r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1f67827b21be68d925837dd729590f2d
dc24511141f5352e496b300d7d7e81b0cffb7475
afb1850e7c16f02d267a1310f1681367ecf598816fc62bd02447ffcd26117a9f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AFB1850E7C16F02D267A1310F1681367ECF598816FC62BD02447FFCD26117A9F"
Last-Modified: Mon, 09 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11531
Expires: Tue, 10 Jan 2023 00:52:46 GMT
Date: Mon, 09 Jan 2023 21:40:35 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b782882bdabaf3b08e64120922b4a4b7
2035ed7fc9fb5b6ee9715601ba43de5f94d0c0e9
3fe7d1a9a55b86ec25d02634749ccfae11f3477033ba8cd7ac4131b7948ba619
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3FE7D1A9A55B86EC25D02634749CCFAE11F3477033BA8CD7AC4131B7948BA619"
Last-Modified: Sat, 07 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8463
Expires: Tue, 10 Jan 2023 00:01:38 GMT
Date: Mon, 09 Jan 2023 21:40:35 GMT
Connection: keep-alive
www.cvrmasterhoa.com/
199.34.228.159301 Moved Permanently 362 B IP 199.34.228.159:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 02b738049beddfbae1371fa14daa0ccb
178b83a9cfe623c0ca5558fc984e6c61451620fe
19c26b0844e7108c30e0667d1f11b76b78fdc716c7949f99e0816ce747638a20
GET / HTTP/1.1
Host: www.cvrmasterhoa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 09 Jan 2023 21:40:35 GMT
Server: Apache
Set-Cookie: is_mobile=0; path=/; domain=www.cvrmasterhoa.com
Vary: X-W-SSL,User-Agent
Location: https://www.cvrmasterhoa.com/
X-Host: grn118.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 362
Keep-Alive: timeout=10, max=74
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 89a058935fd04697c87e9441fbb466a9
59b5b08119374b1da34cff7e43a7c6dc80103f6e
3a3261f495323ff0f60067b2930b8d0e5e4e5cd6ae9b14929a88047587b735da
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3A3261F495323FF0F60067B2930B8D0E5E4E5CD6AE9B14929A88047587B735DA"
Last-Modified: Sat, 07 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11704
Expires: Tue, 10 Jan 2023 00:55:39 GMT
Date: Mon, 09 Jan 2023 21:40:35 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 09 Jan 2023 20:48:26 GMT
content-type: application/json
age: 3129
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: KsVrbYY8zEAECxE3RmUyz295m66k621CtbyrvfzB7o7E1wcdeGi8asSkuHTy2jjKedFHtE6QHH0=
x-amz-request-id: 3JK1KFNZ139BQAV4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 09 Jan 2023 21:01:23 GMT
age: 2352
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 21:40:35 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 09 Jan 2023 21:17:22 GMT
age: 1394
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 79c786d968389570ea2b5fb5260d5b60
7ec30768ea42658edf5a53c13f7cb22fd28f2655
5bebe6456e30ec60e3e582ed05fad6351e91e90a3c2d97186fb861d9df957182
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5BEBE6456E30EC60E3E582ED05FAD6351E91E90A3C2D97186FB861D9DF957182"
Last-Modified: Sun, 08 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 10 Jan 2023 03:40:36 GMT
Date: Mon, 09 Jan 2023 21:40:36 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e8e0c910ffff02061a1806b1aa8cf9d2
c5bf0e7ad96e89b17a657fcb1e1cd1aa6d15ab89
896f08fa0030a1313df1f05ef47c5d1f11caa9094380fc026b95193164005448
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 388
Cache-Control: max-age=127960
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 21:40:36 GMT
Etag: "63bbd928-1d7"
Expires: Wed, 11 Jan 2023 09:13:16 GMT
Last-Modified: Mon, 09 Jan 2023 09:06:48 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
cdn2.editmysite.com/css/sites.css?buildTime=1673052315
151.101.129.46200 OK 30 kB URL HTTP/2 cdn2.editmysite.com/css/sites.css?buildTime=1673052315
IP 151.101.129.46:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash d10158b22b553f723d99dc78eaee6390
80f2d6670cfb0d01cd20c471cf8e3e6465ddd3f6
939c7a8e1ad74a44e0c847e38533e69e36454b6805d25acf3fb0cb5c472d245e
GET /css/sites.css?buildTime=1673052315 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Sat, 07 Jan 2023 00:20:28 GMT
etag: W/"63b8bacc-347ac"
expires: Sat, 21 Jan 2023 00:48:22 GMT
cache-control: max-age=1209600
x-host: blu48.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 09 Jan 2023 21:40:36 GMT
age: 247934
x-served-by: cache-sjc10038-SJC, cache-bma1681-BMA
x-cache: HIT, HIT
x-cache-hits: 30, 216
x-timer: S1673300437.557389,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 29746
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.214.111.16101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.214.111.16:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: zMtfER1a9LjAJ3PVLbpcDg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: UTA7QrKHcI7bSjdR1LFHvMKNjh4=
cdn2.editmysite.com/js/jquery-1.8.3.min.js
151.101.129.46200 OK 34 kB URL HTTP/2 cdn2.editmysite.com/js/jquery-1.8.3.min.js
IP 151.101.129.46:0
File type ASCII text, with very long lines (65483)
Hash 67a5a77f65f13559b3d723829f2e0108
5e861ec7c2993abffc3591d6132c47bc7cdc3e98
ac4ffabaed7382810a3829d812e1a45c77984a1dbfaf7d172c8bc19b3cf68ca6
GET /js/jquery-1.8.3.min.js HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Fri, 16 Dec 2022 19:54:04 GMT
etag: "639cccdc-16dc4"
expires: Tue, 10 Jan 2023 23:08:14 GMT
cache-control: max-age=1209600
x-host: grn127.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 09 Jan 2023 21:40:36 GMT
age: 1117943
x-served-by: cache-sjc10032-SJC, cache-bma1681-BMA
x-cache: HIT, HIT
x-cache-hits: 19, 3106
x-timer: S1673300437.559709,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 33467
X-Firefox-Spdy: h2
cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1673052315&
151.101.129.46200 OK 33 kB URL HTTP/2 cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1673052315&
IP 151.101.129.46:0
File type ASCII text, with very long lines (65024)
Hash db51c112ec84c20205d2bb0c609b12bb
95145a5ca01c0c404f9143b25f22b93a15e7fa3f
2136f467e2f6295a5978f160521626ee3b2295ed3611e5a6750869dfe37c236e
GET /js/lang/en/stl.js?buildTime=1673052315& HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Sat, 07 Jan 2023 00:19:24 GMT
etag: "63b8ba8c-2c2a4"
expires: Sat, 21 Jan 2023 00:48:22 GMT
cache-control: max-age=1209600
x-host: grn39.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 09 Jan 2023 21:40:36 GMT
age: 247934
x-served-by: cache-sjc10042-SJC, cache-bma1681-BMA
x-cache: HIT, HIT
x-cache-hits: 58, 11
x-timer: S1673300437.559827,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 32827
X-Firefox-Spdy: h2
cdn2.editmysite.com/css/old/fancybox.css?1673052315
151.101.129.46200 OK 1.2 kB URL HTTP/2 cdn2.editmysite.com/css/old/fancybox.css?1673052315
IP 151.101.129.46:0
File type ASCII text, with very long lines (3910)
Hash b644e92258f4c7c0b4270047652d1e60
93734d52ee9e86a768159e514076051813c39cd9
29199496fb817668f887938571046abcdfb49063d0207d571b361f221f467907
GET /css/old/fancybox.css?1673052315 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Sat, 07 Jan 2023 00:20:34 GMT
etag: "63b8bad2-f47"
expires: Sat, 21 Jan 2023 00:48:26 GMT
cache-control: max-age=1209600
x-host: grn45.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 09 Jan 2023 21:40:36 GMT
age: 247931
x-served-by: cache-sjc10033-SJC, cache-bma1681-BMA
x-cache: HIT, HIT
x-cache-hits: 109, 185
x-timer: S1673300437.561203,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1218
X-Firefox-Spdy: h2
cdn2.editmysite.com/fonts/Montserrat/font.css?2
151.101.129.46200 OK 276 B URL HTTP/2 cdn2.editmysite.com/fonts/Montserrat/font.css?2
IP 151.101.129.46:0
Hash 559eefb63fcae2a3f85471dd3903016a
5e4a9f5b529f2f6d2ee1de511231f856e673066c
09110f0d179c52677e2caf24d4bad70e5d717acb2eff2887ac36dbc1d9583fae
GET /fonts/Montserrat/font.css?2 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Fri, 16 Dec 2022 19:50:31 GMT
etag: "639ccc07-354"
expires: Thu, 12 Jan 2023 18:07:57 GMT
cache-control: max-age=1209600
x-host: grn27.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 09 Jan 2023 21:40:36 GMT
age: 963159
x-served-by: cache-sjc10070-SJC, cache-bma1681-BMA
x-cache: HIT, HIT
x-cache-hits: 34, 1465
x-timer: S1673300437.563660,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 276
X-Firefox-Spdy: h2
cdn2.editmysite.com/fonts/GFS_Didot/font.css?2
151.101.129.46200 OK 244 B URL HTTP/2 cdn2.editmysite.com/fonts/GFS_Didot/font.css?2
IP 151.101.129.46:0
Hash 6859d2d8dbb2ed5a479a91f584d61282
a8d852890206e053e57f3bbb3f465e50ebf0bdec
0ae781198a9d16651e023ea7e97be9c6861517c23d87c44b89631ff3c2750dba
GET /fonts/GFS_Didot/font.css?2 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Fri, 16 Dec 2022 19:50:31 GMT
etag: "639ccc07-1b0"
expires: Tue, 03 Jan 2023 11:07:14 GMT
cache-control: max-age=1209600
x-host: blu77.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 09 Jan 2023 21:40:36 GMT
age: 556396
x-served-by: cache-sjc10029-SJC, cache-bma1681-BMA
x-cache: HIT, HIT
x-cache-hits: 298, 1
x-timer: S1673300437.565793,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 244
X-Firefox-Spdy: h2
cdn2.editmysite.com/js/site/main.js?buildTime=1673052315
151.101.129.46200 OK 146 kB URL HTTP/2 cdn2.editmysite.com/js/site/main.js?buildTime=1673052315
IP 151.101.129.46:0
File type ASCII text, with very long lines (32147)
Size 146 kB (146400 bytes)
Hash 81b8673c5d3aa3ab8c0574f2a8f0e3b4
2e0661bc7907d9e2703b3347c3fec579f0aef5d6
0e981f4de6287406ce261fddea24aa05ded4b6a8c4c07283c363c1502071cf40
GET /js/site/main.js?buildTime=1673052315 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Sat, 07 Jan 2023 00:20:51 GMT
etag: "63b8bae3-74804"
expires: Sat, 21 Jan 2023 00:48:22 GMT
cache-control: max-age=1209600
x-host: blu39.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 09 Jan 2023 21:40:36 GMT
age: 247934
x-served-by: cache-sjc10048-SJC, cache-bma1681-BMA
x-cache: HIT, HIT
x-cache-hits: 26, 1
x-timer: S1673300437.560358,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 146400
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
IP 104.18.21.226:0
Hash d36143daac286cee3080ef289c92a340
ed9aa760c7cbf471417372b1a30eab76815a9a6f
78db6553b70afa327216271cbb7c6904f828550adc06ca440efdccf75ece2c0c
POST /ca/gsatlasr3dvtlsca2022q3 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 21:40:36 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "83E09836ECF4C0346CEB8A1FF834E4AB0EF14D46"
Expires: Tue, 10 Jan 2023 08:00:00 GMT
Last-Modified: Mon, 09 Jan 2023 20:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2884
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787055110cd6b505-OSL
www.cvrmasterhoa.com/
199.34.228.159200 OK 38 kB IP 199.34.228.159:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3920), with CRLF, LF line terminators
Hash 9baa06ebf7e22626f95b7f04b1e77e9c
e9f5b40621bf7cbd419a51f9499d68976c115561
eade9465bb279cf8442fbbf5023b3f6bfd6af09a2a5ad7eb9fbd5f8d27750922
GET / HTTP/1.1
Host: www.cvrmasterhoa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 21:40:36 GMT
Server: Apache
Vary: X-W-SSL,Accept-Encoding,User-Agent
Set-Cookie: is_mobile=0; path=/; domain=www.cvrmasterhoa.com
language=en; expires=Mon, 23-Jan-2023 21:40:36 GMT; Max-Age=1209600; path=/
Cache-Control: private
ETag: W/"f4b106e4a3c9faab829f0b4ffbd9171f-gzip"
Content-Encoding: gzip
