r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 59be8dfdd6f4ab82f394d3d5b927e065
dc8e8f1bbae495f84322e5efd0c42a39ef5be56c
7f251408f64b28bebfe96f3db5c3dde3d5ad5febbaf2964b3516c114eaa51f4d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7F251408F64B28BEBFE96F3DB5C3DDE3D5AD5FEBBAF2964B3516C114EAA51F4D"
Last-Modified: Mon, 31 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2544
Expires: Tue, 01 Nov 2022 12:11:08 GMT
Date: Tue, 01 Nov 2022 11:28:44 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 8d024a7496f85cabcc9adc118bd9fbec
a1146d4bf5c3e21619777259206bec6cad36e7ea
247b9761f543b4d13fabf86390a1580f92b2b271e1801d99b11bbb1980eefe84
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 840
Cache-Control: max-age=166577
Content-Type: application/ocsp-response
Date: Tue, 01 Nov 2022 11:28:44 GMT
Etag: "6360e755-1d7"
Expires: Thu, 03 Nov 2022 09:45:01 GMT
Last-Modified: Tue, 01 Nov 2022 09:31:01 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 44ee7bbc64b0396b20a28944ea4ec4d2
dbb18d4238fa3a980e5c254ff25d3b39590b0159
2cc72ff87dcdabcb0a67d8dda7a7c440f8650ffe77f71602954a3076762be50a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2CC72FF87DCDABCB0A67D8DDA7A7C440F8650FFE77F71602954A3076762BE50A"
Last-Modified: Tue, 01 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13881
Expires: Tue, 01 Nov 2022 15:20:05 GMT
Date: Tue, 01 Nov 2022 11:28:44 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Hqh39kjTUpPwBtPteFcEcnmEmCfV/9mmf7L8OmSqVejDqDcRUudAakmADdPZ+sRvI2Ma0PF3sRk=
x-amz-request-id: 5Q4PC77XZXG6PRBK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 01 Nov 2022 11:08:18 GMT
age: 1226
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 01 Nov 2022 11:28:44 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cabigoproperties.com/tae/qakbot.zip
301 Moved Permanently 0 B URL HTTP/1.1 cabigoproperties.com/tae/qakbot.zip
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /tae/qakbot.zip HTTP/1.1
Host: cabigoproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 01 Nov 2022 11:28:44 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Location: https://cabigoproperties.com/tae/qakbot.zip
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
200 OK 471 B IP
Hash f9303161ce04577a7bcd56ce42831a56
690bf1468d25898db3ab46e03639946854ab25f0
40c380dba92d637574e7699ae184a089c090bab6f7215dc0178dadd8b23da43c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4588
Cache-Control: max-age=165269
Content-Type: application/ocsp-response
Date: Tue, 01 Nov 2022 11:28:45 GMT
Etag: "6360d396-1d7"
Expires: Thu, 03 Nov 2022 09:23:14 GMT
Last-Modified: Tue, 01 Nov 2022 08:06:46 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
cabigoproperties.com/tae/qakbot.zip
404 Not Found 16 kB URL HTTP/1.1 cabigoproperties.com/tae/qakbot.zip
IP
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1746), with CRLF, CR, LF line terminators
Hash d848df967f78789e943b0050ae437ed0
63d26fac0f484a8ccb7ab9eb3df446d7cae4712a
33c40422f4ae2337c54119c4bc08a06b07c64b0bdc0effbad7d1f48efb9046cd
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /tae/qakbot.zip HTTP/1.1
Host: cabigoproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 404 Not Found
Date: Tue, 01 Nov 2022 11:28:44 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://cabigoproperties.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
cabigoproperties.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.0.1
200 OK 1.7 kB URL HTTP/1.1 cabigoproperties.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.0.1
IP
ASN #24940 Hetzner Online GmbH
Hash fc2e6559fc8d9fc13c67481ff30d7cc8
eabc53e08cc444b7255bd97f00f6611d2eb8538b
1e36067ffbde51faec89f96ebe1fd08513be4a97d109cc8130dcdc9cf3f4590d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.0.1 HTTP/1.1
Host: cabigoproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cabigoproperties.com/tae/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 01 Nov 2022 11:28:45 GMT
Server: Apache
Last-Modified: Wed, 04 Apr 2018 09:52:37 GMT
Accept-Ranges: bytes
Content-Length: 1683
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: j1TFH3kFC4EyjY4Xg2fYUg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: +yE4QP6RCB7hkonT6GenXxHsAxg=
cabigoproperties.com/wp-content/plugins/indeed-affiliate-pro/assets/css/font-awesome.css?ver=4.9.22
200 OK 10 kB URL HTTP/1.1 cabigoproperties.com/wp-content/plugins/indeed-affiliate-pro/assets/css/font-awesome.css?ver=4.9.22
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (372)
Hash 8077f730112ac61af92dbe59af5eec99
8611e62954d5ac567cc4069c1e9ecd9c409035e1
586cd64ffc23671ba4d240706b5c70a6f0c8386d8bdbaa1ff432b8990778d09a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/indeed-affiliate-pro/assets/css/font-awesome.css?ver=4.9.22 HTTP/1.1
Host: cabigoproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cabigoproperties.com/tae/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 01 Nov 2022 11:28:45 GMT
Server: Apache
Last-Modified: Tue, 31 Jul 2018 11:09:58 GMT
Accept-Ranges: bytes
Content-Length: 10287
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
cabigoproperties.com/wp-content/plugins/indeed-affiliate-pro/assets/css/main_public.css?ver=4.9.22
200 OK 40 kB URL HTTP/1.1 cabigoproperties.com/wp-content/plugins/indeed-affiliate-pro/assets/css/main_public.css?ver=4.9.22
IP
ASN #24940 Hetzner Online GmbH
Hash 61310c241a590f8cd07ff90573295974
928aa7826c8edda4a828a32b6478eaea6fd053ab
d9f811fd2f775eb175a1058381eb06cb5337c4a271f32e2ef5f7fdb528821a2f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/indeed-affiliate-pro/assets/css/main_public.css?ver=4.9.22 HTTP/1.1
Host: cabigoproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cabigoproperties.com/tae/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 01 Nov 2022 11:28:45 GMT
Server: Apache
Last-Modified: Tue, 31 Jul 2018 11:09:58 GMT
Accept-Ranges: bytes
Content-Length: 39838
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
cabigoproperties.com/wp-content/plugins/official-mailerlite-sign-up-forms/assets/css/mailerlite_forms.css?ver=1.2.4
200 OK 714 B URL HTTP/1.1 cabigoproperties.com/wp-content/plugins/official-mailerlite-sign-up-forms/assets/css/mailerlite_forms.css?ver=1.2.4
IP
ASN #24940 Hetzner Online GmbH
Hash 2897a0c3f763ec1962bb10f9bd91a8d4
643a38438c9b77bfe4bb734eaf8163e465733550
1b76de33158231663cff5a06d7096811800088d5989d3dc09e91ecb3063b4bb0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/official-mailerlite-sign-up-forms/assets/css/mailerlite_forms.css?ver=1.2.4 HTTP/1.1
Host: cabigoproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cabigoproperties.com/tae/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 01 Nov 2022 11:28:45 GMT
Server: Apache
Last-Modified: Wed, 04 Apr 2018 09:52:38 GMT
Accept-Ranges: bytes
Content-Length: 714
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
cabigoproperties.com/wp-content/plugins/indeed-affiliate-pro/assets/css/select2.min.css?ver=4.9.22
200 OK 15 kB URL HTTP/1.1 cabigoproperties.com/wp-content/plugins/indeed-affiliate-pro/assets/css/select2.min.css?ver=4.9.22
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (15252)
Hash 9eae8f4b8994b638114b0aa9bf42376c
4ed5a9d7665084b0d2bf7f2b7bfeec26aa3dd171
66e73ba9dd198cf602f1ea29f85ac7f2959806b61de770d6b730bc19629a5896
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/indeed-affiliate-pro/assets/css/select2.min.css?ver=4.9.22 HTTP/1.1
Host: cabigoproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cabigoproperties.com/tae/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 01 Nov 2022 11:28:45 GMT
Server: Apache
Last-Modified: Tue, 31 Jul 2018 11:09:58 GMT
Accept-Ranges: bytes
Content-Length: 15253
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
cabigoproperties.com/wp-content/plugins/indeed-affiliate-pro/assets/css/jquery-ui.min.css?ver=4.9.22
