Report - catalogojitanjafora.org/img/ciudad/

Report Overview

Submitted URL
catalogojitanjafora.org/img/ciudad/
IP
200.58.111.50
ASN
#27823 Dattatec.com
Submitted
2022-12-06 10:41:32
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
32

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.usertrust.com	899	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	342 B	2.8 kB	104.18.32.68
hb.bancociudad.com.ar	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	403 B	9.5 kB	45.233.70.123
analytics.redlink.com.ar	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	867 B	921 B	45.233.68.25
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	3.6 kB	93.184.220.29
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
catalogojitanjafora.org	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.8 kB	1.3 MB	200.58.111.50
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.161.136.21
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	73 kB	34.120.237.76
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	963 B	172.64.155.188
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.76.226
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-12-05	medium	catalogojitanjafora.org/img/ciudad/	Banco Ciudad

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-06	medium	catalogojitanjafora.org/img/ciudad/	Phishing
2022-12-06	medium	catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/jquery-3.5.1.slim.min.js.descarga	Phishing
2022-12-06	medium	catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/colors.js.descarga	Phishing
2022-12-06	medium	catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/popper.min.js.descarga	Phishing
2022-12-06	medium	catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/bootstrap.min.js.descarga	Phishing
2022-12-06	medium	catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/serviceworker.js.descarga	Phishing
2022-12-06	medium	catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/runtime.ec2944dd8b20ec099bf3.js.descarga	Phishing
2022-12-06	medium	catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/polyfills.78e7bb2b516c2ee870f0.js.descarga	Phishing
2022-12-06	medium	catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/ciudad.svg	Phishing
2022-12-06	medium	catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/GuardianTextSans-Regular-App.2648b97ab884e20f4b2b.ttf	Phishing
2022-12-06	medium	catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/GuardianTextSans-Medium-App.aa2f0a6e826c5f02646a.ttf	Phishing
2022-12-06	medium	catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/Roboto-Regular.73f0a88bbca1bec19fb1.woff2	Phishing
2022-12-06	medium	catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/Roboto-Regular.12b50e8557e9de979737.woff	Phishing
2022-12-06	medium	catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/Roboto-Regular.3e1af3ef546b9e6ecef9.ttf	Phishing
2022-12-06	medium	catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/main.932b736ee76466992588.js.descarga	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (9)

	URL	Size	First Seen	Last Seen
	catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/popper.min.js.descarga	19 kB	2023-03-07	2024-04-16
Pretty URL catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/popper.min.js.descarga IP 200.58.111.50 ASN #27823 Dattatec.com Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:42:35 Last Seen2024-04-16 22:06:46 Times Seen189 Hash 6cd956453e307bfd2ce4bfb0648b9f7d a43367193adc1258902e5b68ad0cda6cf0f9ff8f 625b022a42ed5d9c39911e42050f4fd9834ea039af978b7716f7800ade95eb55 Loading...

	catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/bootstrap.min.js.descarga	51 kB	2023-03-07	2024-04-16
Pretty URL catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/bootstrap.min.js.descarga IP 200.58.111.50 ASN #27823 Dattatec.com Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:16:27 Last Seen2024-04-16 17:29:26 Times Seen2702 Hash 46b549bdc90920f18a911f186b9dd75c 3c639c4af5c036a6ee364215bd12c0b12937827d 1886bc561dec7c44a7541d82377ad81a40ff32496f32ad259884f0790c44d6a5 Loading...

	catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/runtime.ec2944dd8b20ec099bf3.js.descarga	1.5 kB	2023-03-07	2024-03-04
Pretty URL catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/runtime.ec2944dd8b20ec099bf3.js.descarga IP 200.58.111.50 ASN #27823 Dattatec.com Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:39:00 Last Seen2024-03-04 01:02:25 Times Seen18 Hash d68ae1d68307abe5cbce649d966e97f1 21109b3561b5a6c3ed51bc3015962f05da8e57b3 f6d14a5c40a406c335c7aea3f6983070bb59111b470bdf39bd7e1c3f4618b9f4 Loading...

	catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/main.932b736ee76466992588.js.descarga	6.5 MB	2023-03-08	2023-03-14
Pretty URL catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/main.932b736ee76466992588.js.descarga IP 200.58.111.50 ASN #27823 Dattatec.com Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:41:50 Last Seen2023-03-14 00:11:40 Times Seen1 Hash 4e91fb76f322e597f87654b01d906ebd 4f3f1dd18806325d7d9361484549c2ae0eed4201 9df00109b001d8bb5cb69a0a11259c66653a87504e8966d82198f5f1378e11f9 Loading...

	catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/serviceworker.js.descarga	139 B	2023-03-07	2023-12-19
Pretty URL catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/serviceworker.js.descarga IP 200.58.111.50 ASN #27823 Dattatec.com Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:30:33 Last Seen2023-12-19 15:54:21 Times Seen7 Hash ec431e4821c417259968c9433c173d7a e20a8ea582c50a6ecd98e38967b6206f3f5464cf bf15ddcaa9d1e8dcc42d385983c30efdec4b85650c6d2452df31979b404e3160 Loading...

	catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/colors.js.descarga	755 B	2023-03-07	2023-03-17
Pretty URL catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/colors.js.descarga IP 200.58.111.50 ASN #27823 Dattatec.com Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:30:33 Last Seen2023-03-17 21:22:41 Times Seen1 Hash 8a0ccd362c3f22c9cf239d05b210a994 5865d553986f59538f56eed1a27c490a9f6bb0b1 830c8c46ae7149f8c395c44b9089d0a12ccca34449d2a8b1992186b059c43fd9 Loading...

	catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/jquery-3.5.1.slim.min.js.descarga	72 kB	2023-03-07	2023-11-29
Pretty URL catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/jquery-3.5.1.slim.min.js.descarga IP 200.58.111.50 ASN #27823 Dattatec.com Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:30:33 Last Seen2023-11-29 10:23:52 Times Seen45 Hash 767a77430d12bd654d8f0c92cc21298c 75c2ff61e87f9ae41f55f4e845812aad189ab9af c46dc051ce81c4af2b2096abbf885ae4ba7467ff5db0f0106ceee928cf3658a3 Loading...

	catalogojitanjafora.org/img/ciudad/	184 B	2023-03-07	2023-03-17
Pretty URL catalogojitanjafora.org/img/ciudad/ IP 200.58.111.50 ASN #27823 Dattatec.com Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:30:33 Last Seen2023-03-17 21:22:41 Times Seen1 Hash cc35ab464359743f513d2686baefac95 0997578d62bb7e8069ce2732a16b77769fd78060 02e438173a19e8f215027d9eac0f67b1ab7b18d5e7ad4873eb9e14cacfcaed73 Loading...

	catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/polyfills.78e7bb2b516c2ee870f0.js.descarga	143 kB	2023-03-07	2023-03-17
Pretty URL catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/polyfills.78e7bb2b516c2ee870f0.js.descarga IP 200.58.111.50 ASN #27823 Dattatec.com Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:30:34 Last Seen2023-03-17 21:22:41 Times Seen1 Hash 050f5593a795beffaae3aa1af2f42c6d 6f09825e9255091665f31ae93fa12c47dae4a4c2 e428b9c4a2a312c519cb59eef4b605756f125ed3a53fa975058b737748fb2b47 Loading...

HTTP Transactions (43)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11290
Expires: Tue, 06 Dec 2022 13:49:30 GMT
Date: Tue, 06 Dec 2022 10:41:20 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
ee088fab9b287e174cfd1f2c735a909f
25c3335b514a36ad1a24d00413d60c3d394f5161
494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6554
Cache-Control: max-age=92353
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 10:41:20 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 12:20:33 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11359
Expires: Tue, 06 Dec 2022 13:50:39 GMT
Date: Tue, 06 Dec 2022 10:41:20 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 06 Dec 2022 10:20:23 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1257
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: TZswYYE/CvnDofIShgUv1S9ECSf5hFLh2Gym7QiHdnlrCfyimtzLxtffDDl9M/AXlKe+HHsHdxo=
x-amz-request-id: 5BH9Y6F75D48N7VC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 06 Dec 2022 09:47:03 GMT
age: 3257
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 10:41:20 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

catalogojitanjafora.org/img/ciudad/

200.58.111.50

200 OK

3.2 kB

URL HTTP/1.1
catalogojitanjafora.org/img/ciudad/
IP
200.58.111.50:0
ASN
#27823 Dattatec.com

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5257)
Size
3.2 kB (3162 bytes)
Hash
f81cf96c024ed9539eb48b2a8d992e26
532b483fd56f57323f9a4d03e53f6010ef3d09ac
fb4328f6eb8a561ee874d7ffc8820e314d5bd4657de34acedefb771d6d41967e

Detections

Analyzer	Verdict	Alert
openphish	Banco Ciudad
fortinet	Phishing

HTTP Headers

GET /img/ciudad/ HTTP/1.1
Host: catalogojitanjafora.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 10:41:20 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 05 Dec 2022 17:20:11 GMT
ETag: "2af1-5ef17e65f0e78-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3162
Keep-Alive: timeout=10, max=200
Content-Type: text/html

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 06 Dec 2022 10:11:20 GMT
cache-control: public,max-age=3600
age: 1801
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/jquery-3.5.1.slim.min.js.descarga