X-Host: grn88.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 37742
Keep-Alive: timeout=10, max=67
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
www.cvrmasterhoa.com/files/theme/plugins.js?1673206137
199.34.228.159200 OK 16 kB URL HTTP/1.1 www.cvrmasterhoa.com/files/theme/plugins.js?1673206137
IP 199.34.228.159:0
Hash 43e6b0bb6eb6524188831a282f7656d7
44e73fe367fc1fb8efee7eefac557b7d76ef0f44
9001fcfe93ceab40de4bb3535fc61335318c56d4440b53070cac27a26fef42bb
GET /files/theme/plugins.js?1673206137 HTTP/1.1
Host: www.cvrmasterhoa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 09 Jan 2023 21:40:36 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 24 Apr 2022 01:56:38 GMT
x-rgw-object-type: Normal
ETag: W/"2b8d85f1ea01d2c3e8b962eac8d76a5c"
x-amz-request-id: tx000000000000001ae94c4-006284793b-b9fbc20-sfo1
X-Storage-Bucket: zb635
X-Storage-Object: b6353ca52760aba4e7547ae9861db68158dc2af0f4febece55e5c775ee4449f5
X-Host: grn14.sf2p.intern.weebly.net
Content-Encoding: gzip
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash e8bcae448ee52a20a8853992caaec099
33af7cd0111950f35b667c2ef7cee5ab496c3f23
12c566472829d91d90154127f7fef8e394fd2263c123a4ffec603d0877ce747e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12C566472829D91D90154127F7FEF8E394FD2263C123A4FFEC603D0877CE747E"
Last-Modified: Mon, 09 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15989
Expires: Tue, 10 Jan 2023 02:07:06 GMT
Date: Mon, 09 Jan 2023 21:40:37 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash e8bcae448ee52a20a8853992caaec099
33af7cd0111950f35b667c2ef7cee5ab496c3f23
12c566472829d91d90154127f7fef8e394fd2263c123a4ffec603d0877ce747e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12C566472829D91D90154127F7FEF8E394FD2263C123A4FFEC603D0877CE747E"
Last-Modified: Mon, 09 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19616
Expires: Tue, 10 Jan 2023 03:07:33 GMT
Date: Mon, 09 Jan 2023 21:40:37 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash e8bcae448ee52a20a8853992caaec099
33af7cd0111950f35b667c2ef7cee5ab496c3f23
12c566472829d91d90154127f7fef8e394fd2263c123a4ffec603d0877ce747e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12C566472829D91D90154127F7FEF8E394FD2263C123A4FFEC603D0877CE747E"
Last-Modified: Mon, 09 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16031
Expires: Tue, 10 Jan 2023 02:07:48 GMT
Date: Mon, 09 Jan 2023 21:40:37 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash e8bcae448ee52a20a8853992caaec099
33af7cd0111950f35b667c2ef7cee5ab496c3f23
12c566472829d91d90154127f7fef8e394fd2263c123a4ffec603d0877ce747e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12C566472829D91D90154127F7FEF8E394FD2263C123A4FFEC603D0877CE747E"
Last-Modified: Mon, 09 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19657
Expires: Tue, 10 Jan 2023 03:08:14 GMT
Date: Mon, 09 Jan 2023 21:40:37 GMT
Connection: keep-alive
circuitingratitude.com/10/a0/8e/10a08ee828b7ca6dbd788ee5bfa604e0.js
192.243.61.225200 OK 13 kB URL HTTP/1.1 circuitingratitude.com/10/a0/8e/10a08ee828b7ca6dbd788ee5bfa604e0.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37137), with no line terminators
Hash bcf20ca9f780a4f5f8bd3550031ff85c
9d32abda6786e0d0c639c9f72541cde646ccbab9
6bc325c5a3708def6915b2c1f20b84da40316a8edfc44837490b3b81e15bfd64
Analyzer Verdict Alert quad9 Sinkholed
GET /10/a0/8e/10a08ee828b7ca6dbd788ee5bfa604e0.js HTTP/1.1
Host: circuitingratitude.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 09 Jan 2023 21:40:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f53a5ecf369c86d51358e28fe3737322
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.cvrmasterhoa.com/files/main_style.css?1673206141
199.34.228.159200 OK 6.6 kB URL HTTP/1.1 www.cvrmasterhoa.com/files/main_style.css?1673206141
IP 199.34.228.159:0
File type ASCII text, with very long lines (670)
Hash 6c2c37f340f4b96e7ad58c3d1d105f01
001d8057a0f987a977f5b61d00d0fd1848be2b4c
b9f071d3a6da7195a1ba3792f1e074900e5dea73ed04b115dfbc9fa899a59eb8
GET /files/main_style.css?1673206141 HTTP/1.1
Host: www.cvrmasterhoa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 09 Jan 2023 21:40:37 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
X-Host: grn62.sf2p.intern.weebly.net
Content-Encoding: gzip
circuitingratitude.com/10/a0/8e/10a08ee828b7ca6dbd788ee5bfa604e0.js?1673206137
192.243.61.225200 OK 13 kB URL HTTP/1.1 circuitingratitude.com/10/a0/8e/10a08ee828b7ca6dbd788ee5bfa604e0.js?1673206137
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37107), with no line terminators
Hash 0e49425e2c77ecbc8a99ba02d2e6259b
c1b29a11497d5d9f746e5c0a086eb84ba614ebac
beab6fd9ceed71b8db1c0630c3f066ac182cacf3d87d6aacbb23b51e52e371e0
Analyzer Verdict Alert quad9 Sinkholed
GET /10/a0/8e/10a08ee828b7ca6dbd788ee5bfa604e0.js?1673206137 HTTP/1.1
Host: circuitingratitude.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 09 Jan 2023 21:40:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c43123299e6190adc828893ac9311c1b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.cvrmasterhoa.com/files/theme/custom.js?1673206137
199.34.228.159200 OK 1.8 kB URL HTTP/1.1 www.cvrmasterhoa.com/files/theme/custom.js?1673206137
IP 199.34.228.159:0
Hash 17da665a1a7e21ed9787d7251b707343
a69b47d92bb45f5305e4325ef2782a0132d51c73
4958b591154a835ddda0838cde60113f9d438d0eedd71712c85044f68c806c90
GET /files/theme/custom.js?1673206137 HTTP/1.1
Host: www.cvrmasterhoa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 09 Jan 2023 21:40:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 17 May 2022 17:39:40 GMT
x-rgw-object-type: Normal
ETag: W/"a8cdf2852674b9b682c1be61454a75a0"
x-amz-request-id: tx000000000000001b74753-0062847f68-b9fbc7f-sfo1
X-Storage-Bucket: z4e2f
X-Storage-Object: 4e2f6074e5a0daab0f207bd3b9fc89b10a5383c373bfc8c54fe5dabfd48f240e
X-Host: blu40.sf2p.intern.weebly.net
Content-Encoding: gzip
circuitingratitude.com/53/c8/d1/53c8d18ca14399fa01b893dc9ee5e6a3.js?1673206137
192.243.61.225200 OK 21 kB URL HTTP/1.1 circuitingratitude.com/53/c8/d1/53c8d18ca14399fa01b893dc9ee5e6a3.js?1673206137
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (60148), with no line terminators
Hash e7f944237dc6a2cff69ef9e7808f2d2f
cad09cb673a10f6c6b6e14b6fd61a04bb9082087
312b71b611ab0ff835f0ff0cb44bdf0eaec7313a1774fdba806e1008953c9797
Analyzer Verdict Alert quad9 Sinkholed
GET /53/c8/d1/53c8d18ca14399fa01b893dc9ee5e6a3.js?1673206137 HTTP/1.1
Host: circuitingratitude.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 09 Jan 2023 21:40:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a340ac4d2407657b73dea7c86cc1521d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
circuitingratitude.com/53/c8/d1/53c8d18ca14399fa01b893dc9ee5e6a3.js
192.243.61.225200 OK 21 kB URL HTTP/1.1 circuitingratitude.com/53/c8/d1/53c8d18ca14399fa01b893dc9ee5e6a3.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (60151), with no line terminators
Hash 8aaacc84febfbd41e66d3b9bae2b0210
2c56138ed8c09a0d0109bb189c62293ee5e42650
f008a1a362cf879415b9bc0ddd02ea9b4955d30affe04c6a251d48e2886b2493
Analyzer Verdict Alert quad9 Sinkholed
GET /53/c8/d1/53c8d18ca14399fa01b893dc9ee5e6a3.js HTTP/1.1
Host: circuitingratitude.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 09 Jan 2023 21:40:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 860350be82456917fce7f6c19fe61bab
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.cvrmasterhoa.com/uploads/8/1/0/8/8108489/130815-cvr-logos-final-outlined.jpg
199.34.228.159200 OK 6.4 kB URL HTTP/1.1 www.cvrmasterhoa.com/uploads/8/1/0/8/8108489/130815-cvr-logos-final-outlined.jpg
IP 199.34.228.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 262x100, components 3\012- data
Hash 9bd252b39e3d7dea8e147c2c7ace143c
92d29e20545bb48989d50fa4139c0fa9a9c2d681
0cde61db391533b839e4e2a0206f110e93d99773982e76830f7154613f25505e
GET /uploads/8/1/0/8/8108489/130815-cvr-logos-final-outlined.jpg HTTP/1.1
Host: www.cvrmasterhoa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 09 Jan 2023 21:40:37 GMT
Content-Type: image/jpeg
Content-Length: 6357
Connection: keep-alive
Last-Modified: Sun, 08 Dec 2019 20:10:44 GMT
x-rgw-object-type: Normal
ETag: "9bd252b39e3d7dea8e147c2c7ace143c"
x-amz-request-id: tx000000000000002511c17-006285036a-b9fbc63-sfo1
X-Storage-Bucket: z0cde
X-Storage-Object: 0cde61db391533b839e4e2a0206f110e93d99773982e76830f7154613f25505e
X-Host: blu81.sf2p.intern.weebly.net
Accept-Ranges: bytes
use.typekit.net/nxe1ajf.js
23.36.76.186200 OK 6.7 kB URL HTTP/2 use.typekit.net/nxe1ajf.js
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (2258)
Hash 9189ca8b387979d5f2feeae6aad5ee64
938a8a1410b1927887df90e08aca8f587fb82fec
0429adbc18a19bede29b164f41a4ab37e2193bb45ec37471cc361c3292536f28
GET /nxe1ajf.js HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/javascript;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: public, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 6739
date: Mon, 09 Jan 2023 21:40:37 GMT
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 346 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 67e0824571d9d5a3db31230b3ba65ce6
79dd2df8f565f2e860f4fbaf3e2c18cc07c6f9c9
f3fa26b0f2c07ad015650d7fee85b6f01bcbe18194e90cd54a21d3b134ab9074
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "F3FA26B0F2C07AD015650D7FEE85B6F01BCBE18194E90CD54A21D3B134AB9074"
Last-Modified: Sun, 08 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6970
Expires: Mon, 09 Jan 2023 23:36:47 GMT
Date: Mon, 09 Jan 2023 21:40:37 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8b33ebf66adf8ea748d256ed5248639a
54f661bd5cdfe8ec55371d0d7d63437abc1d54b7
d7b4bf07bc0c94009920239a1136dfdafa898ac2efab9d4131e68682f826e76b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 21:40:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?_=1673300424240
142.250.74.132200 OK 552 B URL HTTP/2 www.google.com/recaptcha/api.js?_=1673300424240
IP 142.250.74.132:0
File type ASCII text, with very long lines (850), with no line terminators
Hash 760f8751978f13903fbb5b593bea05c7
3c463f9d47be6cafa5acd0c828a42054054debd3
ba7b03872b122ab1d52e67ee1d6ad77d7749c5504b0c733bd90392d16c509410
GET /recaptcha/api.js?_=1673300424240 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Mon, 09 Jan 2023 21:40:37 GMT
date: Mon, 09 Jan 2023 21:40:37 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 552
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 99ea50d358cc1b0a9f7a0e0ae9f7e1d0
45c2df0e3fc3a9aa68e23c7d4a1c50cb831d1033
9be526f1892f4c7eb9e985318967164cf9284e21d5cf3f94296474b51bc65a00
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 09 Jan 2023 21:40:37 GMT
Last-Modified: Mon, 09 Jan 2023 20:12:14 GMT
Server: ECS (bsa/EB15)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: __dihzFdsHsNbRAvCTN7cGFueuc3H5yG2ufC_NrM2hBHISh8LaUyPg==
Age: 5303
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 99ea50d358cc1b0a9f7a0e0ae9f7e1d0
45c2df0e3fc3a9aa68e23c7d4a1c50cb831d1033
9be526f1892f4c7eb9e985318967164cf9284e21d5cf3f94296474b51bc65a00
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=149358
Date: Mon, 09 Jan 2023 21:40:37 GMT
Etag: "63bc1716-1d7"
Expires: Wed, 11 Jan 2023 15:09:55 GMT
Last-Modified: Mon, 09 Jan 2023 13:31:02 GMT