200 OK 30 kB URL HTTP/1.1 cabigoproperties.com/wp-content/plugins/indeed-affiliate-pro/assets/css/jquery-ui.min.css?ver=4.9.22
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (28415)
Hash 073d373949b52a9910af5c6b81f3902a
90f5f497a2e9dd4c32be1a85b57c637b9e982f80
e5aa7733c90c6c61c702ac7329d78428d66b9edf12c675ea63b6d9002ea1ada9
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/indeed-affiliate-pro/assets/css/jquery-ui.min.css?ver=4.9.22 HTTP/1.1
Host: cabigoproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cabigoproperties.com/tae/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 01 Nov 2022 11:28:45 GMT
Server: Apache
Last-Modified: Tue, 31 Jul 2018 11:09:58 GMT
Accept-Ranges: bytes
Content-Length: 30211
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
cabigoproperties.com/wp-content/themes/larx/assets/plugins/bootstrap/css/bootstrap.min.css?ver=4.9.22
200 OK 110 kB URL HTTP/1.1 cabigoproperties.com/wp-content/themes/larx/assets/plugins/bootstrap/css/bootstrap.min.css?ver=4.9.22
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (65367), with CRLF line terminators
Size 110 kB (109522 bytes)
Hash 183cbc932a71b9db5f4f40314cd69816
f5a856fc2f19e68624ac42f769e89e82da5e954c
326ffedb17cf069bdc342759a21bf78461179b48fe9047d0e4636e3c6115ad9d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/larx/assets/plugins/bootstrap/css/bootstrap.min.css?ver=4.9.22 HTTP/1.1
Host: cabigoproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cabigoproperties.com/tae/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 01 Nov 2022 11:28:45 GMT
Server: Apache
Last-Modified: Mon, 14 Aug 2017 15:03:02 GMT
Accept-Ranges: bytes
Content-Length: 109522
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
cabigoproperties.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.3.1
200 OK 37 kB URL HTTP/1.1 cabigoproperties.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.3.1
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (36280), with CRLF line terminators
Hash d0d43fdc95f727e8d29f59752eaf29e1
ad86a2dd6af8637420bdf028ff9a6142308bef5c
fe860fab588a727cf34ebcd900ec31799c595d7c41dc635e3cae67bbd5999277
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.3.1 HTTP/1.1
Host: cabigoproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cabigoproperties.com/tae/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 01 Nov 2022 11:28:45 GMT
Server: Apache
Last-Modified: Mon, 14 Aug 2017 15:10:38 GMT
Accept-Ranges: bytes
Content-Length: 36653
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
cabigoproperties.com/wp-content/themes/larx/style.css?ver=4.9.22
200 OK 4.7 kB URL HTTP/1.1 cabigoproperties.com/wp-content/themes/larx/style.css?ver=4.9.22
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash 8d1baf803804d74f9d4fd96fd6119745
2d5acdf2f993232d320c814cb549732840d80ba9
00e8a9b61fab5cddf9cac1ae4631b19ad9cb98081990f5e32f812628d659c666
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/larx/style.css?ver=4.9.22 HTTP/1.1
Host: cabigoproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cabigoproperties.com/tae/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 01 Nov 2022 11:28:45 GMT
Server: Apache
Last-Modified: Thu, 17 Aug 2017 14:25:55 GMT
Accept-Ranges: bytes
Content-Length: 4664
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
cabigoproperties.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
200 OK 31 kB URL HTTP/1.1 cabigoproperties.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (30837)
Hash 269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: cabigoproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cabigoproperties.com/tae/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 01 Nov 2022 11:28:45 GMT
Server: Apache
Last-Modified: Wed, 04 Apr 2018 09:52:37 GMT
Accept-Ranges: bytes
Content-Length: 31000
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
cabigoproperties.com/wp-content/plugins/indeed-affiliate-pro/assets/css/templates.css?ver=4.9.22
200 OK 178 kB URL HTTP/1.1 cabigoproperties.com/wp-content/plugins/indeed-affiliate-pro/assets/css/templates.css?ver=4.9.22
IP
ASN #24940 Hetzner Online GmbH
Size 178 kB (177845 bytes)
Hash fe417492274de9fa79a552be4575e6b0
ea4ef068e6cfe1f87623e3f96c44f26541d36369
47df1e9571da7a7bd657061af2595681daf8c627339c81b1ef6f00d843a33741
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/indeed-affiliate-pro/assets/css/templates.css?ver=4.9.22 HTTP/1.1
Host: cabigoproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cabigoproperties.com/tae/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 01 Nov 2022 11:28:45 GMT
Server: Apache
Last-Modified: Tue, 31 Jul 2018 11:09:58 GMT
Accept-Ranges: bytes
Content-Length: 177845
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
cabigoproperties.com/wp-content/themes/larx/assets/css/main.css?ver=4.9.22
200 OK 54 kB URL HTTP/1.1 cabigoproperties.com/wp-content/themes/larx/assets/css/main.css?ver=4.9.22
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (478), with CRLF line terminators
Hash 5c0fe522b19f31f3544b4fdf0930b451
66dcd1d4711a65d85e8711948a4f2cb68ae4eb8b
3ff8f160b9e3ef7fd4d29430125f8df1088d85d4db4d3f13c2315f52331519f5
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/larx/assets/css/main.css?ver=4.9.22 HTTP/1.1
Host: cabigoproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cabigoproperties.com/tae/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 01 Nov 2022 11:28:45 GMT
Server: Apache
Last-Modified: Mon, 14 Aug 2017 15:03:02 GMT
Accept-Ranges: bytes
Content-Length: 53516
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
cabigoproperties.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
200 OK 10 kB URL HTTP/1.1 cabigoproperties.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (9959)
Hash 7121994eec5320fbe6586463bf9651c2
90532aff6d4121954254cdf04994d834f7ec169b
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: cabigoproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cabigoproperties.com/tae/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 01 Nov 2022 11:28:45 GMT
Server: Apache
Last-Modified: Fri, 20 May 2016 05:11:28 GMT
Accept-Ranges: bytes
Content-Length: 10056
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
cabigoproperties.com/wp-content/plugins/indeed-affiliate-pro/assets/js/public.js
200 OK 17 kB URL HTTP/1.1 cabigoproperties.com/wp-content/plugins/indeed-affiliate-pro/assets/js/public.js
IP
ASN #24940 Hetzner Online GmbH
Hash 7fa9c45dbf856c005651807df143b30a
ae081f4b2863a1848f3c5e62d9b3f6fa9fe67f4d
e477df79e513433fdfe4cd4e9219f402e8b683f25115c7218801a218c8d4303e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/indeed-affiliate-pro/assets/js/public.js HTTP/1.1
Host: cabigoproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cabigoproperties.com/tae/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 01 Nov 2022 11:28:45 GMT
Server: Apache
Last-Modified: Tue, 31 Jul 2018 11:09:58 GMT
Accept-Ranges: bytes
Content-Length: 16859
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
cabigoproperties.com/wp-content/plugins/indeed-affiliate-pro/assets/js/jquery.form.js
200 OK 44 kB URL HTTP/1.1 cabigoproperties.com/wp-content/plugins/indeed-affiliate-pro/assets/js/jquery.form.js
IP
ASN #24940 Hetzner Online GmbH
Hash f9dcce540e0f08d07119c841b5232d0a
cfcf63e59f55139d00f794e22fbb86d9788a1cfa
53ba88b54ef92b3eda340351de84220a344eef9847ec4df0c78d848aa43fe8bc
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/indeed-affiliate-pro/assets/js/jquery.form.js HTTP/1.1
Host: cabigoproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cabigoproperties.com/tae/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 01 Nov 2022 11:28:45 GMT
Server: Apache
Last-Modified: Tue, 31 Jul 2018 11:09:58 GMT
Accept-Ranges: bytes
Content-Length: 43891
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
cabigoproperties.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
