mx/ue/?QBOT.zip
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 21:44:23 GMT
Server: Apache
Last-Modified: Wed, 16 Nov 2022 00:41:23 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3616
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: application/javascript
boccalupo.com.mx/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.14
192.185.131.153200 OK 16 kB URL HTTP/1.1 boccalupo.com.mx/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.14
IP 192.185.131.153:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (12602)
Hash ef1f75a7e3a95466dbb541342d218497
aee4425ad15662a4a27ba4806773aee46be6b259
337aa9ca7c55b6580203aa0cfef8be8e42deb5441faacb9be21c0107347d3388
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.14 HTTP/1.1
Host: boccalupo.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://boccalupo.com.mx/ue/?QBOT.zip
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 21:44:23 GMT
Server: Apache
Last-Modified: Wed, 10 Aug 2022 18:19:01 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 16398
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: text/css
boccalupo.com.mx/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
192.185.131.153409 Conflict 83 B URL HTTP/1.1 boccalupo.com.mx/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
IP 192.185.131.153:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1
Host: boccalupo.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://boccalupo.com.mx/ue/?QBOT.zip
HTTP/1.1 409 Conflict
Date: Tue, 06 Dec 2022 21:44:23 GMT
Server: Apache
Content-Length: 83
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
boccalupo.com.mx/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
192.185.131.153409 Conflict 83 B URL HTTP/1.1 boccalupo.com.mx/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
IP 192.185.131.153:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1
Host: boccalupo.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://boccalupo.com.mx/ue/?QBOT.zip
HTTP/1.1 409 Conflict
Date: Tue, 06 Dec 2022 21:44:23 GMT
Server: Apache
Content-Length: 83
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
boccalupo.com.mx/wp-content/themes/brooklyn/js/ut-scriptlibrary.min.js?ver=4.9.7.4
192.185.131.153200 OK 74 kB URL HTTP/1.1 boccalupo.com.mx/wp-content/themes/brooklyn/js/ut-scriptlibrary.min.js?ver=4.9.7.4
IP 192.185.131.153:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65536), with no line terminators
Hash 4a75f035e095d62669144778548c512c
8619ea3c338e6e37b0471c07a46e9d514f390223
97d7704039aeb4021b7b7494192590853e7d3cd6b2975e98acc7e27c9afc49ac
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/brooklyn/js/ut-scriptlibrary.min.js?ver=4.9.7.4 HTTP/1.1
Host: boccalupo.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://boccalupo.com.mx/ue/?QBOT.zip
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 21:44:23 GMT
Server: Apache
Last-Modified: Wed, 10 Aug 2022 18:15:57 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
boccalupo.com.mx/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.14
192.185.131.153200 OK 59 kB URL HTTP/1.1 boccalupo.com.mx/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.14
IP 192.185.131.153:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (45108)
Hash 41330b2074e42d731bb7590633510cc3
a87a478fb6cd5fd330fa2c74cd716674747b23da
a29e9fc8787d304e15afe256171a0bf91e0e8f09fb5339350cdd181b8c0c135f
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.14 HTTP/1.1
Host: boccalupo.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://boccalupo.com.mx/ue/?QBOT.zip
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 21:44:23 GMT
Server: Apache
Last-Modified: Wed, 10 Aug 2022 18:19:01 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
boccalupo.com.mx/wp-content/themes/brooklyn-child/style.css?ver=6.1.1
192.185.131.153200 OK 158 B URL HTTP/1.1 boccalupo.com.mx/wp-content/themes/brooklyn-child/style.css?ver=6.1.1
IP 192.185.131.153:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 06ed1948b69f19e48b1fbdea3c80f587
d5dbea69eca4bcbbffd2dfec6e523fd8cd0ac5ec
6d570da262e7736f5a01cfcd87e6ed3f7c8eb25aa6fac8746411624157cbb6d0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/brooklyn-child/style.css?ver=6.1.1 HTTP/1.1