Server: ECS (bsa/EB1E)
X-Cache: Miss from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: HwmtKpfZkIP-EdciAzXTBhKyCdasGj6m-uMCaaiA9t4eEgxtZE9F_Q==
Age: 5933
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fd5f9e37831ff9f951522dd1a7cb8b67
f239b353ba67a17913415db82fe18b7c17e4bfdf
ae1b0649e956255cc999cc88561a7bd3bf65445bb22df8b2843ee2728c3287af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AE1B0649E956255CC999CC88561A7BD3BF65445BB22DF8B2843EE2728C3287AF"
Last-Modified: Sun, 08 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17028
Expires: Tue, 10 Jan 2023 02:24:25 GMT
Date: Mon, 09 Jan 2023 21:40:37 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 99ea50d358cc1b0a9f7a0e0ae9f7e1d0
45c2df0e3fc3a9aa68e23c7d4a1c50cb831d1033
9be526f1892f4c7eb9e985318967164cf9284e21d5cf3f94296474b51bc65a00
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 09 Jan 2023 21:40:37 GMT
Last-Modified: Mon, 09 Jan 2023 19:52:54 GMT
Server: ECS (nyb/1D0A)
X-Cache: Miss from cloudfront
Via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: QnVQsWYWSvjlBnQLqxDIJ0EXExhmjGhd-l3VrXn2UKxNFo4_p4Ir8w==
Age: 6463
use.typekit.net/af/1da05b/0000000000000000000132df/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
23.36.76.186200 OK 27 kB URL HTTP/2 use.typekit.net/af/1da05b/0000000000000000000132df/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 26888, version 1.0\012- data
Hash 6c288957e1ea69636d76b434a53c65ef
b8e0e2074136f3b167567d532312cc0f838bdf5f
c763917e443b5583abccb9674edfaf82deada941ad5894d28c672c632fcd64dc
GET /af/1da05b/0000000000000000000132df/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.cvrmasterhoa.com
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 26888
etag: "49d80c15efa35e0c65ed7e265d2c0333b309aa4e"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Mon, 09 Jan 2023 21:40:37 GMT
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
52.28.184.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.184.54:0
File type ASCII text, with no line terminators
Hash d3dfa46921f7d6ba8357f012e3a531f6
c3093ab44ee63569bf6f670b269684e6c377dd40
0450261b5c4ad50aab43daf91c08b424b976f2680d1b3dd9271b389e8ca55d70
Analyzer Verdict Alert fortinet Malware
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.cvrmasterhoa.com
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 21:40:37 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.cvrmasterhoa.com
access-control-allow-credentials: true
set-cookie: uid_id2=aa3bf0c5-2499-424b-95cd-3cffdd5af2bc:1:1; expires=Thu, 06 Jan 2033 21:40:37 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
use.typekit.net/af/32d3ee/0000000000000000000132e0/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
23.36.76.186200 OK 27 kB URL HTTP/2 use.typekit.net/af/32d3ee/0000000000000000000132e0/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 26568, version 1.0\012- data
Hash 69d7f21af427ec644440343c1bcd0606
186c5445f00e61e82a73ce3207965ce28c410f72
2a1074cd5044c672760ad745fdbbd125381d63a86f5380b57a1dd28ad0da0d75
GET /af/32d3ee/0000000000000000000132e0/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.cvrmasterhoa.com
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 26568
etag: "c11943bfe7851ce643a829e2f815ebf55030b555"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Mon, 09 Jan 2023 21:40:37 GMT
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
52.28.184.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.184.54:0
File type ASCII text, with no line terminators
Hash 740b139527d98170a291fd0ba0191017
cf366942336a5e145a17cbbf237e4b349bbb0093
a484d41728ddcf94361e68963dfe3ec9659512c1b5806a31f35b308c15beab7e
Analyzer Verdict Alert fortinet Malware
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.cvrmasterhoa.com
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 21:40:37 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.cvrmasterhoa.com
access-control-allow-credentials: true
set-cookie: uid_id2=00a47359-2206-46ba-a632-d5928178d1d5:3:1; expires=Thu, 06 Jan 2033 21:40:37 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 99ea50d358cc1b0a9f7a0e0ae9f7e1d0
45c2df0e3fc3a9aa68e23c7d4a1c50cb831d1033
9be526f1892f4c7eb9e985318967164cf9284e21d5cf3f94296474b51bc65a00
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=149909
Date: Mon, 09 Jan 2023 21:40:37 GMT
Etag: "63bc1716-1d7"
Expires: Wed, 11 Jan 2023 15:19:06 GMT
Last-Modified: Mon, 09 Jan 2023 13:31:02 GMT
Server: ECS (nyb/1D0B)
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 7DOhjx3brf0U3CZVAImqH-mVp3QXAUZ0QsHNZ4-SMmVzB5aGzlLZJg==
Age: 6484
use.typekit.net/af/099730/0000000000000000000132e6/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i9&v=3
23.36.76.186200 OK 28 kB URL HTTP/2 use.typekit.net/af/099730/0000000000000000000132e6/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i9&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 27788, version 1.0\012- data
Hash ccc7b72fb1a80abb8cbafa94de34a554
0c68982548e2af3c6d6e8c49128be51e3f5dd0d1
3d25e0efebb8648cd1fcb31872cf5200c2e577259ad589b6e802bb1d95d03efe
GET /af/099730/0000000000000000000132e6/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i9&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.cvrmasterhoa.com
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 27788
etag: "d76106a15ff619ce03b2c3ca28b4559b159b1b63"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Mon, 09 Jan 2023 21:40:37 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/031bc7/0000000000000000000132e5/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n9&v=3
23.36.76.186200 OK 29 kB URL HTTP/2 use.typekit.net/af/031bc7/0000000000000000000132e5/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n9&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 29052, version 1.0\012- data
Hash 3437e060c8710bccafd202e3da9a25dc
8e1bbee3d09332165b23156a05b43641f8d9f913
0656089e2e797a739897875d68a79ca62256a3c76ab3f4c31cb2f363cd778fee
GET /af/031bc7/0000000000000000000132e5/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n9&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.cvrmasterhoa.com
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 29052
etag: "a6e56bc1473094b110819c4cfa4169b4a97bd255"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Mon, 09 Jan 2023 21:40:37 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 53e4963971e19408d4cf264bd653599d
271fa6d9b5843b97d579a713fbb48b388c61eba0
c3245e3793f7aab542ba2b4b719f5145a45ba29d536456ad629a364ab2df400b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 21:40:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
simplewebanalysis.com/stats
52.28.184.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.184.54:0
File type ASCII text, with no line terminators
Hash cbe0b64be05cf141d0b0d2f5d747e8ec
e59e3f447af39f4eeaa54f076a0568175535f4e1
18c4cfeeb297507f3f69782a06cfc37c13c4da060511c05e78a00e2787b87960
Analyzer Verdict Alert fortinet Malware
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.cvrmasterhoa.com
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 21:40:37 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.cvrmasterhoa.com
access-control-allow-credentials: true
set-cookie: uid_id2=8967cefd-fc16-472d-a352-a568f85df0ab:1:1; expires=Thu, 06 Jan 2033 21:40:37 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
52.28.184.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.184.54:0
File type ASCII text, with no line terminators
Hash f1d95add4d8d5771b5317048f0ec4a68
7b458738cf173c30cfc948ddb9025d25302abb3d
f8cc10187fda2b4e6b2166327302987708e0258c6fd260856c67c6c9b3af534e
Analyzer Verdict Alert fortinet Malware
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.cvrmasterhoa.com
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 21:40:37 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.cvrmasterhoa.com
access-control-allow-credentials: true
set-cookie: uid_id2=9ddaf83e-5424-4f21-a59b-3d3968dd053d:1:1; expires=Thu, 06 Jan 2033 21:40:37 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 346 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 67e0824571d9d5a3db31230b3ba65ce6
79dd2df8f565f2e860f4fbaf3e2c18cc07c6f9c9
f3fa26b0f2c07ad015650d7fee85b6f01bcbe18194e90cd54a21d3b134ab9074
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "F3FA26B0F2C07AD015650D7FEE85B6F01BCBE18194E90CD54A21D3B134AB9074"
Last-Modified: Sun, 08 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6970
Expires: Mon, 09 Jan 2023 23:36:47 GMT
Date: Mon, 09 Jan 2023 21:40:37 GMT
Connection: keep-alive
www.cvrmasterhoa.com/uploads/8/1/0/8/8108489/z1wypdwvs-ogjysngwwksg.jpg
199.34.228.159200 OK 71 kB URL HTTP/1.1 www.cvrmasterhoa.com/uploads/8/1/0/8/8108489/z1wypdwvs-ogjysngwwksg.jpg
IP 199.34.228.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x533, components 3\012- data
Hash 774a51c6ad38e3b36ace0203c9dd1dd0
6982cbdd8d34b46cea22532079ccdd3068a7cc00
b5c4172025d378c859a9d54851f4eb65bf470f8d77ea5f7948403cf58fcc809e
GET /uploads/8/1/0/8/8108489/z1wypdwvs-ogjysngwwksg.jpg HTTP/1.1
Host: www.cvrmasterhoa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 09 Jan 2023 21:40:37 GMT
Content-Type: image/jpeg
Content-Length: 70571
Connection: keep-alive
Last-Modified: Thu, 06 May 2021 18:26:20 GMT
x-rgw-object-type: Normal
ETag: "774a51c6ad38e3b36ace0203c9dd1dd0"
x-amz-request-id: tx0000000000000031389e4-0062858fb9-b9fbc7f-sfo1
X-Storage-Bucket: zb5c4
X-Storage-Object: b5c4172025d378c859a9d54851f4eb65bf470f8d77ea5f7948403cf58fcc809e
X-Host: blu149.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.cvrmasterhoa.com/uploads/8/1/0/8/8108489/oajqu32qfgjzfyfs-v4nq.jpg
199.34.228.159200 OK 124 kB URL HTTP/1.1 www.cvrmasterhoa.com/uploads/8/1/0/8/8108489/oajqu32qfgjzfyfs-v4nq.jpg
IP 199.34.228.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x533, components 3\012- data
Size 124 kB (124245 bytes)
Hash 784e9eb3c0418018ed29490c26d2e023
be130dd6b4fb13ae407ccdfcc59b0603ac2e3850
0e01ed207c70215bffee330793269730dc4e3a4d9881e3b08bcf1b1df1627334
GET /uploads/8/1/0/8/8108489/oajqu32qfgjzfyfs-v4nq.jpg HTTP/1.1
Host: www.cvrmasterhoa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 09 Jan 2023 21:40:37 GMT
Content-Type: image/jpeg
Content-Length: 124245
Connection: keep-alive
Last-Modified: Sun, 05 Jul 2020 01:39:40 GMT
x-rgw-object-type: Normal
ETag: "784e9eb3c0418018ed29490c26d2e023"
x-amz-request-id: tx00000000000005093e092-0063a9d743-c699baa-sfo1
X-Storage-Bucket: z0e01
X-Storage-Object: 0e01ed207c70215bffee330793269730dc4e3a4d9881e3b08bcf1b1df1627334
X-Host: blu84.sf2p.intern.weebly.net
Accept-Ranges: bytes
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 39adb911b5ba3f7681889d146dc85a13
5f798b9fcafb545f3b7b2ccdebf7cd1d80e4dbc1
041824c6cc01281539012fd341251797bce15c39bdcff83403affab85cca8200
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "041824C6CC01281539012FD341251797BCE15C39BDCFF83403AFFAB85CCA8200"
Last-Modified: Sat, 07 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11239
Expires: Tue, 10 Jan 2023 00:47:56 GMT
Date: Mon, 09 Jan 2023 21:40:37 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash f7172ba8ac61060c9f94ad799db6af44
253917924d50c99a5b2fd83a816135846f7a9b80
3c2eee988ef973aca8d53e8c23e6475f9eb8311dff948fbe64106fd20b217d81