200 OK 97 kB URL HTTP/1.1 cabigoproperties.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (31997)
Hash dc5ba5044fccc0297be7b262ce669a7c
f137ff98ae379e35b0702967d3b6866a0a40e3be
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1
Host: cabigoproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cabigoproperties.com/tae/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 01 Nov 2022 11:28:45 GMT
Server: Apache
Last-Modified: Thu, 05 Sep 2019 02:33:44 GMT
Accept-Ranges: bytes
Content-Length: 96874
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
cabigoproperties.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.22
200 OK 12 kB URL HTTP/1.1 cabigoproperties.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.22
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (9063)
Hash fe0575b66568074463f12485d90f6d4c
aeedd9ab3b7874e63f647042963cb1301a38b391
647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=4.9.22 HTTP/1.1
Host: cabigoproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cabigoproperties.com/tae/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 01 Nov 2022 11:28:45 GMT
Server: Apache
Last-Modified: Wed, 23 Jun 2021 14:28:01 GMT
Accept-Ranges: bytes
Content-Length: 11943
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
cabigoproperties.com/wp-content/plugins/indeed-affiliate-pro/assets/js/jquery.uploadfile.min.js
200 OK 15 kB URL HTTP/1.1 cabigoproperties.com/wp-content/plugins/indeed-affiliate-pro/assets/js/jquery.uploadfile.min.js
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (14604)
Hash f27577f0703c84b0ebc3e5dfba5ef74d
825b73f12fdc008ece702a12ff143ebf2a83b34d
909565159d7251575fc2348ce0f9a00ba179b6e83820d02349eedc7253bc3ba0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/indeed-affiliate-pro/assets/js/jquery.uploadfile.min.js HTTP/1.1
Host: cabigoproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cabigoproperties.com/tae/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 01 Nov 2022 11:28:45 GMT
Server: Apache
Last-Modified: Tue, 31 Jul 2018 11:09:58 GMT
Accept-Ranges: bytes
Content-Length: 14772
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
cabigoproperties.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.3.1
200 OK 108 kB URL HTTP/1.1 cabigoproperties.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.3.1
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (27184), with CRLF line terminators
Size 108 kB (107526 bytes)
Hash e6b48b6ba78ddfe39bef9b6bf147543e
8950b7ef02baf1ea3a6bde99a613a5224216ab18
9a56320bb8bfb81dc997a1120c77ec017cffab4db5ba5482afb29129e0690540
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.3.1 HTTP/1.1
Host: cabigoproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cabigoproperties.com/tae/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 01 Nov 2022 11:28:45 GMT
Server: Apache
Last-Modified: Mon, 14 Aug 2017 15:10:38 GMT
Accept-Ranges: bytes
Content-Length: 107526
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
cabigoproperties.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.3.1
200 OK 62 kB URL HTTP/1.1 cabigoproperties.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.3.1
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (32020), with CRLF line terminators
Hash c6aad274820a8a57f2494d14b3497d66
2730c1917754ca911d61e62fea903e00b587c507
e1c96f6aa4b7b797791955bd3173fa7bf5407c91416b7ef4936805eccd28801f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.3.1 HTTP/1.1
Host: cabigoproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cabigoproperties.com/tae/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 01 Nov 2022 11:28:45 GMT
Server: Apache
Last-Modified: Mon, 14 Aug 2017 15:10:38 GMT
Accept-Ranges: bytes
Content-Length: 62391
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
cabigoproperties.com/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
200 OK 3.9 kB URL HTTP/1.1 cabigoproperties.com/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (3704)
Hash e6784d91bf2c668bc4093063c5b15113
687e1d2e957a821280dbd205ae66182f16dfdc30
194ebae85ff853319e8668f23a4c5bf371a7d9f5d550a40980ab53026ddaaa17
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.11.4 HTTP/1.1
Host: cabigoproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cabigoproperties.com/tae/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 01 Nov 2022 11:28:45 GMT
Server: Apache
Last-Modified: Wed, 23 Jun 2021 14:28:01 GMT
Accept-Ranges: bytes
Content-Length: 3929
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
cabigoproperties.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.1
200 OK 15 kB URL HTTP/1.1 cabigoproperties.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.1
IP
ASN #24940 Hetzner Online GmbH
Hash 7ed5bd9eec22bd9946b397ee4c978a9a
a2327cdc1c7b753fdbc4239e28b00ff717c71bdf
14b636e164af93d410a674e6479e7fa7f4a55fd7d11b1c608005bff6d413d02c
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.1 HTTP/1.1
Host: cabigoproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cabigoproperties.com/tae/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 01 Nov 2022 11:28:45 GMT
Server: Apache
Last-Modified: Wed, 04 Apr 2018 09:52:37 GMT
Accept-Ranges: bytes
Content-Length: 14551
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
cabigoproperties.com/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.11.4
200 OK 36 kB URL HTTP/1.1 cabigoproperties.com/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.11.4
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (35951)
Hash cb1f7699be677def94bc41a5d9da4f82
b1aff76bd04ba59abed8e19a71db339332d9e15d
131c19ca61ef3ab0c3199b1db78997ec2efb8327722cef4df46f09c4892d273d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/datepicker.min.js?ver=1.11.4 HTTP/1.1
Host: cabigoproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cabigoproperties.com/tae/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 01 Nov 2022 11:28:45 GMT
Server: Apache
Last-Modified: Wed, 23 Jun 2021 14:28:01 GMT
Accept-Ranges: bytes
Content-Length: 36176
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
cabigoproperties.com/wp-content/themes/larx/assets/plugins/bootstrap/js/bootstrap.min.js?ver=4.9.22
200 OK 32 kB URL HTTP/1.1 cabigoproperties.com/wp-content/themes/larx/assets/plugins/bootstrap/js/bootstrap.min.js?ver=4.9.22
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (31650), with CRLF line terminators
Hash 987facf80adec365394402f2026b943d
755f3cfcc389a89194926fef94c7ab250fc71242
36a326c783a12f72498d41fb32371da87fe0cbd1595248f3f154fd939f07f10c
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/larx/assets/plugins/bootstrap/js/bootstrap.min.js?ver=4.9.22 HTTP/1.1
Host: cabigoproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cabigoproperties.com/tae/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 01 Nov 2022 11:28:45 GMT
Server: Apache
Last-Modified: Mon, 14 Aug 2017 15:03:02 GMT
Accept-Ranges: bytes
Content-Length: 31824
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
cabigoproperties.com/wp-content/themes/larx/assets/js/retina.min.js?ver=4.9.22
200 OK 2.6 kB URL HTTP/1.1 cabigoproperties.com/wp-content/themes/larx/assets/js/retina.min.js?ver=4.9.22
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (2352)
Hash d6d3252daec57ca544ccd11bdbff701f
4534879a052d14dcbab3347220fc707fd9406503
772aed2cf700b617330eaacbdbd55ae8e1ef89a8747d2880f095c65d843ee02e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/larx/assets/js/retina.min.js?ver=4.9.22 HTTP/1.1
Host: cabigoproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cabigoproperties.com/tae/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 01 Nov 2022 11:28:45 GMT
Server: Apache
Last-Modified: Mon, 14 Aug 2017 15:03:02 GMT
Accept-Ranges: bytes
Content-Length: 2575
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 9c02f8cfeb5d8ec938bde86a8966f00d
7dc55d144bfbb789a8c7e5bf584697c2f2cd4e4f