Host: boccalupo.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://boccalupo.com.mx/ue/?QBOT.zip
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 21:44:23 GMT
Server: Apache
Last-Modified: Wed, 10 Aug 2022 18:18:27 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 158
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/css
boccalupo.com.mx/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
192.185.131.153200 OK 4.6 kB URL HTTP/1.1 boccalupo.com.mx/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 192.185.131.153:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11126)
Hash acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: boccalupo.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://boccalupo.com.mx/ue/?QBOT.zip
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 21:44:23 GMT
Server: Apache
Last-Modified: Wed, 18 Nov 2020 15:06:06 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4618
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: application/javascript
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7727
Expires: Tue, 06 Dec 2022 23:53:10 GMT
Date: Tue, 06 Dec 2022 21:44:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7727
Expires: Tue, 06 Dec 2022 23:53:10 GMT
Date: Tue, 06 Dec 2022 21:44:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7727
Expires: Tue, 06 Dec 2022 23:53:10 GMT
Date: Tue, 06 Dec 2022 21:44:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7727
Expires: Tue, 06 Dec 2022 23:53:10 GMT
Date: Tue, 06 Dec 2022 21:44:23 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8a7b1a4-645c-4164-abf9-5450ef421f97.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8a7b1a4-645c-4164-abf9-5450ef421f97.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fddffc8edfa3ca668c8ac740d34f46c5
63483fc211cfb2808c7f37940a4065b4f4177c59
3c736f085f8f25d68c3dd946d5a546dc6d1f5f6e94a0da17b7fd4662d61a0b50
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8a7b1a4-645c-4164-abf9-5450ef421f97.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8660
x-amzn-requestid: d5cf901f-bd2b-4269-918a-29a0bec09a40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_uBG9IIAMFxcw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1326-63b4ea925878dab212409f2b;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZbrQ6wWHMvuPGfdujPdgWq3ahDYeTi0wGfwnn27xEBt6TvM8r0kMgQ==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:49:39 GMT
age: 86084
etag: "63483fc211cfb2808c7f37940a4065b4f4177c59"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7f2c354a00ab51d4a41221b6bf191c10
01ceb7233fe05ad8dff3a0a43eef879ea2b83ec4
7d3c8417e1db0db41ceb8b4bf3f506864392dd1ad29319a06a8a6055f6f2ed12
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11352
x-amzn-requestid: 7c3fc7bb-eb1f-46ec-8e92-b6ffc6261848
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSwuF1ToAMFiIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64d1-7c53152a279f00595b9886bd;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:25 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: EQorA5VTb0s2BEIWBkdkhDho-bLdLVvu8LnAIQsQqsIjgBLneYqCzg==
via: 1.1 b6d577696b14c86cbfeb5b3459f38c50.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:48:22 GMT
age: 86161
etag: "01ceb7233fe05ad8dff3a0a43eef879ea2b83ec4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7e1b54923ba506fde6b21c5bfb51ccc8
366aa3ab0790c496ea51bc08d1f2ff3358530d9e
a993ca6dc9a1f854f4542f9221e4f90060825ea863974b5163a9d3e284dc4663
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10594
x-amzn-requestid: eee9f193-eef5-44bf-997a-877fa206749e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSyIHpGoAMF1fw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64da-0a9190f7698dbf2f73bb1575;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T28mItwomGU8iDJ18lUF7ZrFuyh_P3ZTwUtA4AC5qZ5C5FQurDMgmQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:54:01 GMT
age: 85822
etag: "366aa3ab0790c496ea51bc08d1f2ff3358530d9e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 38b97436af942d5eb1111ca7043259a0
0234fe32c84c4711f0619714f3ac6d3db1b717d3
a76a7721355abbaecd5c8cb5218e7e4626dc345eb26e7541c71bf4ceaa7ae5d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11175
x-amzn-requestid: 9c93ddca-1247-44af-a364-e617f69ace26