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C2EEE988EF973ACA8D53E8C23E6475F9EB8311DFF948FBE64106FD20B217D81"
Last-Modified: Mon, 09 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10105
Expires: Tue, 10 Jan 2023 00:29:02 GMT
Date: Mon, 09 Jan 2023 21:40:37 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash f7172ba8ac61060c9f94ad799db6af44
253917924d50c99a5b2fd83a816135846f7a9b80
3c2eee988ef973aca8d53e8c23e6475f9eb8311dff948fbe64106fd20b217d81
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C2EEE988EF973ACA8D53E8C23E6475F9EB8311DFF948FBE64106FD20B217D81"
Last-Modified: Mon, 09 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10105
Expires: Tue, 10 Jan 2023 00:29:02 GMT
Date: Mon, 09 Jan 2023 21:40:37 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash f7172ba8ac61060c9f94ad799db6af44
253917924d50c99a5b2fd83a816135846f7a9b80
3c2eee988ef973aca8d53e8c23e6475f9eb8311dff948fbe64106fd20b217d81
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C2EEE988EF973ACA8D53E8C23E6475F9EB8311DFF948FBE64106FD20B217D81"
Last-Modified: Mon, 09 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10105
Expires: Tue, 10 Jan 2023 00:29:02 GMT
Date: Mon, 09 Jan 2023 21:40:37 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash f7172ba8ac61060c9f94ad799db6af44
253917924d50c99a5b2fd83a816135846f7a9b80
3c2eee988ef973aca8d53e8c23e6475f9eb8311dff948fbe64106fd20b217d81
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C2EEE988EF973ACA8D53E8C23E6475F9EB8311DFF948FBE64106FD20B217D81"
Last-Modified: Mon, 09 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10105
Expires: Tue, 10 Jan 2023 00:29:02 GMT
Date: Mon, 09 Jan 2023 21:40:37 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f66a423-2d06-442e-9b60-52f1638487d5.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f66a423-2d06-442e-9b60-52f1638487d5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f0defc5fd929d3ca7df12b102b551453
f44e4ac4a10991e12994e3b5d6f3cc1b1658967a
f551a1c156ec30405668d66bff9e1359805b773457602e44748be80cbb1f8a23
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f66a423-2d06-442e-9b60-52f1638487d5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4687
x-amzn-requestid: 18bf71d4-030e-4a08-ae18-48fe037e6e0d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eWhZ7GzXIAMFnFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8e2a5-710f414a2d1b239f6d59d73a;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 03:10:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: BH9GqW4F8x5-alQC2mwF8cXT20caU3Tn8jI1e3tuhDMYtKnrH3BBpQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 09 Jan 2023 03:30:17 GMT
age: 65420
etag: "f44e4ac4a10991e12994e3b5d6f3cc1b1658967a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
p.typekit.net/p.gif?s=1&k=nxe1ajf&ht=tk&h=www.cvrmasterhoa.com&f=10294.10295.10304.10305&a=3024360&js=1.21.0&app=typekit&e=js&_=1673300424422
23.36.76.186200 OK 35 B URL HTTP/2 p.typekit.net/p.gif?s=1&k=nxe1ajf&ht=tk&h=www.cvrmasterhoa.com&f=10294.10295.10304.10305&a=3024360&js=1.21.0&app=typekit&e=js&_=1673300424422
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 81144d75b3e69e9aa2fa3e9d83a64d03
f0fbc60b50edf5b2a0b76e0aa0537b76bf346ffc
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
GET /p.gif?s=1&k=nxe1ajf&ht=tk&h=www.cvrmasterhoa.com&f=10294.10295.10304.10305&a=3024360&js=1.21.0&app=typekit&e=js&_=1673300424422 HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: image/gif
cross-origin-resource-policy: cross-origin
etag: "61c32ad2-23"
last-modified: Wed, 22 Dec 2021 13:40:34 GMT
server: nginx
content-length: 35
unused62: 8096267
date: Mon, 09 Jan 2023 21:40:37 GMT
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e832123ea0c92a446b5894e75efc86ae
bb438ca635b43819701067ef07a3d910ad29a0c7
e1b0c6cd873f304de15664f96af6b6914e13fbbfb3e2179ba43369e116446773
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5578
x-amzn-requestid: 405085aa-d0f5-4786-8fd7-46d74a6e8d1e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ecaIxGdkIAMFaBQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bb3d6b-07f34cbf7e1df2fa7a4d8982;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 22:02:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mRyiYL1hTv7MvjLg92gwPBszcW1mqdKadIcQVG_rsQ6b15uyGkyZbQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 09 Jan 2023 09:56:36 GMT
age: 42241
etag: "bb438ca635b43819701067ef07a3d910ad29a0c7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faede32e1-a6ef-46a9-8048-2bc4b3382d7b.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faede32e1-a6ef-46a9-8048-2bc4b3382d7b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a0473691ea0d4426c66441d3e049b139
2ba1b24cc0f903a534458642236adc8495d87519
5475d4935fea484eabbac57be8e5604952f59374e1ccf26392c3283d39b96a8d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faede32e1-a6ef-46a9-8048-2bc4b3382d7b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 173c95c5-690c-4381-9cf1-cb31e4456f14
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eQd8LF0YoAMFTUg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b676b4-0b9191ab25e33cb436995203;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 07:05:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: IrmxCeYWe4PYICmQKYgocQcPK3iE2QXWP3SJ4RZ5vGKXY46plVTF6w==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Mon, 09 Jan 2023 14:53:28 GMT
age: 24429
etag: "2ba1b24cc0f903a534458642236adc8495d87519"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c35b6f8-ae25-4552-b3cc-44e57542d5ec.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c35b6f8-ae25-4552-b3cc-44e57542d5ec.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 210f951bd43cd838048f3568adb84c8c
db87b6eeaad681f1232c104dd4d0a902a921ed6d
b0d21c80c6c53ba04c8b216f6428a0e8b8eff4ca16f44c31782857d4a2749c39
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c35b6f8-ae25-4552-b3cc-44e57542d5ec.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9407
x-amzn-requestid: 08f125d6-46ed-4a83-98bc-94f688def00c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eP6aMG3loAMFU5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b63dda-06f1fa975f43a24564b86524;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 03:02:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JGCcqqJcMEq8Q_Ahhr8WO1OsuLLCGJez-l5GRzZuPE3H2ljsztTrIw==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Mon, 09 Jan 2023 05:39:19 GMT
age: 57678
etag: "db87b6eeaad681f1232c104dd4d0a902a921ed6d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46239df3-17a1-48a0-95bc-7ac540c3def6.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46239df3-17a1-48a0-95bc-7ac540c3def6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0b75a93b9f0106516f046eb424b0c8d9
c9509f976390441bbd3bd7521cb1848f4f481fd0
0b69fd368ef68510387a871acfffe82afc4414163c661f76e574dffdcc94104a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46239df3-17a1-48a0-95bc-7ac540c3def6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12971
x-amzn-requestid: ed6346eb-d3ae-4343-8eab-b4321aad3135
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eXEBqG97IAMF3Kg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b91a0a-4eb212756fcc0d3175dd0225;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 07:06:50 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: piVacwljJRw0mj4FKxVcPcOyoIpQURO35i2_t8-y5hthIyoQshGB-Q==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 2c6b5dd77f1abe60653ce0454f344b64.cloudfront.net (CloudFront), 1.1 google
date: Mon, 09 Jan 2023 05:34:35 GMT
age: 57962
etag: "c9509f976390441bbd3bd7521cb1848f4f481fd0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab696bdd-92ae-4c01-855b-6bbe0e8165ad.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab696bdd-92ae-4c01-855b-6bbe0e8165ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e0189748e9478c37ab22a71c0826ca99
08186f7c9717eb7165ee8b9b803760da967b82e7
40a9b3a38f6799c2005bc7cc2716104b175a2178efc8029188b9aff19e598483
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab696bdd-92ae-4c01-855b-6bbe0e8165ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8866
x-amzn-requestid: b4a6c607-98b7-4689-96c3-646756db23df
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eZblsHkmIAMFzKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ba0c8a-02beb65706f8d3d44a812788;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 00:21:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: SvWUcXyAY8ibl7_52JUaFjTAaTj80eZPR0Cx7rcLG27R58WoH36IIg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 09 Jan 2023 09:02:48 GMT
age: 45469
etag: "08186f7c9717eb7165ee8b9b803760da967b82e7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
blacknesskeepplan.com/pixel/purst?dl=0&th=0&sc=0&rs=2079&rd=2079&fd=570&bv=22.10.v.9&tmpl=70
173.233.139.164200 OK 0 B URL HTTP/1.1 blacknesskeepplan.com/pixel/purst?dl=0&th=0&sc=0&rs=2079&rd=2079&fd=570&bv=22.10.v.9&tmpl=70
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=2079&rd=2079&fd=570&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: blacknesskeepplan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 09 Jan 2023 21:40:37 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
www.cvrmasterhoa.com/uploads/8/1/0/8/8108489/img-0829_orig.jpg
199.34.228.159200 OK 151 kB URL HTTP/1.1 www.cvrmasterhoa.com/uploads/8/1/0/8/8108489/img-0829_orig.jpg
IP 199.34.228.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1067x800, components 3\012- data
Size 151 kB (151323 bytes)
Hash 5ba809e7c7278a76a0f194f3256a107b
a7499afdea9736e68b8a617e892eb62b98ba97b5
147ff9df1725e1f3e59b2346db0ea212fb737bdd900ec7d8ac724d18a2ecc793
GET /uploads/8/1/0/8/8108489/img-0829_orig.jpg HTTP/1.1
Host: www.cvrmasterhoa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 09 Jan 2023 21:40:37 GMT
Content-Type: image/jpeg
Content-Length: 151323
Connection: keep-alive
Last-Modified: Sat, 06 Aug 2022 19:07:22 GMT
x-rgw-object-type: Normal
ETag: "5ba809e7c7278a76a0f194f3256a107b"
x-amz-request-id: tx00000000000001d33b73c-0062eeff50-bfe36ba-sfo1
X-Storage-Bucket: z147f
X-Storage-Object: 147ff9df1725e1f3e59b2346db0ea212fb737bdd900ec7d8ac724d18a2ecc793
X-Host: blu81.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.cvrmasterhoa.com/uploads/8/1/0/8/8108489/img-20190119-110813394.jpg
199.34.228.159200 OK 100 kB URL HTTP/1.1 www.cvrmasterhoa.com/uploads/8/1/0/8/8108489/img-20190119-110813394.jpg
IP 199.34.228.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 600x800, components 3\012- data
Size 100 kB (100069 bytes)
Hash 813599febde0a8e07214eb3878679bfd
00e328e3e8319f184f97d307f2e7289e0834d62e
1cdb330be3bb6499b9e8c0a25fe53a488abb8b17d164d791a6305eede1ab813d
GET /uploads/8/1/0/8/8108489/img-20190119-110813394.jpg HTTP/1.1
Host: www.cvrmasterhoa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 09 Jan 2023 21:40:37 GMT
Content-Type: image/jpeg
Content-Length: 100069
Connection: keep-alive
Last-Modified: Wed, 30 Jun 2021 19:52:16 GMT
x-rgw-object-type: Normal
ETag: "813599febde0a8e07214eb3878679bfd"
x-amz-request-id: tx00000000000000283a0da-00628521b2-b9fbc64-sfo1
X-Storage-Bucket: z1cdb
X-Storage-Object: 1cdb330be3bb6499b9e8c0a25fe53a488abb8b17d164d791a6305eede1ab813d