55d5e19dccdd576ff492990021977abae84ee9acc24914f802880010c909f509
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 01 Nov 2022 11:28:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cabigoproperties.com/wp-content/themes/larx/assets/plugins/moderniz.js?ver=4.9.22
200 OK 30 kB URL HTTP/1.1 cabigoproperties.com/wp-content/themes/larx/assets/plugins/moderniz.js?ver=4.9.22
IP
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text, with very long lines (3738), with CRLF line terminators
Hash 85e1d248068ba6599c95c39d1cdfa309
ed9ab5d54ef5fcb93065fdd723bb5bbfd7c52f0d
68f73bcb03fbd108c12e02f61f10c8034fa101c59e3f386cac3b1a7befcbbbed
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/larx/assets/plugins/moderniz.js?ver=4.9.22 HTTP/1.1
Host: cabigoproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cabigoproperties.com/tae/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 01 Nov 2022 11:28:45 GMT
Server: Apache
Last-Modified: Mon, 14 Aug 2017 15:03:02 GMT
Accept-Ranges: bytes
Content-Length: 30169
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.digicert.com/
200 OK 280 B IP
Hash 8854b0262a26752d04b3ec8f4667c716
03f7a90f6c13ef37945f344341b9cee5f975f155
6b0318286c9e72841df213f7b2861baebc94f62860948f7d134e265a38130b43
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4469
Cache-Control: max-age=129520
Content-Type: application/ocsp-response
Date: Tue, 01 Nov 2022 11:28:45 GMT
Etag: "63604868-118"
Expires: Wed, 02 Nov 2022 23:27:25 GMT
Last-Modified: Mon, 31 Oct 2022 22:12:56 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 280
cabigoproperties.com/wp-content/themes/larx/assets/plugins/jquery.sticky.js?ver=4.9.22
200 OK 5.8 kB URL HTTP/1.1 cabigoproperties.com/wp-content/themes/larx/assets/plugins/jquery.sticky.js?ver=4.9.22
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash 4c4f1df9b09ba35c61344c57f92c6fe6
a86122806e3a0d9d3b08ff2055fe56575b8434c8
a5f2bb400b6d2e698089321adabbef2f7d758b1cd6dc97d98de231d2bfba8591
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/larx/assets/plugins/jquery.sticky.js?ver=4.9.22 HTTP/1.1
Host: cabigoproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cabigoproperties.com/tae/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 01 Nov 2022 11:28:45 GMT
Server: Apache
Last-Modified: Mon, 14 Aug 2017 15:03:02 GMT
Accept-Ranges: bytes
Content-Length: 5824
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 9c02f8cfeb5d8ec938bde86a8966f00d
7dc55d144bfbb789a8c7e5bf584697c2f2cd4e4f
55d5e19dccdd576ff492990021977abae84ee9acc24914f802880010c909f509
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 01 Nov 2022 11:28:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cabigoproperties.com/wp-content/plugins/clickdesk-live-support-chat-plugin/js/widget.js?ver=1.0.1
200 OK 491 B URL HTTP/1.1 cabigoproperties.com/wp-content/plugins/clickdesk-live-support-chat-plugin/js/widget.js?ver=1.0.1
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash f37f194ddbf370f93d13068521a52ca1
116307a2cab2fb1721e0ece70bb8e54e86a8d7d4
74a59b448e97098501f77c0d2dbedf03157ba1fa62163f0d64f37035b3be4719
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/clickdesk-live-support-chat-plugin/js/widget.js?ver=1.0.1 HTTP/1.1
Host: cabigoproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cabigoproperties.com/tae/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 01 Nov 2022 11:28:45 GMT
Server: Apache
Last-Modified: Thu, 24 Aug 2017 07:45:31 GMT
Accept-Ranges: bytes
Content-Length: 491
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 2ff8f7daa3e3cf5fd5bd540f75584790
a751a98efc3dc413002861eaa50f4bee27f67546
404550d1969f2e833e4e907df558c9980e77f7c77f2b0bce81c0b5dd0a69a1e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 01 Nov 2022 11:28:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cabigoproperties.com/wp-content/themes/larx/assets/plugins/parallax.min.js?ver=4.9.22
200 OK 6.1 kB URL HTTP/1.1 cabigoproperties.com/wp-content/themes/larx/assets/plugins/parallax.min.js?ver=4.9.22
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (5890)
Hash 4cbd6ebe2d985932411a5f884cd0ffe0
015238a2558b85ee95007f9028285715b9bfb7ab
9f478a91163c4b569e5bc2a46a2ca28bff93e2772912aa186f8ab0e4778c7172
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/larx/assets/plugins/parallax.min.js?ver=4.9.22 HTTP/1.1
Host: cabigoproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cabigoproperties.com/tae/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 01 Nov 2022 11:28:45 GMT
Server: Apache
Last-Modified: Mon, 14 Aug 2017 15:03:02 GMT
Accept-Ranges: bytes
Content-Length: 6073
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
cabigoproperties.com/wp-content/themes/larx/assets/js/app.js?ver=4.9.22
200 OK 1.8 kB URL HTTP/1.1 cabigoproperties.com/wp-content/themes/larx/assets/js/app.js?ver=4.9.22
IP
ASN #24940 Hetzner Online GmbH
Hash e0d6efec328b3df32b5b7bbd261366f6
2f334a0c7b77ab7c82d1c3a728f1dd9eb89dcd5f
1b9d976f1f9fe6d857fa63aba2acfb89a8e028e13d76f96887474f72f23e78db
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/larx/assets/js/app.js?ver=4.9.22 HTTP/1.1
Host: cabigoproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cabigoproperties.com/tae/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 01 Nov 2022 11:28:45 GMT
Server: Apache
Last-Modified: Mon, 14 Aug 2017 15:03:02 GMT
Accept-Ranges: bytes
Content-Length: 1825
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 9c02f8cfeb5d8ec938bde86a8966f00d
7dc55d144bfbb789a8c7e5bf584697c2f2cd4e4f
55d5e19dccdd576ff492990021977abae84ee9acc24914f802880010c909f509
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 01 Nov 2022 11:28:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cabigoproperties.com/wp-includes/js/wp-embed.min.js?ver=4.9.22
200 OK 1.4 kB URL HTTP/1.1 cabigoproperties.com/wp-includes/js/wp-embed.min.js?ver=4.9.22
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1391), with no line terminators
Hash 570ae0f3c201604926ea599d3d1f6c04
2c29243a73660964d4712b969d2a15e27777bc14
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/wp-embed.min.js?ver=4.9.22 HTTP/1.1
Host: cabigoproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cabigoproperties.com/tae/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 01 Nov 2022 11:28:45 GMT
Server: Apache
Last-Modified: Wed, 23 Jun 2021 14:28:01 GMT
Accept-Ranges: bytes
Content-Length: 1391
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
cabigoproperties.com/wp-content/themes/larx/assets/plugins/bg-animation.js?ver=4.9.22
200 OK 2.5 kB URL HTTP/1.1 cabigoproperties.com/wp-content/themes/larx/assets/plugins/bg-animation.js?ver=4.9.22
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash d01e23c656bb53494b1c05d3c8ceea5e
d27c1a1f65059feedfb1fe85710df02a5cfff977
4f7acf20fd14be19ff3eb9c33d6b879252a8a24496e17a0b41aa72c061345298
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/larx/assets/plugins/bg-animation.js?ver=4.9.22 HTTP/1.1
Host: cabigoproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cabigoproperties.com/tae/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 01 Nov 2022 11:28:45 GMT
Server: Apache
Last-Modified: Mon, 14 Aug 2017 15:03:02 GMT
Accept-Ranges: bytes
Content-Length: 2508
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.googletagmanager.com/gtag/js?id=UA-113472950-1
200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-113472950-1
IP
File type ASCII text, with very long lines (1296)
Hash 2c67dc9fb0ed37913fb4a9c1696e5ac7
aaa5a67b38221ca9d827e4f65ac1ee47b031d912
deae6029c5220ffa0842149947368e20dd7a2dbaf6c6ddec087f3d32b03bb385
GET /gtag/js?id=UA-113472950-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cabigoproperties.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 01 Nov 2022 11:28:45 GMT
expires: Tue, 01 Nov 2022 11:28:45 GMT
cache-control: private, max-age=900