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSzYEnEoAMFa2A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64e2-7d38ea383725901524bc2ca0;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fNsYsKfPUM8QaG7-F1tSBDdsNit1BfYpWddNssXwyFO2HgdA0RpjAQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:54:21 GMT
age: 85802
etag: "0234fe32c84c4711f0619714f3ac6d3db1b717d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b15136d60fd0a5e0f657a4f5c75d540f
36082b7329d473829178f280cb71a83b1531e486
79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:09:28 GMT
age: 84895
etag: "36082b7329d473829178f280cb71a83b1531e486"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6aff31b2-ef3e-4782-ae28-38f9aee8b1b7.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6aff31b2-ef3e-4782-ae28-38f9aee8b1b7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3801236dc22938e1cc18947e90ea5326
5979d7dc3ba0eb61947282a4adeac8208b4148ae
3bd4eab29590ec3c316597abd2be65281cd9a6137add037ad57c093f1fca12e2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6aff31b2-ef3e-4782-ae28-38f9aee8b1b7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5995
x-amzn-requestid: 25b34277-c486-4642-aea7-21e0598babc3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSzOGGjoAMF4kw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64e1-6f43ab8e0c1a5260327bce11;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YzpOZW9e-54LuSSOigtmFRb0sUGpIRpqZ-UtINp-B_Uzk6lFPnb6dw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:25:46 GMT
age: 83917
etag: "5979d7dc3ba0eb61947282a4adeac8208b4148ae"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
boccalupo.com.mx/wp-content/plugins/ut-shortcodes/js/ut.scplugin.min.js?ver=5.0.1
192.185.131.153200 OK 14 kB URL HTTP/1.1 boccalupo.com.mx/wp-content/plugins/ut-shortcodes/js/ut.scplugin.min.js?ver=5.0.1
IP 192.185.131.153:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (45264), with no line terminators
Hash 4725282d8b38477c6ff87d3ab1526a0b
ca42c7fa54829a6d6c4f6e2c907406f812f77cff
c9e59da4a02921c754ffb31f1e0242ea3ee9402c31b22f5d9dc7bbb390d2784c
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/ut-shortcodes/js/ut.scplugin.min.js?ver=5.0.1 HTTP/1.1
Host: boccalupo.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://boccalupo.com.mx/ue/?QBOT.zip
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 21:44:23 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 10 Aug 2022 18:18:55 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 13989
Keep-Alive: timeout=5, max=75
Content-Type: application/javascript
boccalupo.com.mx/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.14
192.185.131.153200 OK 133 kB URL HTTP/1.1 boccalupo.com.mx/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.14
IP 192.185.131.153:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (64288)
Size 133 kB (132914 bytes)
Hash 50265a35a2316644f4976db10a0da4af
bee99763d29e8fd4c8d5e76a8fafd6e720e9bb52
3093462593a9358dabbbe081b14e1a34ef7b74dcea2caf07a99a21a6859e32bc
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.14 HTTP/1.1
Host: boccalupo.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://boccalupo.com.mx/ue/?QBOT.zip
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 21:44:23 GMT
Server: Apache
Last-Modified: Wed, 10 Aug 2022 18:19:01 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
boccalupo.com.mx/wp-content/themes/brooklyn/js/ut-init.min.js?ver=4.9.7.4
192.185.131.153200 OK 12 kB URL HTTP/1.1 boccalupo.com.mx/wp-content/themes/brooklyn/js/ut-init.min.js?ver=4.9.7.4
IP 192.185.131.153:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (36518), with no line terminators
Hash fc759b54b2c1748a4d8a1c9e7c252b5a
01c38e31d44869d1ad4b0ccfe7eb03dba10690ec
9da524f0d34d435e2456982ff23d2652697fa70812a33f54ae161bc5acec4a70
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/brooklyn/js/ut-init.min.js?ver=4.9.7.4 HTTP/1.1
Host: boccalupo.com.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://boccalupo.com.mx/ue/?QBOT.zip
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 21:44:27 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 10 Aug 2022 18:15:57 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11723
Keep-Alive: timeout=5, max=75
Content-Type: application/javascript