X-Host: grn62.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.cvrmasterhoa.com/uploads/8/1/0/8/8108489/wbo370ptr5gzyvy4ntjf6w.jpg
199.34.228.159200 OK 100 kB URL HTTP/1.1 www.cvrmasterhoa.com/uploads/8/1/0/8/8108489/wbo370ptr5gzyvy4ntjf6w.jpg
IP 199.34.228.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x533, components 3\012- data
Size 100 kB (100531 bytes)
Hash 13d50bf53e5ac0b72d51e72af62d2cb8
14e478000fd52b0cd0323e35b3ff76fc89bf9885
a50b6abdaeac69b9698e17d7f7fa9c2181cac509014fb55c4048e6ccd6f56fa8
GET /uploads/8/1/0/8/8108489/wbo370ptr5gzyvy4ntjf6w.jpg HTTP/1.1
Host: www.cvrmasterhoa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 09 Jan 2023 21:40:37 GMT
Content-Type: image/jpeg
Content-Length: 100531
Connection: keep-alive
Last-Modified: Fri, 04 Jun 2021 20:26:25 GMT
x-rgw-object-type: Normal
ETag: "13d50bf53e5ac0b72d51e72af62d2cb8"
x-amz-request-id: tx00000000000003b79898f-006383d517-c696eea-sfo1
X-Storage-Bucket: za50b
X-Storage-Object: a50b6abdaeac69b9698e17d7f7fa9c2181cac509014fb55c4048e6ccd6f56fa8
X-Host: blu146.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.cvrmasterhoa.com/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]
199.34.228.159200 OK 348 B URL HTTP/1.1 www.cvrmasterhoa.com/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]
IP 199.34.228.159:0
File type JSON data\012- , ASCII text, with very long lines (348), with no line terminators
Hash a944dd688c99d2901d6719be713271c0
4f5454d5d434829baf46671638610791758725d9
adb97e1bc686c58b4286f1208d2bd969687c6cf3e2fc468697dfd956d260de49
POST /ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails] HTTP/1.1
Host: www.cvrmasterhoa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 83
Origin: https://www.cvrmasterhoa.com
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Cookie: is_mobile=0; language=en; _snow_ses.5834=*; _snow_id.5834=6ff76367-d3e6-463a-ba83-0a3a6c99b2a7.1673300424.1.1673300424.1673300424.54f88f02-b53d-4942-bf3f-be2d9a150beb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 21:40:37 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: blu92.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 348
Keep-Alive: timeout=10, max=74
Connection: Keep-Alive
Content-Type: application/json
fixespreoccupation.com/pixel/purst?dl=0&th=0&sc=0&rs=2079&rd=2079&fd=570&bv=22.10.v.9&tmpl=70
192.243.59.13200 OK 0 B URL HTTP/1.1 fixespreoccupation.com/pixel/purst?dl=0&th=0&sc=0&rs=2079&rd=2079&fd=570&bv=22.10.v.9&tmpl=70
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=2079&rd=2079&fd=570&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: fixespreoccupation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 09 Jan 2023 21:40:37 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d4b9670dd1a3f45252446fa289602fad
1263c9c2c6bdd4d69a0d32d06dc3d9935ef68b65
44b53b091a02b8e308a0ae273e41ce2355b7a7dbe85edffcc5ad157440080160
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "44B53B091A02B8E308A0AE273E41CE2355B7A7DBE85EDFFCC5AD157440080160"
Last-Modified: Mon, 09 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13760
Expires: Tue, 10 Jan 2023 01:29:58 GMT
Date: Mon, 09 Jan 2023 21:40:38 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d4b9670dd1a3f45252446fa289602fad
1263c9c2c6bdd4d69a0d32d06dc3d9935ef68b65
44b53b091a02b8e308a0ae273e41ce2355b7a7dbe85edffcc5ad157440080160
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "44B53B091A02B8E308A0AE273E41CE2355B7A7DBE85EDFFCC5AD157440080160"
Last-Modified: Mon, 09 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21123
Expires: Tue, 10 Jan 2023 03:32:41 GMT
Date: Mon, 09 Jan 2023 21:40:38 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 5030545ec5bd400e97e67d13bcea874d
11c259e8b30f01d41578e90cc12d013c899c72ea
52e866c8b6a52c9f4a49c346c5998be7d928caf32327b5b49aaf167ed803081e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=164861
Date: Mon, 09 Jan 2023 21:40:38 GMT
Etag: "63bc5223-1d7"
Expires: Wed, 11 Jan 2023 19:28:19 GMT
Last-Modified: Mon, 09 Jan 2023 17:42:59 GMT
Server: ECS (nyb/1D15)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 35xxPvKJODN4brp_FdVigCULT5EKLpZCc2dZ8TAI3JV6ENyjvlwXAA==
Age: 6321
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 85642ac6be9ac182e252a89bd646d291
00a0beb956cd341ff8fd242dd582210c7da73b5d
fe6554dad6e6b99f748330e3fc8e3c4b5f035b70246ba2cf0c7bdd0ac8cfeda9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FE6554DAD6E6B99F748330E3FC8E3C4B5F035B70246BA2CF0C7BDD0AC8CFEDA9"
Last-Modified: Sun, 08 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13590
Expires: Tue, 10 Jan 2023 01:27:08 GMT
Date: Mon, 09 Jan 2023 21:40:38 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 5030545ec5bd400e97e67d13bcea874d
11c259e8b30f01d41578e90cc12d013c899c72ea
52e866c8b6a52c9f4a49c346c5998be7d928caf32327b5b49aaf167ed803081e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 09 Jan 2023 21:40:38 GMT
Last-Modified: Mon, 09 Jan 2023 20:17:13 GMT
Server: ECS (nyb/1D2B)
X-Cache: Miss from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: j4dxiDxj_25YEfu0YI5jqbFL4qhki6YdXPUZ6rLAXYwlWK7O8oXQIA==
Age: 5006
banquetunarmedgrater.com/advertisers.js
173.233.137.60200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 09 Jan 2023 21:40:38 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 15aa23b67a7806b4b7321f13d691e986
Strict-Transport-Security: max-age=0; includeSubdomains
www.cvrmasterhoa.com/files/theme/fonts/Unite_700.otf?1673206141
199.34.228.159200 OK 90 kB URL HTTP/1.1 www.cvrmasterhoa.com/files/theme/fonts/Unite_700.otf?1673206141
IP 199.34.228.159:0
File type OpenType font data\012- data
Hash fa11c3ca7b2301d6b8da51b04985fb05
a9b9dae4568883ef65d130a8237343185d463f2a
36906b2b3f6a199b3c59e6d862bfb36ed52d5c8de14ce46da8a8c5890250eb17
GET /files/theme/fonts/Unite_700.otf?1673206141 HTTP/1.1
Host: www.cvrmasterhoa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/files/main_style.css?1673206141
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 09 Jan 2023 21:40:37 GMT
Content-Type: font/otf
Content-Length: 89928
Connection: keep-alive
Last-Modified: Fri, 08 May 2020 19:36:11 GMT
ETag: "fa11c3ca7b2301d6b8da51b04985fb05"
x-amz-request-id: tx000000000000000139f05-0061628516-1ff7556-las
X-Storage-Bucket: z3690
X-Storage-Object: 36906b2b3f6a199b3c59e6d862bfb36ed52d5c8de14ce46da8a8c5890250eb17
X-Host: blu49.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.cvrmasterhoa.com/files/theme/fonts/Unite_500.otf?1673206141
199.34.228.159200 OK 86 kB URL HTTP/1.1 www.cvrmasterhoa.com/files/theme/fonts/Unite_500.otf?1673206141
IP 199.34.228.159:0
File type OpenType font data\012- data
Hash 1f55925e52b9e71fd57108874184060d
e8acc9022336f58bb5ee2e2d4d98b51bebf45990
f02b5750f291a5bd474f7cdbcb7b3fa79f2016c6af20d661b490b9bf945d41fc
GET /files/theme/fonts/Unite_500.otf?1673206141 HTTP/1.1
Host: www.cvrmasterhoa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/files/main_style.css?1673206141
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 09 Jan 2023 21:40:37 GMT
Content-Type: font/otf
Content-Length: 86528
Connection: keep-alive
Last-Modified: Fri, 08 May 2020 19:36:11 GMT
x-rgw-object-type: Normal
ETag: "1f55925e52b9e71fd57108874184060d"
x-amz-request-id: tx000000000000001c47751-006284882d-b9fbc63-sfo1
X-Storage-Bucket: zf02b
X-Storage-Object: f02b5750f291a5bd474f7cdbcb7b3fa79f2016c6af20d661b490b9bf945d41fc
X-Host: grn62.sf2p.intern.weebly.net
Accept-Ranges: bytes
banquetunarmedgrater.com/advertisers.js
173.233.137.60200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 09 Jan 2023 21:40:38 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 381eac1fe4e118246c906f8f2232d26a
Strict-Transport-Security: max-age=0; includeSubdomains
fixespreoccupation.com/sbar.json?key=10a08ee828b7ca6dbd788ee5bfa604e0
192.243.59.13200 OK 4.4 kB URL HTTP/1.1 fixespreoccupation.com/sbar.json?key=10a08ee828b7ca6dbd788ee5bfa604e0
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (6121), with no line terminators
Hash a817fc7575c08325c57a931cc91eb549
1eed4408c10ab21775cb3eb7df68e68faaa376c1
582e5d1536403bf13aba48d53f2ce8f7cf0881ff0bcd3cdc879f0e81690d4781
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=10a08ee828b7ca6dbd788ee5bfa604e0 HTTP/1.1
Host: fixespreoccupation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.cvrmasterhoa.com
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 09 Jan 2023 21:40:38 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.cvrmasterhoa.com
Access-Control-Allow-Origin: https://www.cvrmasterhoa.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=18141275; expires=Tue, 10 Jan 2023 21:40:38 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 10 Jan 2023 21:40:38 GMT; secure; SameSite=None
uncs=1; expires=Tue, 10 Jan 2023 21:40:38 GMT; secure; SameSite=None
pdhtkv29=true; expires=Tue, 10 Jan 2023 21:40:38 GMT; secure; SameSite=None
uncs29=1; expires=Tue, 10 Jan 2023 21:40:38 GMT; secure; SameSite=None
slec10a08ee828b7ca6dbd788ee5bfa604e0=[3905508]; expires=Mon, 09 Jan 2023 21:40:43 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 71043efe8a94860814b6049ddf08c754
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
44.241.20.95200 OK 0 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 44.241.20.95:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.cvrmasterhoa.com/
Origin: https://www.cvrmasterhoa.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 21:40:38 GMT
content-length: 0
server: nginx
access-control-allow-origin: https://www.cvrmasterhoa.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 600
X-Firefox-Spdy: h2
moodokay.com/sbar.json?key=10a08ee828b7ca6dbd788ee5bfa604e0
173.233.139.164200 OK 4.4 kB URL HTTP/1.1 moodokay.com/sbar.json?key=10a08ee828b7ca6dbd788ee5bfa604e0
IP 173.233.139.164:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (6121), with no line terminators
Hash a817fc7575c08325c57a931cc91eb549
1eed4408c10ab21775cb3eb7df68e68faaa376c1
582e5d1536403bf13aba48d53f2ce8f7cf0881ff0bcd3cdc879f0e81690d4781
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /sbar.json?key=10a08ee828b7ca6dbd788ee5bfa604e0 HTTP/1.1
Host: moodokay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.cvrmasterhoa.com
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 09 Jan 2023 21:40:38 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.cvrmasterhoa.com
Access-Control-Allow-Origin: https://www.cvrmasterhoa.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=18141275; expires=Tue, 10 Jan 2023 21:40:38 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 10 Jan 2023 21:40:38 GMT; secure; SameSite=None
uncs=1; expires=Tue, 10 Jan 2023 21:40:38 GMT; secure; SameSite=None
pdhtkv29=true; expires=Tue, 10 Jan 2023 21:40:38 GMT; secure; SameSite=None
uncs29=1; expires=Tue, 10 Jan 2023 21:40:38 GMT; secure; SameSite=None
slec10a08ee828b7ca6dbd788ee5bfa604e0=[3905508]; expires=Mon, 09 Jan 2023 21:40:43 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 97e56b3f33224e976aea4a3a8135fb6c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
44.241.20.95200 OK 2 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 44.241.20.95:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1789