last-modified: Tue, 01 Nov 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43684
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 9c02f8cfeb5d8ec938bde86a8966f00d
7dc55d144bfbb789a8c7e5bf584697c2f2cd4e4f
55d5e19dccdd576ff492990021977abae84ee9acc24914f802880010c909f509
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 01 Nov 2022 11:28:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 2ff8f7daa3e3cf5fd5bd540f75584790
a751a98efc3dc413002861eaa50f4bee27f67546
404550d1969f2e833e4e907df558c9980e77f7c77f2b0bce81c0b5dd0a69a1e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 01 Nov 2022 11:28:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cabigoproperties.com/wp-content/themes/larx/assets/css/style-dynamic.php?ver=4.9.22
200 OK 3.2 kB URL HTTP/1.1 cabigoproperties.com/wp-content/themes/larx/assets/css/style-dynamic.php?ver=4.9.22
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash 552ab12a7e46181178d4966104e753c2
e68c270178f5cfd768c01ac05d29d9c40f63d898
f85658726f77c6f2ca26d746da401c9d1a797a52dae69f9b6405a5ee7c02432f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/larx/assets/css/style-dynamic.php?ver=4.9.22 HTTP/1.1
Host: cabigoproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cabigoproperties.com/tae/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 01 Nov 2022 11:28:45 GMT
Server: Apache
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css;;charset=UTF-8
cabigoproperties.com/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
200 OK 77 kB URL HTTP/1.1 cabigoproperties.com/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
ASN #24940 Hetzner Online GmbH
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: cabigoproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://cabigoproperties.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 01 Nov 2022 11:28:46 GMT
Server: Apache
Last-Modified: Wed, 04 Apr 2018 09:52:37 GMT
Accept-Ranges: bytes
Content-Length: 77160
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: font/woff2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash a83e1b471c9170b115bb17be15dec6e0
4ecf78fbf48c50a11aaf863e19d885e838942cd4
efcb6f590daaf9a6974426ab1b2fe7a68b43fe4eb1b28eeaeac17f45935e5a49
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 01 Nov 2022 11:28:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash a83e1b471c9170b115bb17be15dec6e0
4ecf78fbf48c50a11aaf863e19d885e838942cd4
efcb6f590daaf9a6974426ab1b2fe7a68b43fe4eb1b28eeaeac17f45935e5a49
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 01 Nov 2022 11:28:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Open+Sans:100,400,300,500,600,700
200 OK 46 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:100,400,300,500,600,700
IP
Hash 22f15a6a7881d0b8a90ea787e18d5de3
06d03d713c772b9fc71169c5986cd9ad2959e6cc
c8ba7f319dcc484d21906d947b68d3bbc5452d7051d9db24505de0fb9e53a682
GET /css?family=Open+Sans:100,400,300,500,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cabigoproperties.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 01 Nov 2022 11:28:45 GMT
date: Tue, 01 Nov 2022 11:28:45 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.mailerlite.com/css/universal.css?v4
200 OK 812 B URL HTTP/2 static.mailerlite.com/css/universal.css?v4
IP
Hash 2522762246cb3278b85918bc8e60e7f7
28ff6a8e7826a482cae9e7db9f4190e698b89a28
79c34f268aa4bcaafd48e773f5dae3ef560646eadb290ad05e392cde3a701802
GET /css/universal.css?v4 HTTP/1.1
Host: static.mailerlite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cabigoproperties.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 01 Nov 2022 11:28:46 GMT
content-type: text/css
last-modified: Mon, 31 Oct 2022 12:23:02 GMT
vary: Accept-Encoding
etag: W/"635fbe26-30e"
strict-transport-security: max-age=63072000
via: 1.1 google
cf-cache-status: HIT
age: 250
expires: Sun, 06 Nov 2022 11:28:46 GMT
cache-control: public, max-age=432000
server: cloudflare
cf-ray: 763449f07a081c02-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 93a1ec02804f04f732c1cb4092c09791
1afcde916d3fa34cc87b73815f6ce2edd849459e
c2c613b51c694b92aba163e8c1cb0e273cf5fa088d6712b65572556c6c4b32e7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3707
Cache-Control: max-age=90977
Content-Type: application/ocsp-response
Date: Tue, 01 Nov 2022 11:28:46 GMT
Etag: "635fb4d4-1d7"
Expires: Wed, 02 Nov 2022 12:45:03 GMT
Last-Modified: Mon, 31 Oct 2022 11:43:16 GMT
Server: ECS (amb/6B97)
X-Cache: HIT
Content-Length: 471
my.clickdesk.com/clickdesk-ui/browser/livechat-new.js
200 OK 445 B URL HTTP/2 my.clickdesk.com/clickdesk-ui/browser/livechat-new.js
IP
File type ASCII text, with very long lines (804), with no line terminators
Hash de2b08853849df82dbc6a70ed632198b
370f44450b8a6b8e7bbdae5486b3bbe2870c1a41
83e7386a39ae45ef8de28316a28a24f83911c2e670486efca6d36a5c04a5dbb3
GET /clickdesk-ui/browser/livechat-new.js HTTP/1.1
Host: my.clickdesk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cabigoproperties.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-cloud-trace-context: 1b8087f55411e966362658f667a50ea2
content-encoding: gzip
server: Google Frontend
content-length: 445
date: Tue, 01 Nov 2022 11:02:55 GMT
expires: Tue, 01 Nov 2022 12:02:55 GMT
cache-control: public, max-age=3600
age: 1551
etag: "RQgK4w"
content-type: application/javascript
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f286e64f8de8d0158fe2a83cea74da23
b0e9fd228565aaf58ec455d743e39559a548fdbb
21c7fb0f3d2486d6655b5d6817dd90faafa18836c820a684215f9a29f1a4451c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "21C7FB0F3D2486D6655B5D6817DD90FAAFA18836C820A684215F9A29F1A4451C"
Last-Modified: Mon, 31 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7972
Expires: Tue, 01 Nov 2022 13:41:38 GMT
Date: Tue, 01 Nov 2022 11:28:46 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f286e64f8de8d0158fe2a83cea74da23
b0e9fd228565aaf58ec455d743e39559a548fdbb
21c7fb0f3d2486d6655b5d6817dd90faafa18836c820a684215f9a29f1a4451c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "21C7FB0F3D2486D6655B5D6817DD90FAAFA18836C820A684215F9A29F1A4451C"
Last-Modified: Mon, 31 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7972
Expires: Tue, 01 Nov 2022 13:41:38 GMT
Date: Tue, 01 Nov 2022 11:28:46 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffbc7baad-e067-4cde-8525-ef8356465601.jpeg
200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffbc7baad-e067-4cde-8525-ef8356465601.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 44a43638c497d10c7fa7dadd6a6afeb9
893fb3f21b144d0e3a810a2314ffaa7e8e40818c
605355c2b14d335aabfd83a6fa49d61fb804388d6a156c8d47fbbb127f932ca6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffbc7baad-e067-4cde-8525-ef8356465601.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7531
x-amzn-requestid: 36cd2bee-2c06-4195-9b27-8a6e218694da
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: a47IuF1nIAMFrBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63603f04-04202d745190ba251e14785c;Sampled=0
x-amzn-remapped-date: Mon, 31 Oct 2022 21:32:52 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: VqMJ5xa4fKEFjM8ioRilgqN0DMxQjXOAYCPFq30hEcIVlI8AqNZulA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 31 Oct 2022 21:50:40 GMT
age: 49086
etag: "893fb3f21b144d0e3a810a2314ffaa7e8e40818c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f286e64f8de8d0158fe2a83cea74da23
b0e9fd228565aaf58ec455d743e39559a548fdbb
21c7fb0f3d2486d6655b5d6817dd90faafa18836c820a684215f9a29f1a4451c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "21C7FB0F3D2486D6655B5D6817DD90FAAFA18836C820A684215F9A29F1A4451C"
Last-Modified: Mon, 31 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7972
Expires: Tue, 01 Nov 2022 13:41:38 GMT
Date: Tue, 01 Nov 2022 11:28:46 GMT
Connection: keep-alive
d1gwclp1pmzk26.cloudfront.net/livechat-cloud-new.js
200 OK 455 B URL HTTP/1.1 d1gwclp1pmzk26.cloudfront.net/livechat-cloud-new.js
IP