Origin: https://www.cvrmasterhoa.com
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 21:40:38 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=45031599-a678-498e-9648-9af31d438928; Expires=Tue, 09 Jan 2024 21:40:38 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.cvrmasterhoa.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
www.cvrmasterhoa.com/uploads/8/1/0/8/8108489/background-images/659437232.jpg
199.34.228.159200 OK 172 kB URL HTTP/1.1 www.cvrmasterhoa.com/uploads/8/1/0/8/8108489/background-images/659437232.jpg
IP 199.34.228.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 960x640, components 3\012- data
Size 172 kB (171649 bytes)
Hash cbcb68a019bf3dd7b284714cc66dd8f4
88d9fd17108c24af1de68b1a0dc3582626e28126
170948fd5be337645ee0d87ca76106b2126f3dc4dd417b634a54478ffa50097b
GET /uploads/8/1/0/8/8108489/background-images/659437232.jpg HTTP/1.1
Host: www.cvrmasterhoa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 09 Jan 2023 21:40:37 GMT
Content-Type: image/jpeg
Content-Length: 171649
Connection: keep-alive
Last-Modified: Sun, 24 Apr 2022 11:35:46 GMT
x-rgw-object-type: Normal
ETag: "cbcb68a019bf3dd7b284714cc66dd8f4"
x-amz-request-id: tx000000000000002e3c044-0062856522-b9fbc7f-sfo1
X-Storage-Bucket: z1709
X-Storage-Object: 170948fd5be337645ee0d87ca76106b2126f3dc4dd417b634a54478ffa50097b
X-Host: blu148.sf2p.intern.weebly.net
Accept-Ranges: bytes
fixespreoccupation.com/pixel/pure
192.243.59.13204 No Content 0 B URL HTTP/1.1 fixespreoccupation.com/pixel/pure
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /pixel/pure HTTP/1.1
Host: fixespreoccupation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.cvrmasterhoa.com/
Origin: https://www.cvrmasterhoa.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.17.6
Date: Mon, 09 Jan 2023 21:40:38 GMT
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0
fixespreoccupation.com/pixel/pure
192.243.59.13204 No Content 0 B URL HTTP/1.1 fixespreoccupation.com/pixel/pure
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /pixel/pure HTTP/1.1
Host: fixespreoccupation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.cvrmasterhoa.com/
Origin: https://www.cvrmasterhoa.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.17.6
Date: Mon, 09 Jan 2023 21:40:38 GMT
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0
fixespreoccupation.com/pixel/pure
192.243.59.13200 OK 0 B URL HTTP/1.1 fixespreoccupation.com/pixel/pure
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /pixel/pure HTTP/1.1
Host: fixespreoccupation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 73
Origin: https://www.cvrmasterhoa.com
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 09 Jan 2023 21:40:38 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
fixespreoccupation.com/pixel/pure
192.243.59.13200 OK 0 B URL HTTP/1.1 fixespreoccupation.com/pixel/pure
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /pixel/pure HTTP/1.1
Host: fixespreoccupation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 73
Origin: https://www.cvrmasterhoa.com
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 09 Jan 2023 21:40:38 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2c4b7b4dc5383dd277a7c79aae915be1
308dc2d2ad250a4e05fdbbe7520558f77959490a
ddf86e1a0a2912dc58e41cf439e09b522aeffec51399311c7483ff493b79a2cc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 21:40:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 67efa309cd1a12359fd7a5f70e366655
85ee5c0f2d9deeacbfe1a38bd18eb724138f066c
6872e796d42a65959b21ea56670a5c11643aa3bc06d51275b68dd3b23b0e1844
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 21:40:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ssl.google-analytics.com/ga.js
142.250.74.168200 OK 17 kB URL HTTP/2 ssl.google-analytics.com/ga.js
IP 142.250.74.168:0
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Mon, 09 Jan 2023 20:17:49 GMT
expires: Mon, 09 Jan 2023 22:17:49 GMT
cache-control: public, max-age=7200
age: 4970
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__en.js
142.250.74.35200 OK 165 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__en.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (658)
Size 165 kB (164706 bytes)
Hash 0b7fccb24ee065a01fdde10928c03c3f
9b198014f81844820588c202cc24bf5e03bf3dd7
68756de8f0d6742525ddaca56ab350e34d822777e86939fea27eb704ae013280
GET /recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.cvrmasterhoa.com
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 164706
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 08 Jan 2023 05:56:49 GMT
expires: Mon, 08 Jan 2024 05:56:49 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
content-type: text/javascript
age: 143030
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2c4b7b4dc5383dd277a7c79aae915be1
308dc2d2ad250a4e05fdbbe7520558f77959490a
ddf86e1a0a2912dc58e41cf439e09b522aeffec51399311c7483ff493b79a2cc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 21:40:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 67efa309cd1a12359fd7a5f70e366655
85ee5c0f2d9deeacbfe1a38bd18eb724138f066c
6872e796d42a65959b21ea56670a5c11643aa3bc06d51275b68dd3b23b0e1844
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 21:40:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
simplewebanalysis.com/stats
52.28.184.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.184.54:0
File type ASCII text, with no line terminators
Hash f1d95add4d8d5771b5317048f0ec4a68
7b458738cf173c30cfc948ddb9025d25302abb3d
f8cc10187fda2b4e6b2166327302987708e0258c6fd260856c67c6c9b3af534e
Analyzer Verdict Alert fortinet Malware
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.cvrmasterhoa.com
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Cookie: uid_id2=9ddaf83e-5424-4f21-a59b-3d3968dd053d:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 21:40:39 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.cvrmasterhoa.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
52.28.184.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.184.54:0
File type ASCII text, with no line terminators
Hash f1d95add4d8d5771b5317048f0ec4a68
7b458738cf173c30cfc948ddb9025d25302abb3d
f8cc10187fda2b4e6b2166327302987708e0258c6fd260856c67c6c9b3af534e
Analyzer Verdict Alert fortinet Malware
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.cvrmasterhoa.com
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Cookie: uid_id2=9ddaf83e-5424-4f21-a59b-3d3968dd053d:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 21:40:39 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.cvrmasterhoa.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
www.cvrmasterhoa.com/favicon.ico
199.34.228.159200 OK 17 kB URL HTTP/1.1 www.cvrmasterhoa.com/favicon.ico
IP 199.34.228.159:0
File type MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel\012- data
Hash 41fa504dcf6d47f8cc14cb73d1c0eb21
f0df21c006942a41d9504bbb535b8ddf0f35c8b7
3935c813bb1aa3af5a188bff2a701bebebf0837df887a74181ec739818c4fabb
GET /favicon.ico HTTP/1.1
Host: www.cvrmasterhoa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Cookie: is_mobile=0; language=en; _snow_ses.5834=*; _snow_id.5834=6ff76367-d3e6-463a-ba83-0a3a6c99b2a7.1673300424.1.1673300424.1673300424.54f88f02-b53d-4942-bf3f-be2d9a150beb; ppu_main_53c8d18ca14399fa01b893dc9ee5e6a3=1; sb_main_10a08ee828b7ca6dbd788ee5bfa604e0=1; sb_count_10a08ee828b7ca6dbd788ee5bfa604e0=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 09 Jan 2023 21:40:39 GMT
Content-Type: image/vnd.microsoft.icon
Content-Length: 16958
Connection: keep-alive
Last-Modified: Sun, 08 Dec 2019 20:10:11 GMT
x-rgw-object-type: Normal
ETag: "41fa504dcf6d47f8cc14cb73d1c0eb21"
x-amz-request-id: tx0000000000000025eef4c-0062851215-b9fbc77-sfo1
X-Storage-Bucket: z3935
X-Storage-Object: 3935c813bb1aa3af5a188bff2a701bebebf0837df887a74181ec739818c4fabb
X-Host: blu135.sf2p.intern.weebly.net
Accept-Ranges: bytes
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 4ddd98b6ab63dbf5040902c410304d63
3dbf940bcbb4eb809385643887bb4c0f40129e66
c94a391bda006ab6ebae97402e28134afbb64c7134199eee639865f4439e46f7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C94A391BDA006AB6EBAE97402E28134AFBB64C7134199EEE639865F4439E46F7"
Last-Modified: Mon, 09 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16116
Expires: Tue, 10 Jan 2023 02:09:15 GMT
Date: Mon, 09 Jan 2023 21:40:39 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 4ddd98b6ab63dbf5040902c410304d63
3dbf940bcbb4eb809385643887bb4c0f40129e66
c94a391bda006ab6ebae97402e28134afbb64c7134199eee639865f4439e46f7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C94A391BDA006AB6EBAE97402E28134AFBB64C7134199EEE639865F4439E46F7"
Last-Modified: Mon, 09 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16116
Expires: Tue, 10 Jan 2023 02:09:15 GMT
Date: Mon, 09 Jan 2023 21:40:39 GMT
Connection: keep-alive
moodokay.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTYscVRR9lYzgx8oQUBGhlhGk86o%2FprvNIhhjQjBOJh86C1fvq3qe87pe8V5VV0%2BvBgMSdx1c6LLm9EyGaAjOPqL0uJHZOC1ERnQg6A8QBNfSPQ2DF6ruve%2FcxTnn3s828yNCkbPD5Q%2FsQBvDzjcqNDy3ohNpCx8u3QkjWqEXwhWdLNYvhP3pz%2FXejmijQt8MryqxZs9XaURpRKPwinYqtv3zMxQ6fdSOKm1aqVcrUaOOvvt%2F7%2FMAngWQvSNyBlpOnlv9aRdajJF0v72s%2FFpm07fe6%2BaGZdahJ3c%2BTNYSWyTonpSxCxAnO%2FNpWD8h5KtTsMnOXAFsb2uqAFxPSPBrBJ7szGmC97aPmXIDlYDLl1D0xlBmDM3GEPYutDwggJBYuoGk%2B2DJuoKtH6Nsik7Iwr%2F%2FQBcTsvDHWSTdx5eM7oe3rckzbROPflxC98fQnTHSfA%2FZIIAu9iCyT6ElQdItoWU5U631GDoew6ghmA%2BQTz8dII8D5GmArjwMWaMdU9qMeVyrtepCiFpNiEZrUTZkrd6KKXIxpTVElg4hzBDCbSB1G1jT9w8aZ%2BDyH%2BBXS3gZwGcTEtzcQE%2BWKBRB4QkKRlBogiIjKHrltjS%2B6ssH0vicR%2FNcnedaObJZZ5Nt26yjErKZHpGXp5YEZ3%2F%2BGGvqMIwooy2lWtUWbwq2KLlstlpKNXjMFmldUXhdQvtTM7UDPSHhn%2BeQ6gl54aYHZ3vwZg9CnwbL3wArRs0qBVsd1VsUg2Q3ddYzbUSeZcpVhO1C2hJptoBsPdg0R%2BS12X4ufPkXlNi%2F%2BNuzq4%2FPDp5BuBKpK%2FGJ%2FpGgY%2B6NbtmCbN2yhSe7N9JMd%2FWATXd3O2OZWvj6fbVeWCevXfbDh%2B%2BIKTAtH91RPrvOEqmTjiffXNJSKnfFOqHId9f8iuLLuV%2B9lLskT68vv3vlWjd1ynttkzGYPnAPIfSEvPj767OrDJ9%2FBdqN4fIS3XyfzAPa7kGkG%2FDp%2FsWnHy28%2BkX2BN4SOHMyw9MARV6OXJWfPBpNYNRJz3gJr04s4Gr%2F%2B7%2BPsU1%2FDx0XgGV3Z7fYcyV6pgQzQ%2Fj89ChL3f7FX2qzADfBiBsXbHHjzP1ja70%2BDFUjprGiVcXjNo%2BbjMp2XG9z1o5UkzdYhMxPxJPPn%2F4HAAD%2F%2FwEAAP%2F%2FrOHYO20EAAA%3D
173.233.139.164200 OK 7 B URL HTTP/1.1 moodokay.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTYscVRR9lYzgx8oQUBGhlhGk86o%2FprvNIhhjQjBOJh86C1fvq3qe87pe8V5VV0%2BvBgMSdx1c6LLm9EyGaAjOPqL0uJHZOC1ERnQg6A8QBNfSPQ2DF6ruve%2FcxTnn3s828yNCkbPD5Q%2FsQBvDzjcqNDy3ohNpCx8u3QkjWqEXwhWdLNYvhP3pz%2FXejmijQt8MryqxZs9XaURpRKPwinYqtv3zMxQ6fdSOKm1aqVcrUaOOvvt%2F7%2FMAngWQvSNyBlpOnlv9aRdajJF0v72s%2FFpm07fe6%2BaGZdahJ3c%2BTNYSWyTonpSxCxAnO%2FNpWD8h5KtTsMnOXAFsb2uqAFxPSPBrBJ7szGmC97aPmXIDlYDLl1D0xlBmDM3GEPYutDwggJBYuoGk%2B2DJuoKtH6Nsik7Iwr%2F%2FQBcTsvDHWSTdx5eM7oe3rckzbROPflxC98fQnTHSfA%2FZIIAu9iCyT6ElQdItoWU5U631GDoew6ghmA%2BQTz8dII8D5GmArjwMWaMdU9qMeVyrtepCiFpNiEZrUTZkrd6KKXIxpTVElg4hzBDCbSB1G1jT9w8aZ%2BDyH%2BBXS3gZwGcTEtzcQE%2BWKBRB4QkKRlBogiIjKHrltjS%2B6ssH0vicR%2FNcnedaObJZZ5Nt26yjErKZHpGXp5YEZ3%2F%2BGGvqMIwooy2lWtUWbwq2KLlstlpKNXjMFmldUXhdQvtTM7UDPSHhn%2BeQ6gl54aYHZ3vwZg9CnwbL3wArRs0qBVsd1VsUg2Q3ddYzbUSeZcpVhO1C2hJptoBsPdg0R%2BS12X4ufPkXlNi%2F%2BNuzq4%2FPDp5BuBKpK%2FGJ%2FpGgY%2B6NbtmCbN2yhSe7N9JMd%2FWATXd3O2OZWvj6fbVeWCevXfbDh%2B%2BIKTAtH91RPrvOEqmTjiffXNJSKnfFOqHId9f8iuLLuV%2B9lLskT68vv3vlWjd1ynttkzGYPnAPIfSEvPj767OrDJ9%2FBdqN4fIS3XyfzAPa7kGkG%2FDp%2FsWnHy28%2BkX2BN4SOHMyw9MARV6OXJWfPBpNYNRJz3gJr04s4Gr%2F%2B7%2BPsU1%2FDx0XgGV3Z7fYcyV6pgQzQ%2Fj89ChL3f7FX2qzADfBiBsXbHHjzP1ja70%2BDFUjprGiVcXjNo%2BbjMp2XG9z1o5UkzdYhMxPxJPPn%2F4HAAD%2F%2FwEAAP%2F%2FrOHYO20EAAA%3D
IP 173.233.139.164:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSTYscVRR9lYzgx8oQUBGhlhGk86o%2FprvNIhhjQjBOJh86C1fvq3qe87pe8V5VV0%2BvBgMSdx1c6LLm9EyGaAjOPqL0uJHZOC1ERnQg6A8QBNfSPQ2DF6ruve%2FcxTnn3s828yNCkbPD5Q%2FsQBvDzjcqNDy3ohNpCx8u3QkjWqEXwhWdLNYvhP3pz%2FXejmijQt8MryqxZs9XaURpRKPwinYqtv3zMxQ6fdSOKm1aqVcrUaOOvvt%2F7%2FMAngWQvSNyBlpOnlv9aRdajJF0v72s%2FFpm07fe6%2BaGZdahJ3c%2BTNYSWyTonpSxCxAnO%2FNpWD8h5KtTsMnOXAFsb2uqAFxPSPBrBJ7szGmC97aPmXIDlYDLl1D0xlBmDM3GEPYutDwggJBYuoGk%2B2DJuoKtH6Nsik7Iwr%2F%2FQBcTsvDHWSTdx5eM7oe3rckzbROPflxC98fQnTHSfA%2FZIIAu9iCyT6ElQdItoWU5U631GDoew6ghmA%2BQTz8dII8D5GmArjwMWaMdU9qMeVyrtepCiFpNiEZrUTZkrd6KKXIxpTVElg4hzBDCbSB1G1jT9w8aZ%2BDyH%2BBXS3gZwGcTEtzcQE%2BWKBRB4QkKRlBogiIjKHrltjS%2B6ssH0vicR%2FNcnedaObJZZ5Nt26yjErKZHpGXp5YEZ3%2F%2BGGvqMIwooy2lWtUWbwq2KLlstlpKNXjMFmldUXhdQvtTM7UDPSHhn%2BeQ6gl54aYHZ3vwZg9CnwbL3wArRs0qBVsd1VsUg2Q3ddYzbUSeZcpVhO1C2hJptoBsPdg0R%2BS12X4ufPkXlNi%2F%2BNuzq4%2FPDp5BuBKpK%2FGJ%2FpGgY%2B6NbtmCbN2yhSe7N9JMd%2FWATXd3O2OZWvj6fbVeWCevXfbDh%2B%2BIKTAtH91RPrvOEqmTjiffXNJSKnfFOqHId9f8iuLLuV%2B9lLskT68vv3vlWjd1ynttkzGYPnAPIfSEvPj767OrDJ9%2FBdqN4fIS3XyfzAPa7kGkG%2FDp%2FsWnHy28%2BkX2BN4SOHMyw9MARV6OXJWfPBpNYNRJz3gJr04s4Gr%2F%2B7%2BPsU1%2FDx0XgGV3Z7fYcyV6pgQzQ%2Fj89ChL3f7FX2qzADfBiBsXbHHjzP1ja70%2BDFUjprGiVcXjNo%2BbjMp2XG9z1o5UkzdYhMxPxJPPn%2F4HAAD%2F%2FwEAAP%2F%2FrOHYO20EAAA%3D HTTP/1.1
Host: moodokay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Cookie: u_pl=18141275; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec10a08ee828b7ca6dbd788ee5bfa604e0=[3905508]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 09 Jan 2023 21:40:39 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0c285335afbc4bc5a6bd41b219ec7702
Strict-Transport-Security: max-age=0; includeSubdomains
fixespreoccupation.com/pixel/pure
192.243.59.13200 OK 0 B URL HTTP/1.1 fixespreoccupation.com/pixel/pure
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /pixel/pure HTTP/1.1
Host: fixespreoccupation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 73
Origin: https://www.cvrmasterhoa.com
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 09 Jan 2023 21:40:39 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
fixespreoccupation.com/pixel/pure
192.243.59.13200 OK 0 B URL HTTP/1.1 fixespreoccupation.com/pixel/pure
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /pixel/pure HTTP/1.1
Host: fixespreoccupation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 73
Origin: https://www.cvrmasterhoa.com
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 09 Jan 2023 21:40:39 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
fixespreoccupation.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTYscVRR9lYzgx8oQUBGhlhGk86o%2FprvNIhhjQjBOJh86C1fvq3qe87pe8V5VV0%2BvBgMSdx1c6LLm9EyGaAjOPqL0uJHZOC1ERnQg6A8QBNfSPQ2DF6ruve%2FcxTnn3s828yNCkbPD5Q%2FsQBvDzjcqNDy3ohNpCx8u3QkjWqEXwhWdLNYvhP3pz%2FXejmijQt8MryqxZs9XaURpRKPwinYqtv3zMxQ6fdSOKm1aqVcrUaOOvvt%2F7%2FMAngWQvSNyBlpOnlv9aRdajJF0v72s%2FFpm07fe6%2BaGZdahJ3c%2BTNYSWyTonpSxCxAnO%2FNpWD8h5KtTsMnOXAFsb2uqAFxPSPBrBJ7szGmC97aPmXIDlYDLl1D0xlBmDM3GEPYutDwggJBYuoGk%2B2DJuoKtH6Nsik7Iwr%2F%2FQBcTsvDHWSTdx5eM7oe3rckzbROPflxC98fQnTHSfA%2FZIIAu9iCyT6ElQdItoWU5U631GDoew6ghmA%2BQTz8dII8D5GmArjwMWaMdU9qMeVyrtepCiFpNiEZrUTZkrd6KKXIxpTVElg4hzBDCbSB1G1jT9w8aZ%2BDyH%2BBXS3gZwGcTEtzcQE%2BWKBRB4QkKRlBogiIjKHrltjS%2B6ssH0vicR%2FNcnedaObJZZ5Nt26yjErKZHpGXp5YEZ3%2F%2BGGvqMIwooy2lWtUWbwq2KLlstlpKNXjMFmldUXhdQvtTM7UDPSHhn%2BeQ6gl54aYHZ3vwZg9CnwbL3wArRs0qBVsd1VsUg2Q3ddYzbUSeZcpVhO1C2hJptoBsPdg0R%2BS12X4ufPkXlNi%2F%2BNuzq4%2FPDp5BuBKpK%2FGJ%2FpGgY%2B6NbtmCbN2yhSe7N9JMd%2FWATXd3O2OZWvj6fbVeWCevXfbDh%2B%2BIKTAtH91RPrvOEqmTjiffXNJSKnfFOqHId9f8iuLLuV%2B9lLskT68vv3vlWjd1ynttkzGYPnAPIfSEvPj767OrDJ9%2FBdqN4fIS3XyfzAPa7kGkG%2FDp%2FsWnHy28%2BkX2BN4SOHMyw9MARV6OXJWfPBpNYNRJz3gJr04s4Gr%2F%2B7%2BPsU1%2FDx0XgGV3Z7fYcyV6pgQzQ%2Fj89ChL3f7FX2qzADfBiBsXbHHjzP1ja70%2BDFUjprGiVcXjNo%2BbjMp2XG9z1o5UkzdYhMxPxJPPn%2F4HAAD%2F%2FwEAAP%2F%2FrOHYO20EAAA%3D
192.243.59.13200 OK 7 B URL HTTP/1.1 fixespreoccupation.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTYscVRR9lYzgx8oQUBGhlhGk86o%2FprvNIhhjQjBOJh86C1fvq3qe87pe8V5VV0%2BvBgMSdx1c6LLm9EyGaAjOPqL0uJHZOC1ERnQg6A8QBNfSPQ2DF6ruve%2FcxTnn3s828yNCkbPD5Q%2FsQBvDzjcqNDy3ohNpCx8u3QkjWqEXwhWdLNYvhP3pz%2FXejmijQt8MryqxZs9XaURpRKPwinYqtv3zMxQ6fdSOKm1aqVcrUaOOvvt%2F7%2FMAngWQvSNyBlpOnlv9aRdajJF0v72s%2FFpm07fe6%2BaGZdahJ3c%2BTNYSWyTonpSxCxAnO%2FNpWD8h5KtTsMnOXAFsb2uqAFxPSPBrBJ7szGmC97aPmXIDlYDLl1D0xlBmDM3GEPYutDwggJBYuoGk%2B2DJuoKtH6Nsik7Iwr%2F%2FQBcTsvDHWSTdx5eM7oe3rckzbROPflxC98fQnTHSfA%2FZIIAu9iCyT6ElQdItoWU5U631GDoew6ghmA%2BQTz8dII8D5GmArjwMWaMdU9qMeVyrtepCiFpNiEZrUTZkrd6KKXIxpTVElg4hzBDCbSB1G1jT9w8aZ%2BDyH%2BBXS3gZwGcTEtzcQE%2BWKBRB4QkKRlBogiIjKHrltjS%2B6ssH0vicR%2FNcnedaObJZZ5Nt26yjErKZHpGXp5YEZ3%2F%2BGGvqMIwooy2lWtUWbwq2KLlstlpKNXjMFmldUXhdQvtTM7UDPSHhn%2BeQ6gl54aYHZ3vwZg9CnwbL3wArRs0qBVsd1VsUg2Q3ddYzbUSeZcpVhO1C2hJptoBsPdg0R%2BS12X4ufPkXlNi%2F%2BNuzq4%2FPDp5BuBKpK%2FGJ%2FpGgY%2B6NbtmCbN2yhSe7N9JMd%2FWATXd3O2OZWvj6fbVeWCevXfbDh%2B%2BIKTAtH91RPrvOEqmTjiffXNJSKnfFOqHId9f8iuLLuV%2B9lLskT68vv3vlWjd1ynttkzGYPnAPIfSEvPj767OrDJ9%2FBdqN4fIS3XyfzAPa7kGkG%2FDp%2FsWnHy28%2BkX2BN4SOHMyw9MARV6OXJWfPBpNYNRJz3gJr04s4Gr%2F%2B7%2BPsU1%2FDx0XgGV3Z7fYcyV6pgQzQ%2Fj89ChL3f7FX2qzADfBiBsXbHHjzP1ja70%2BDFUjprGiVcXjNo%2BbjMp2XG9z1o5UkzdYhMxPxJPPn%2F4HAAD%2F%2FwEAAP%2F%2FrOHYO20EAAA%3D
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSTYscVRR9lYzgx8oQUBGhlhGk86o%2FprvNIhhjQjBOJh86C1fvq3qe87pe8V5VV0%2BvBgMSdx1c6LLm9EyGaAjOPqL0uJHZOC1ERnQg6A8QBNfSPQ2DF6ruve%2FcxTnn3s828yNCkbPD5Q%2FsQBvDzjcqNDy3ohNpCx8u3QkjWqEXwhWdLNYvhP3pz%2FXejmijQt8MryqxZs9XaURpRKPwinYqtv3zMxQ6fdSOKm1aqVcrUaOOvvt%2F7%2FMAngWQvSNyBlpOnlv9aRdajJF0v72s%2FFpm07fe6%2BaGZdahJ3c%2BTNYSWyTonpSxCxAnO%2FNpWD8h5KtTsMnOXAFsb2uqAFxPSPBrBJ7szGmC97aPmXIDlYDLl1D0xlBmDM3GEPYutDwggJBYuoGk%2B2DJuoKtH6Nsik7Iwr%2F%2FQBcTsvDHWSTdx5eM7oe3rckzbROPflxC98fQnTHSfA%2FZIIAu9iCyT6ElQdItoWU5U631GDoew6ghmA%2BQTz8dII8D5GmArjwMWaMdU9qMeVyrtepCiFpNiEZrUTZkrd6KKXIxpTVElg4hzBDCbSB1G1jT9w8aZ%2BDyH%2BBXS3gZwGcTEtzcQE%2BWKBRB4QkKRlBogiIjKHrltjS%2B6ssH0vicR%2FNcnedaObJZZ5Nt26yjErKZHpGXp5YEZ3%2F%2BGGvqMIwooy2lWtUWbwq2KLlstlpKNXjMFmldUXhdQvtTM7UDPSHhn%2BeQ6gl54aYHZ3vwZg9CnwbL3wArRs0qBVsd1VsUg2Q3ddYzbUSeZcpVhO1C2hJptoBsPdg0R%2BS12X4ufPkXlNi%2F%2BNuzq4%2FPDp5BuBKpK%2FGJ%2FpGgY%2B6NbtmCbN2yhSe7N9JMd%2FWATXd3O2OZWvj6fbVeWCevXfbDh%2B%2BIKTAtH91RPrvOEqmTjiffXNJSKnfFOqHId9f8iuLLuV%2B9lLskT68vv3vlWjd1ynttkzGYPnAPIfSEvPj767OrDJ9%2FBdqN4fIS3XyfzAPa7kGkG%2FDp%2FsWnHy28%2BkX2BN4SOHMyw9MARV6OXJWfPBpNYNRJz3gJr04s4Gr%2F%2B7%2BPsU1%2FDx0XgGV3Z7fYcyV6pgQzQ%2Fj89ChL3f7FX2qzADfBiBsXbHHjzP1ja70%2BDFUjprGiVcXjNo%2BbjMp2XG9z1o5UkzdYhMxPxJPPn%2F4HAAD%2F%2FwEAAP%2F%2FrOHYO20EAAA%3D HTTP/1.1
Host: fixespreoccupation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Cookie: u_pl=18141275; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec10a08ee828b7ca6dbd788ee5bfa604e0=[3905508]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 09 Jan 2023 21:40:39 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9b4dd24958ce5aab452483b1755b7bf8
Strict-Transport-Security: max-age=0; includeSubdomains
e1.o.lencr.org/
23.33.119.27200 OK 344 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash cf97d829cb7286adfc1f53b9cce57555
f6ccb6b622f44d98257ec11a9052e1bc825ca0a7
917eabeb5f9c427bc00cc74c9457104b6cbe6709d9822441d8551b78c3ecc7ea
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "917EABEB5F9C427BC00CC74C9457104B6CBE6709D9822441D8551B78C3ECC7EA"
Last-Modified: Mon, 09 Jan 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10734
Expires: Tue, 10 Jan 2023 00:39:33 GMT
Date: Mon, 09 Jan 2023 21:40:39 GMT
Connection: keep-alive
e1.o.lencr.org/
23.33.119.27200 OK 344 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash cf97d829cb7286adfc1f53b9cce57555
f6ccb6b622f44d98257ec11a9052e1bc825ca0a7
917eabeb5f9c427bc00cc74c9457104b6cbe6709d9822441d8551b78c3ecc7ea
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "917EABEB5F9C427BC00CC74C9457104B6CBE6709D9822441D8551B78C3ECC7EA"
Last-Modified: Mon, 09 Jan 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10734
Expires: Tue, 10 Jan 2023 00:39:33 GMT
Date: Mon, 09 Jan 2023 21:40:39 GMT
Connection: keep-alive
fixespreoccupation.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F0c%2Fc8%2Fe1%2F0cc8e13ba9d5dbc867b982993e805a9d%2F1632728593.html&l=1325&fd=137
192.243.59.13200 OK 0 B URL HTTP/1.1 fixespreoccupation.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F0c%2Fc8%2Fe1%2F0cc8e13ba9d5dbc867b982993e805a9d%2F1632728593.html&l=1325&fd=137
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F0c%2Fc8%2Fe1%2F0cc8e13ba9d5dbc867b982993e805a9d%2F1632728593.html&l=1325&fd=137 HTTP/1.1
Host: fixespreoccupation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Cookie: u_pl=18141275; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec10a08ee828b7ca6dbd788ee5bfa604e0=[3905508]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 09 Jan 2023 21:40:39 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
browser.sentry-cdn.com/4.5.3/bundle.min.js
151.101.130.217200 OK 22 kB URL HTTP/2 browser.sentry-cdn.com/4.5.3/bundle.min.js
IP 151.101.130.217:0
File type ASCII text, with very long lines (65447)
Hash 28e5dd38e927f10c1ce94d84470a83b3
bb0ffeec4c2dccb180db338274ca98d3a6629e0f
c163491a46e5432b5289cd89a3901e9601148b4816c08e820fb19a01a2567cdd
GET /4.5.3/bundle.min.js HTTP/1.1
Host: browser.sentry-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 03 Nov 2023 09:42:01 GMT
last-modified: Mon, 21 Jan 2019 13:03:48 GMT
etag: "28e5dd38e927f10c1ce94d84470a83b3"
content-type: application/javascript; charset=utf-8
content-encoding: gzip
accept-ranges: bytes
date: Mon, 09 Jan 2023 21:40:39 GMT
age: 5831918
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 22423
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7a82bb3ba0a326fb70f08e8c0f60f482
705e262596426fe42f6255ea5235bb34963387bf
172b73337c73e68ac341cf3527a49a49ad688fb954b67500cadc434b0e84f640
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 21:40:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a54dad63048a25519e177ee43de8449a
46f28f6c24051bba36e6aac0436be1f66d9b621f
207911b5cc2678d6ea27497a9938b1921a47afa0aea3895dba4d2e16efb13b8e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "207911B5CC2678D6EA27497A9938B1921A47AFA0AEA3895DBA4D2E16EFB13B8E"
Last-Modified: Mon, 09 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15821
Expires: Tue, 10 Jan 2023 02:04:20 GMT
Date: Mon, 09 Jan 2023 21:40:39 GMT
Connection: keep-alive
cdn.barscreative1.com/sb/au/0c/c8/e1/0cc8e13ba9d5dbc867b982993e805a9d/1632728593.html
45.133.44.4200 OK 5.7 kB URL HTTP/2 cdn.barscreative1.com/sb/au/0c/c8/e1/0cc8e13ba9d5dbc867b982993e805a9d/1632728593.html
IP 45.133.44.4:0
ASN #39572 DataWeb Global Group B.V.