File type ASCII text, with very long lines (791), with no line terminators
Hash 084380edc50016029e7866ad51f124ea
00e8ba2803182343cd42891f56317c20eb7ce258
a595a448c1ded5731458e0f5ac99a736641f2b13685ee134382a77bf0c12a68d
GET /livechat-cloud-new.js HTTP/1.1
Host: d1gwclp1pmzk26.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cabigoproperties.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.2.4
Last-Modified: Fri, 08 May 2020 15:02:50 GMT
Content-Encoding: gzip
Date: Wed, 05 Oct 2022 00:25:39 GMT
Expires: Fri, 04 Nov 2022 00:25:39 GMT
Cache-Control: max-age=2592000, public
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: NEu-czBv2gMkY3805mioo8csEqUSJArPQoNjBOm_tRJsffoycs8bFA==
Age: 2371341
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F870b6a56-8e8b-4d96-b7fc-d01d12918f34.jpeg
200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F870b6a56-8e8b-4d96-b7fc-d01d12918f34.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b1447ed9251d68d1247d794e599940ba
e665dbd5ff52eb3821ef8f20bf68e062735e8cc1
e9c285b9251938b3be1f78de42673102566732dc3ebdc216ad78d27bea775a35
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F870b6a56-8e8b-4d96-b7fc-d01d12918f34.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4592
x-amzn-requestid: a24e40d7-41fd-40b4-84fb-aa8893dddebb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: a49JIHfOoAMFuyA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6360423a-217c4b2b3fa121d6684fe27b;Sampled=0
x-amzn-remapped-date: Mon, 31 Oct 2022 21:46:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: GrzVxGuoND0p5dXaO7Tz2Nmah7j9FvhjAaSuaIte0KjSfzXN_DRlKQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 31 Oct 2022 21:46:43 GMT
age: 49323
etag: "e665dbd5ff52eb3821ef8f20bf68e062735e8cc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f286e64f8de8d0158fe2a83cea74da23
b0e9fd228565aaf58ec455d743e39559a548fdbb
21c7fb0f3d2486d6655b5d6817dd90faafa18836c820a684215f9a29f1a4451c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "21C7FB0F3D2486D6655B5D6817DD90FAAFA18836C820A684215F9A29F1A4451C"
Last-Modified: Mon, 31 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7972
Expires: Tue, 01 Nov 2022 13:41:38 GMT
Date: Tue, 01 Nov 2022 11:28:46 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f286e64f8de8d0158fe2a83cea74da23
b0e9fd228565aaf58ec455d743e39559a548fdbb
21c7fb0f3d2486d6655b5d6817dd90faafa18836c820a684215f9a29f1a4451c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "21C7FB0F3D2486D6655B5D6817DD90FAAFA18836C820A684215F9A29F1A4451C"
Last-Modified: Mon, 31 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7972
Expires: Tue, 01 Nov 2022 13:41:38 GMT
Date: Tue, 01 Nov 2022 11:28:46 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43a2ca39-70e2-4cc7-b378-65317cca7969.jpeg
200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43a2ca39-70e2-4cc7-b378-65317cca7969.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 55f392ea73e9746f7edb30e319646c4b
09b052e39f5493c2c2b79d92e81e510aeffbfcb4
9a5b1575ed3a943be74e212f41f122178dcf4c89ef0d78eb8cc761508cd453d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43a2ca39-70e2-4cc7-b378-65317cca7969.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9023
x-amzn-requestid: 599a15c5-bd47-4c30-91e5-b445da7e66f9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: apwvQHCsIAMFWlg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635a2e61-1d36740311e6b1e531d44767;Sampled=0
x-amzn-remapped-date: Thu, 27 Oct 2022 07:08:17 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: uchqnCPglDy6DsLjM-7A1Df4hvJ_XeKZJOyqFs7hIb27ZyP14qz-Ew==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 31 Oct 2022 13:42:50 GMT
age: 78356
etag: "09b052e39f5493c2c2b79d92e81e510aeffbfcb4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cabigoproperties.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 01 Nov 2022 10:41:09 GMT
expires: Tue, 01 Nov 2022 12:41:09 GMT
cache-control: public, max-age=7200
age: 2857
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.mailerlite.com/users/login/
302 Found 13 kB URL HTTP/2 static.mailerlite.com/users/login/
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 281dca95523260bde1cbf14f8c94a0ba
029b2b42401a705d079349e54d344644d52a66e6
4f22b40e7032e53dfa13055863b28c7a83b50454f7ffd77f72f4baab847aa3fa
GET /users/login/ HTTP/1.1
Host: static.mailerlite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cabigoproperties.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Tue, 01 Nov 2022 11:28:46 GMT
content-type: text/html; charset=utf-8
location: https://www.mailerlite.com
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR HONK CAO PSA OUR"
set-cookie: PHPSESSID=9323f7d3e12394f82c6959770cc5bb1c; path=/; secure; SameSite=Lax
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=63072000
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 763449f15ad41c02-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash f383658dc0a4c3d266c7a94f48b68945
02ece923bba113325e620e2778c7566eace3d288
566920c0c4f433b5045facfd86ef90d332de7c35b21f99212c4d204a3a02dab0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6475
Cache-Control: max-age=170035
Content-Type: application/ocsp-response
Date: Tue, 01 Nov 2022 11:28:46 GMT
Etag: "6360ded6-1d7"
Expires: Thu, 03 Nov 2022 10:42:41 GMT
Last-Modified: Tue, 01 Nov 2022 08:54:46 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F89601606-2e4d-4b62-aeeb-7e8997a52ce3.jpeg
200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F89601606-2e4d-4b62-aeeb-7e8997a52ce3.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9bf7660b9e00a5f8d8f679acedb380a9
958646e7e4853effc9e36623d52ea689ebfba4a5
44c542b354d59190c5b0c8e617ce50f97ba9fa7ab53bf38f12f631baa036c753
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F89601606-2e4d-4b62-aeeb-7e8997a52ce3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7082
x-amzn-requestid: 4091af6c-12db-4170-bff5-427fc438996a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: a4856GKOoAMFy7A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636041d8-12b6531565ef9701489867f3;Sampled=0
x-amzn-remapped-date: Mon, 31 Oct 2022 21:44:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _xbd2-UlCzc7l85GTu8sWkHb2zTD5a1hOQf9VIffktjSyzWQeMH-8w==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Mon, 31 Oct 2022 22:02:10 GMT
age: 48396
etag: "958646e7e4853effc9e36623d52ea689ebfba4a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4402157-b00a-4732-b2df-0f3e2b655219.jpeg
200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4402157-b00a-4732-b2df-0f3e2b655219.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f09a2a14bf888ca33df5b059c73f89f8
289a0c698c3a826f0614f6dec56d15c2c3320519
946007230f6cdd732a1c6bf3aa4073738ac426cdfda843cd9a9981f122fb8608
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4402157-b00a-4732-b2df-0f3e2b655219.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4456
x-amzn-requestid: 58bbf579-518e-4db6-b5a7-729aa207437e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: a47JZH56oAMFraw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63603f08-6c2770552a9f25b14ac3e32a;Sampled=0
x-amzn-remapped-date: Mon, 31 Oct 2022 21:32:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: CXGpDRQzYxI-0aHpKiU-GhPoEJaKEdn9k5AYJqlx3rUvpMG2IVp-Ew==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Mon, 31 Oct 2022 21:50:40 GMT
age: 49086
etag: "289a0c698c3a826f0614f6dec56d15c2c3320519"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP
File type ASCII text, with very long lines (64348)
Hash 0ac10debd3a9ea8147a26d045bb93e6e
ff45f3442508e8695f2303701682ebdb6e016464
5dee7b453b2c72c07ff1d62432493a044507835a8031ea62edf2fa7cc26219b9
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cabigoproperties.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: c5X37cTL2kgT+GIdeswoxHexm+n+o7sKhuceJ2AH8d5Cc2Q7RfS6+B5NDpo1QtHcjPVF4oYZDBZ0goIEYta84w==