Hash c088ae00a207f44006146168535b9aa8
eca74904dc520e314cadc5ab2064bbc666243e16
0d8ead8ebcd726079e3602b52fb7fc57a8db202682124ca95bc70cacbb0e2058
Analyzer Verdict Alert fortinet Phishing
GET /sb/au/0c/c8/e1/0cc8e13ba9d5dbc867b982993e805a9d/1632728593.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.cvrmasterhoa.com
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 21:40:39 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Mon, 27 Sep 2021 07:43:24 GMT
etag: W/"6151761c-52d"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Mon, 09 Jan 2023 22:40:39 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 344 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash cf97d829cb7286adfc1f53b9cce57555
f6ccb6b622f44d98257ec11a9052e1bc825ca0a7
917eabeb5f9c427bc00cc74c9457104b6cbe6709d9822441d8551b78c3ecc7ea
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "917EABEB5F9C427BC00CC74C9457104B6CBE6709D9822441D8551B78C3ECC7EA"
Last-Modified: Mon, 09 Jan 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10734
Expires: Tue, 10 Jan 2023 00:39:33 GMT
Date: Mon, 09 Jan 2023 21:40:39 GMT
Connection: keep-alive
fixespreoccupation.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fanimate.css&l=79245&fd=265
192.243.59.13200 OK 0 B URL HTTP/1.1 fixespreoccupation.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fanimate.css&l=79245&fd=265
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fanimate.css&l=79245&fd=265 HTTP/1.1
Host: fixespreoccupation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Cookie: u_pl=18141275; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec10a08ee828b7ca6dbd788ee5bfa604e0=[3905508]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 09 Jan 2023 21:40:39 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash afb594a739384271fa576d2aad80ada4
89fdd5bf789c30dcc3448d8c827643df86a9ee39
6c863e0fc951d557ce691dfee0deb46fa8018ec075d63c0b14a7b821842850a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6C863E0FC951D557CE691DFEE0DEB46FA8018EC075D63C0B14A7B821842850A9"
Last-Modified: Mon, 09 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1448
Expires: Mon, 09 Jan 2023 22:04:47 GMT
Date: Mon, 09 Jan 2023 21:40:39 GMT
Connection: keep-alive
cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/css/style.css
172.64.166.9200 OK 963 B URL HTTP/2 cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/css/style.css
IP 172.64.166.9:0
Hash 4594dfc94442a13bf3917be3888c738a
3405f3d6a7b9cd502718edb934d66be6aebdf430
65c77c40332cdf51fd7a6ed87685eb169e605979563feb15e0b9ed1f89623171
GET /sb/ssp/vpn/classic-push/small/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.cvrmasterhoa.com
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 21:40:39 GMT
content-type: text/css
last-modified: Tue, 21 Sep 2021 12:03:42 GMT
etag: W/"6149ca1e-d31"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YNedLvnH4i7E0EBXIk%2B%2BuThyyEfsqbmKrxOh%2FaWszbCjcvvZYftSinmcWWO8fi%2FMIpaZwYTKYZ86T%2Bs3cS10gKWBzMipB8zQxa6SQFmkoLnQeXplUlZzx%2BCbL8AaNYBN0XtsZijAXtqv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 787055239af923cf-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
unseenreport.com/pxf.gif?uuid=9ddaf83e-5424-4f21-a59b-3d3968dd053d&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=10a08ee828b7ca6dbd788ee5bfa604e0&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21
192.243.61.225200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=9ddaf83e-5424-4f21-a59b-3d3968dd053d&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=10a08ee828b7ca6dbd788ee5bfa604e0&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=9ddaf83e-5424-4f21-a59b-3d3968dd053d&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=10a08ee828b7ca6dbd788ee5bfa604e0&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 09 Jan 2023 21:40:40 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 71c2f2e422d570d692a76d86c5e44d20
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=9ddaf83e-5424-4f21-a59b-3d3968dd053d&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=53c8d18ca14399fa01b893dc9ee5e6a3&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21
192.243.61.225200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=9ddaf83e-5424-4f21-a59b-3d3968dd053d&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=53c8d18ca14399fa01b893dc9ee5e6a3&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=9ddaf83e-5424-4f21-a59b-3d3968dd053d&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=53c8d18ca14399fa01b893dc9ee5e6a3&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 09 Jan 2023 21:40:40 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4509fade6dc63983bf5a31b2562d9f24
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/css/style.css
172.64.166.9200 OK 11 kB URL HTTP/2 cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/css/style.css
IP 172.64.166.9:0
Hash 7fae161f63c50cce8bf3ae938630c22a
e7cd6afc42065b8d233f32c46e876e6590542e69
d16c0c185fd8191d985b1f79373d27d239ac92e15d71a09489ae7d64b010cb5f
GET /sb/ssp/vpn/classic-push/small/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.cvrmasterhoa.com
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 21:40:39 GMT
content-type: text/css
last-modified: Tue, 21 Sep 2021 12:03:42 GMT
etag: W/"6149ca1e-d31"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IVNXtvq3bHJvZa4Vql4PYKgfHq%2B%2FqrHyshgTWCWaLVOyr4o5eiIOXKR%2FpvO8dAkqtiiEVPDqniD9aZxHR86GEJxXtAsGbNEK5%2B2u1Zvh4BGavdjiSCe5Pod9eTiGp9ZKrJwLa1Pma3bR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 787055239afe23cf-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
weebly.apps.farm/log.js?v=0.14233849522235542&key=a10f30deb1a04d488632594dc1fb1e57&id=1434872
188.114.97.1200 OK 0 B URL HTTP/2 weebly.apps.farm/log.js?v=0.14233849522235542&key=a10f30deb1a04d488632594dc1fb1e57&id=1434872
IP 188.114.97.1:0
GET /log.js?v=0.14233849522235542&key=a10f30deb1a04d488632594dc1fb1e57&id=1434872 HTTP/1.1
Host: weebly.apps.farm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 21:40:39 GMT
content-type: application/javascript
last-modified: Tue, 16 Apr 2019 11:23:18 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xjgd%2BSXWHVGlf0BEwW1y5Zm9eCTFYj3EiA19xxoljAZ7KYMpRWicRidV4vdA28Zun82CJBBPrIB3VdL5xhdJAXLFGl7LoJ9yEgU9qgfkgIo0dPfsX1ti0FaU6apbVuAnZDjv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 787055229bf4b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/css/animate.css
172.64.166.9200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/css/animate.css
IP 172.64.166.9:0
GET /sb/ssp/vpn/classic-push/small/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.cvrmasterhoa.com
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 21:40:39 GMT
content-type: text/css
last-modified: Tue, 21 Sep 2021 12:03:42 GMT
etag: W/"6149ca1e-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pxIa65tDddE1EstRZL1LKzYVfgLkxvXRF2%2BCDKhpk6SPfIvhP5ODrYjmBdWD9tx%2FR1AYfCEwOCyV%2FXvetb3EY0JDhRKBDvoqt88J9bT5aPo24VcVo%2FJklPfJknKdyskO8hLzJAzuEL%2Fh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 787055238af723cf-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
172.64.109.35200 OK 0 B URL HTTP/2 friendshipmale.com/sfp.js
IP 172.64.109.35:0
Analyzer Verdict Alert fortinet Malware
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 21:40:37 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 76f3df4c206bf9423a0a3f467eff03a3
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Mon, 09 Jan 2023 21:40:37 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y7%2B6aw9q2O2ujojc3gXYmB0ULfZUt28D7mGTexxnVV9JPtz%2FmWY8zMvzuRZgwr9fLf7poyZCYRqXLsby7Jvx0uY0HP13UIxx3DCjqWf%2FScLcd%2BAF%2BVPnc6gjTFWvnxkodhkd8sc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 787055166a6072d8-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/au/0c/c8/e1/0cc8e13ba9d5dbc867b982993e805a9d/1632728593.html
45.133.44.4200 OK 0 B URL HTTP/2 cdn.barscreative1.com/sb/au/0c/c8/e1/0cc8e13ba9d5dbc867b982993e805a9d/1632728593.html
IP 45.133.44.4:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert fortinet Phishing
GET /sb/au/0c/c8/e1/0cc8e13ba9d5dbc867b982993e805a9d/1632728593.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.cvrmasterhoa.com
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 21:40:39 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Mon, 27 Sep 2021 07:43:24 GMT
etag: W/"6151761c-52d"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Mon, 09 Jan 2023 22:40:39 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
cdn2.editmysite.com/css/social-icons.css?buildtime=1673052315
151.101.129.46200 OK 0 B URL HTTP/2 cdn2.editmysite.com/css/social-icons.css?buildtime=1673052315
IP 151.101.129.46:0
GET /css/social-icons.css?buildtime=1673052315 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cvrmasterhoa.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Sat, 07 Jan 2023 00:20:28 GMT
etag: W/"63b8bacc-3319"
expires: Sat, 21 Jan 2023 00:48:26 GMT
cache-control: max-age=1209600
x-host: grn26.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 09 Jan 2023 21:40:36 GMT
age: 247931
x-served-by: cache-sjc10083-SJC, cache-bma1681-BMA
x-cache: HIT, HIT
x-cache-hits: 113, 324
x-timer: S1673300437.563784,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1640
X-Firefox-Spdy: h2