priority: u=3,i
content-length: 27337
x-fb-trip-id: 1904183273
date: Tue, 01 Nov 2022 11:28:46 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cabigoproperties.com/favicon.ico
200 OK 0 B URL HTTP/1.1 cabigoproperties.com/favicon.ico
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: cabigoproperties.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cabigoproperties.com/tae/qakbot.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 01 Nov 2022 11:28:46 GMT
Server: Apache
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/vnd.microsoft.icon
ocsp.digicert.com/
200 OK 471 B IP
Hash f383658dc0a4c3d266c7a94f48b68945
02ece923bba113325e620e2778c7566eace3d288
566920c0c4f433b5045facfd86ef90d332de7c35b21f99212c4d204a3a02dab0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6475
Cache-Control: max-age=170035
Content-Type: application/ocsp-response
Date: Tue, 01 Nov 2022 11:28:46 GMT
Etag: "6360ded6-1d7"
Expires: Thu, 03 Nov 2022 10:42:41 GMT
Last-Modified: Tue, 01 Nov 2022 08:54:46 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
d1gwclp1pmzk26.cloudfront.net/4-8/widget-js/browser/min/livechat-v2.js
200 OK 98 kB URL HTTP/1.1 d1gwclp1pmzk26.cloudfront.net/4-8/widget-js/browser/min/livechat-v2.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 29cb1eb884ee29f2cc0c6e04cdd81289
5c3b3042ef42f766fefee733aa380558707b990a
3747b61fb2bcf095e3d696f2bce23fbfeab56bed0c81eb77096f5fd673864a15
GET /4-8/widget-js/browser/min/livechat-v2.js HTTP/1.1
Host: d1gwclp1pmzk26.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cabigoproperties.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.2.4
Date: Tue, 04 Oct 2022 03:13:51 GMT
Last-Modified: Fri, 08 May 2020 13:57:00 GMT
Expires: Thu, 03 Nov 2022 03:13:51 GMT
Cache-Control: max-age=2592000, public
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: h7t0LxXGjWEXG0X7u7yzXpYZi11Y4nnbl9ajxGRDhZoKiJA57ITxsQ==
Age: 2447649
www.facebook.com/tr/?id=1536088459779953&ev=PageView&dl=https%3A%2F%2Fcabigoproperties.com%2Ftae%2Fqakbot.zip&rl=&if=false&ts=1667302121511&cd[source]=wordpress&cd[version]=4.9.22&cd[pluginVersion]=1.7.5&sw=1280&sh=1024&v=2.9.89&r=stable&a=wordpress-4.9.22-1.7.5&ec=0&o=28&fbp=fb.1.1667302121510.1485604592&it=1667302121319&coo=false&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1536088459779953&ev=PageView&dl=https%3A%2F%2Fcabigoproperties.com%2Ftae%2Fqakbot.zip&rl=&if=false&ts=1667302121511&cd[source]=wordpress&cd[version]=4.9.22&cd[pluginVersion]=1.7.5&sw=1280&sh=1024&v=2.9.89&r=stable&a=wordpress-4.9.22-1.7.5&ec=0&o=28&fbp=fb.1.1667302121510.1485604592&it=1667302121319&coo=false&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1536088459779953&ev=PageView&dl=https%3A%2F%2Fcabigoproperties.com%2Ftae%2Fqakbot.zip&rl=&if=false&ts=1667302121511&cd[source]=wordpress&cd[version]=4.9.22&cd[pluginVersion]=1.7.5&sw=1280&sh=1024&v=2.9.89&r=stable&a=wordpress-4.9.22-1.7.5&ec=0&o=28&fbp=fb.1.1667302121510.1485604592&it=1667302121319&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cabigoproperties.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Tue, 01 Nov 2022 11:28:47 GMT
X-Firefox-Spdy: h2
my.clickdesk.com/rest/visitor/widget/preferences?widget_id=all_ag9zfmNsaWNrZGVza2NoYXRyEgsSBXVzZXJzGICAoN_i5qAJDA&url=https%3A%2F%2Fcabigoproperties.com%2Ftae%2Fqakbot.zip
200 OK 1.5 kB URL HTTP/2 my.clickdesk.com/rest/visitor/widget/preferences?widget_id=all_ag9zfmNsaWNrZGVza2NoYXRyEgsSBXVzZXJzGICAoN_i5qAJDA&url=https%3A%2F%2Fcabigoproperties.com%2Ftae%2Fqakbot.zip
IP
File type ASCII text, with very long lines (4028), with no line terminators
Hash b0dd953b3e4ab5e71255e3bab04e5175
629f8cfc46b08c0f536e218e62a9644ebcd2b6b3
674791a4337952a6ecdc6697efa7bb05f062b4a37e88920dee56fbe2b8372226
GET /rest/visitor/widget/preferences?widget_id=all_ag9zfmNsaWNrZGVza2NoYXRyEgsSBXVzZXJzGICAoN_i5qAJDA&url=https%3A%2F%2Fcabigoproperties.com%2Ftae%2Fqakbot.zip HTTP/1.1
Host: my.clickdesk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cabigoproperties.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
expires: Tue, 01 Nov 2022 11:28:47 GMT
content-type: application/x-javascript;charset="utf-8"
content-encoding: gzip
x-cloud-trace-context: 7f761a292aa23247f105d337e5e78c40
vary: Accept-Encoding
date: Tue, 01 Nov 2022 11:28:47 GMT
server: Google Frontend
cache-control: private
content-length: 1544
X-Firefox-Spdy: h2
d1gwclp1pmzk26.cloudfront.net/img/warning.png
200 OK 989 B URL HTTP/1.1 d1gwclp1pmzk26.cloudfront.net/img/warning.png
IP
File type PNG image data, 39 x 34, 8-bit/color RGBA, non-interlaced\012- data
Hash 7275c06a13b7c962c59bde97e4616902
3a99efbceb780f22a7fb825455b9e9e628788769
bcf956daf4d2b299454751fb4120fe95e1c0f262d9c0a25f72dd83cfadcddeee
GET /img/warning.png HTTP/1.1
Host: d1gwclp1pmzk26.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cabigoproperties.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 989
Connection: keep-alive
Server: nginx/1.2.4
Last-Modified: Tue, 22 Nov 2016 04:38:30 GMT
Accept-Ranges: bytes
Date: Thu, 27 Oct 2022 19:01:43 GMT
Expires: Sat, 26 Nov 2022 18:39:11 GMT
Cache-Control: max-age=2592000, public
X-Cache: Hit from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 3zXPQUdzwm5WjtUr95-ZW01Ow8rQBC3gsKuVguil-9E_Ix_j8JrpHw==
Age: 404907
d1gwclp1pmzk26.cloudfront.net/img/ajax-loader-cursor.gif
200 OK 545 B URL HTTP/1.1 d1gwclp1pmzk26.cloudfront.net/img/ajax-loader-cursor.gif
IP
File type GIF image data, version 89a, 16 x 11\012- data
Hash fb947b5107ee9a4cbb1a7299459d46ae
a9ac1353c702d1d8bd7b1816ce7e4411b6ec14bf
01660019227d7e88b38c8ff7ec68f7d110725dc8ca92db6b2dd2892dfc519d4c
GET /img/ajax-loader-cursor.gif HTTP/1.1
Host: d1gwclp1pmzk26.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cabigoproperties.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 545
Connection: keep-alive
Server: nginx/1.2.4
Date: Wed, 26 Oct 2022 01:14:36 GMT
Last-Modified: Tue, 22 Nov 2016 04:38:29 GMT
Expires: Fri, 25 Nov 2022 01:14:36 GMT
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes
X-Cache: Hit from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: qFw4ofhbGfBb6H_KTzKg4uTMWQsl1xzEzjqTIhtAUHv5GBNeoO_4Fg==
Age: 553984
d1gwclp1pmzk26.cloudfront.net/4-8/widget-css/ultra/packed/241b3b.css
200 OK 12 kB URL HTTP/1.1 d1gwclp1pmzk26.cloudfront.net/4-8/widget-css/ultra/packed/241b3b.css
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 977df921669e1562dafc911721c37d6d
e0b201a6e70202bb520d8ff4956a30c3e83e9ee6
352375ac8a53515e3158a981d59d62d6f229bf0cf3da3e7aed64653db97ec0e3
GET /4-8/widget-css/ultra/packed/241b3b.css HTTP/1.1
Host: d1gwclp1pmzk26.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cabigoproperties.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.2.4
Last-Modified: Fri, 08 May 2020 13:56:59 GMT
Content-Encoding: gzip
Date: Wed, 26 Oct 2022 01:59:44 GMT
Expires: Fri, 25 Nov 2022 01:59:44 GMT
Cache-Control: max-age=2592000, public
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ESPGJ6tnFYTRbXgTfehani26Y4MNAC461QWMjh2mDyGY735ihGRTrw==
Age: 551276
d1gwclp1pmzk26.cloudfront.net/clickdesk-ui/browser/img/ultra-modern-sprite.png
200 OK 543 B URL HTTP/1.1 d1gwclp1pmzk26.cloudfront.net/clickdesk-ui/browser/img/ultra-modern-sprite.png
IP
File type PNG image data, 239 x 79, 8-bit colormap, non-interlaced\012- data
Hash 9c492b95a8a4fb4919d69f3ca3c26cd2
64c399255ec3c1392d20f955fd68a4921c7aadb1
d6ec0348904cffe3297768882553fe5a2cc14bb4b7b38ae1ac858eef2f35a337
GET /clickdesk-ui/browser/img/ultra-modern-sprite.png HTTP/1.1
Host: d1gwclp1pmzk26.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d1gwclp1pmzk26.cloudfront.net/4-8/widget-css/ultra/packed/241b3b.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 543
Connection: keep-alive
Server: nginx/1.2.4
Date: Thu, 06 Oct 2022 05:07:55 GMT
Last-Modified: Wed, 05 Feb 2014 12:14:53 GMT
Expires: Sat, 05 Nov 2022 05:07:55 GMT
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes
X-Cache: Hit from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 9QcbirxB0DNC1ZOlE3Gi6rWby5QFLtWWFZ2sFIsX3D1vTH_B-COlRA==
Age: 2268004
my.clickdesk.com/rest/visitor/proactive?widget_id=all_ag9zfmNsaWNrZGVza2NoYXRyEgsSBXVzZXJzGICAoN_i5qAJDA&callback=json40466782089145646
200 OK 616 B URL HTTP/2 my.clickdesk.com/rest/visitor/proactive?widget_id=all_ag9zfmNsaWNrZGVza2NoYXRyEgsSBXVzZXJzGICAoN_i5qAJDA&callback=json40466782089145646
IP
File type ASCII text, with very long lines (2211), with CRLF line terminators
Hash 25ccf6c94f3fc218cd9fe65b3da041ad
4be8fa40345d6924bd69eaa278d01950f6b5ab80
b829c416334e0bd59d0f8586be5c9af81a86a914551b7ad220cc4fd24f34ef1a
GET /rest/visitor/proactive?widget_id=all_ag9zfmNsaWNrZGVza2NoYXRyEgsSBXVzZXJzGICAoN_i5qAJDA&callback=json40466782089145646 HTTP/1.1
Host: my.clickdesk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cabigoproperties.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript;charset="utf-8"
content-encoding: gzip
x-cloud-trace-context: 1579ed407499591ecf0b2eb5372305f3
vary: Accept-Encoding
date: Tue, 01 Nov 2022 11:28:47 GMT
server: Google Frontend
cache-control: private
content-length: 616
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 6ad09de70e072b50cb1ad00532be000c
10510a818606bd58217a599ec8968a7d343cb485
b3066eff581ad5728e5c7a70823452a3145bd26ada52086b80e679b1d8d87c82
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=90937
Date: Tue, 01 Nov 2022 11:28:47 GMT
Etag: "635fb098-1d7"
Expires: Wed, 02 Nov 2022 12:44:24 GMT
Last-Modified: Mon, 31 Oct 2022 11:25:12 GMT
Server: ECS (bsa/EB17)
X-Cache: Miss from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: k8z3eszzCSHf7i5F390rx7p9vfaCyYzDc6lxbonHEGrJmq06mQ5tkA==
Age: 4752
s3.amazonaws.com/agilecrm/panel/uploaded-logo/1515658950393?id=upload-container
200 OK 185 kB URL HTTP/1.1 s3.amazonaws.com/agilecrm/panel/uploaded-logo/1515658950393?id=upload-container
IP
File type PNG image data, 340 x 340, 8-bit/color RGBA, non-interlaced\012- data
Size 185 kB (185004 bytes)
Hash 4feaacb3d67b8efe7861c59577403d68
65b847f6fb9bd451b65165487a92bd6cb598321a
0f58f4842797ccb6856f244834fa6885dc9c26e704d1639d34c7903548b01cba
GET /agilecrm/panel/uploaded-logo/1515658950393?id=upload-container HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cabigoproperties.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: A7OPMyN1SOhVThjRikLrWGHOwwZbg3UxG8v1h8qO4HQAi6wscq/QeZin3QCfsgDsrrLm01M1Ylk=
x-amz-request-id: XR6RE1WKKSZTAZP3
Date: Tue, 01 Nov 2022 11:28:48 GMT
Last-Modified: Thu, 11 Jan 2018 08:22:49 GMT
ETag: "4feaacb3d67b8efe7861c59577403d68"
Accept-Ranges: bytes
Content-Type: image/*
Server: AmazonS3
Content-Length: 185004
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbda5ce4b-af3b-4a54-90ae-66ca2bd79c74.jpeg
200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbda5ce4b-af3b-4a54-90ae-66ca2bd79c74.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ad9ea47c35e2e8616f6a5ba094bf9557
76637be143eba92551ca16d0c688bf452b2268f2
e4422a077bb7f374b27ac89a2669bcfe8aad7fa2ce93fd8978c4c11d64a19630
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbda5ce4b-af3b-4a54-90ae-66ca2bd79c74.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9228
x-amzn-requestid: 0345b7ec-cbab-456d-89dc-ed5eb66bf7da
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: a49cnEvKoAMFoag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636042b6-66f23f3158287e0b4ac3f1a6;Sampled=0
x-amzn-remapped-date: Mon, 31 Oct 2022 21:48:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: sOGvrZcop6CUthLY9if2t39bX7of62zyW-GHAhV3Yn5hCXW3x6cTQA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 31 Oct 2022 22:05:04 GMT
age: 48229
etag: "76637be143eba92551ca16d0c688bf452b2268f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Raleway%3A400%2C100%2C300%2C500%2C700&ver=4.9.22
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Raleway%3A400%2C100%2C300%2C500%2C700&ver=4.9.22
IP
GET /css?family=Raleway%3A400%2C100%2C300%2C500%2C700&ver=4.9.22 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cabigoproperties.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 01 Nov 2022 11:28:45 GMT
date: Tue, 01 Nov 2022 11:28:45 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.mailerlite.com/data/a/1050/1050898/universal/y6e1f9w1a2_popups.js?v=1667302120
302 Found 0 B URL HTTP/2 static.mailerlite.com/data/a/1050/1050898/universal/y6e1f9w1a2_popups.js?v=1667302120
IP
GET /data/a/1050/1050898/universal/y6e1f9w1a2_popups.js?v=1667302120 HTTP/1.1
Host: static.mailerlite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cabigoproperties.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Tue, 01 Nov 2022 11:28:46 GMT
content-type: text/html; charset=utf-8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR HONK CAO PSA OUR"
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
location: /users/login/
strict-transport-security: max-age=63072000
via: 1.1 google
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 763449f07a091c02-OSL
X-Firefox-Spdy: h2
www.mailerlite.com/
200 OK 0 B IP
GET / HTTP/1.1
Host: www.mailerlite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cabigoproperties.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 01 Nov 2022 11:28:46 GMT
content-type: text/html; charset=utf-8
last-modified: Mon, 31 Oct 2022 11:59:58 GMT
vary: Accept-Encoding
etag: W/"635fb8be-2ad32"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 763449f27c301c02-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.mailerlite.com/js/jquery.validate.min.js?ver=4.9.22
200 OK 0 B URL HTTP/2 static.mailerlite.com/js/jquery.validate.min.js?ver=4.9.22
IP
GET /js/jquery.validate.min.js?ver=4.9.22 HTTP/1.1
Host: static.mailerlite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cabigoproperties.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 01 Nov 2022 11:28:45 GMT
content-type: application/javascript
last-modified: Mon, 31 Oct 2022 12:23:11 GMT
vary: Accept-Encoding
etag: W/"635fbe2f-5415"
strict-transport-security: max-age=63072000
via: 1.1 google
cf-cache-status: HIT
age: 3620
expires: Sun, 06 Nov 2022 11:28:45 GMT
cache-control: public, max-age=432000
server: cloudflare
cf-ray: 763449ee3feb1c02-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans%3A400%2C300%2C600%2C700&ver=4.9.22
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A400%2C300%2C600%2C700&ver=4.9.22
IP
GET /css?family=Open+Sans%3A400%2C300%2C600%2C700&ver=4.9.22 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cabigoproperties.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 01 Nov 2022 11:28:45 GMT
date: Tue, 01 Nov 2022 11:28:45 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Oswald:100,400,300,600,700
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Oswald:100,400,300,600,700
IP
GET /css?family=Oswald:100,400,300,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cabigoproperties.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 01 Nov 2022 11:28:45 GMT
date: Tue, 01 Nov 2022 11:28:45 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:400,100,300,500,600,700
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:400,100,300,500,600,700
IP
GET /css?family=Roboto:400,100,300,500,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cabigoproperties.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 01 Nov 2022 11:28:45 GMT
date: Tue, 01 Nov 2022 11:28:45 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Oswald:300,400,700
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Oswald:300,400,700
IP
GET /css?family=Oswald:300,400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cabigoproperties.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 01 Nov 2022 11:28:45 GMT
date: Tue, 01 Nov 2022 11:28:45 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
116.202.175.241
142.250.74.10
31.13.72.36
93.184.220.29
23.36.76.226
0.0.0.0