200.58.111.50

200 OK

25 kB

URL HTTP/1.1
catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/jquery-3.5.1.slim.min.js.descarga
IP
200.58.111.50:0
ASN
#27823 Dattatec.com

File type
ASCII text, with very long lines (65245)
Size
25 kB (24657 bytes)
Hash
70251fec8bb0fb8f6e9ccfab8d7cfcba
0567fb6e59cfbe12b5fd8f4673b9607f063d03f9
383d4320a9d96b62335b761c2fadf8489ea02e2a7cd3ba3d26863dc04c08f3be

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/ciudad/Banco%20Ciudad_files/jquery-3.5.1.slim.min.js.descarga HTTP/1.1
Host: catalogojitanjafora.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://catalogojitanjafora.org/img/ciudad/

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 10:41:21 GMT
Server: Apache
Last-Modified: Mon, 05 Dec 2022 17:20:12 GMT
ETag: "11abb-5ef17e66ce94f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 24657
Keep-Alive: timeout=10, max=199
Connection: Keep-Alive
Content-Type: application/javascript

catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/styles.c4bbbb8559e969311498.css

200.58.111.50

200 OK

39 kB

URL HTTP/1.1
catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/styles.c4bbbb8559e969311498.css
IP
200.58.111.50:0
ASN
#27823 Dattatec.com

File type
ASCII text, with very long lines (65307)
Size
39 kB (39026 bytes)
Hash
d2ff043b57c9316f6260cf54b5e5eb5c
d43716cd23d9685ba133af4020a562d7cd3f03f6
51ebd82ae3f4639a7bf9dc2dd8cc6c7a3087a5ed29aebc71c4f9ce7d06ba608c

HTTP Headers

GET /img/ciudad/Banco%20Ciudad_files/styles.c4bbbb8559e969311498.css HTTP/1.1
Host: catalogojitanjafora.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://catalogojitanjafora.org/img/ciudad/

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 10:41:21 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 05 Dec 2022 17:20:14 GMT
ETag: "3ad4f-5ef17e689895c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 39026
Keep-Alive: timeout=10, max=200
Content-Type: text/css

catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/colors.js.descarga

200.58.111.50

200 OK

394 B

URL HTTP/1.1
catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/colors.js.descarga
IP
200.58.111.50:0
ASN
#27823 Dattatec.com

File type
ASCII text, with very long lines (755), with no line terminators
Size
394 B (394 bytes)
Hash
e52c2e5ea6194835d3b600346722fe20
47f6d21374578f906b1b1c61c363fb26863c5a08
5c997f3cc021f01b4654528f9cae253c4cdc30ce12803dacc26c3dcf1dd4b39d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/ciudad/Banco%20Ciudad_files/colors.js.descarga HTTP/1.1
Host: catalogojitanjafora.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://catalogojitanjafora.org/img/ciudad/

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 10:41:21 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 05 Dec 2022 17:20:12 GMT
ETag: "2f3-5ef17e669cc71-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 394
Keep-Alive: timeout=10, max=200
Content-Type: application/javascript

catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/popper.min.js.descarga

200.58.111.50

200 OK

6.9 kB

URL HTTP/1.1
catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/popper.min.js.descarga
IP
200.58.111.50:0
ASN
#27823 Dattatec.com

File type
ASCII text, with very long lines (19063)
Size
6.9 kB (6907 bytes)
Hash
95830f781ee1b314b727b4aa6e1eff5e
371b266bae00a13878850566501243ae44c0e5bc
1cad80639242334bd7ec358679fed84cdc38a3a7f82a40c8d6a3f18a19f54082

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/ciudad/Banco%20Ciudad_files/popper.min.js.descarga HTTP/1.1
Host: catalogojitanjafora.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://catalogojitanjafora.org/img/ciudad/

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 10:41:21 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 05 Dec 2022 17:20:13 GMT
ETag: "4afd-5ef17e67a721e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6907
Keep-Alive: timeout=10, max=200
Content-Type: application/javascript

catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/bootstrap.min.js.descarga

200.58.111.50

200 OK

13 kB

URL HTTP/1.1
catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/bootstrap.min.js.descarga
IP
200.58.111.50:0
ASN
#27823 Dattatec.com

File type
ASCII text, with very long lines (50277)
Size
13 kB (13085 bytes)
Hash
3da1ae4a08e503c860178cb7c055d4d2
e230f8bca134c09d4f402024f8f76f3e7b40523b
bf655ceae4104f51363b32e431209554ba88e7a4023b9212e1bf292138be38dd

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/ciudad/Banco%20Ciudad_files/bootstrap.min.js.descarga HTTP/1.1
Host: catalogojitanjafora.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://catalogojitanjafora.org/img/ciudad/

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 10:41:21 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 05 Dec 2022 17:20:12 GMT
ETag: "c584-5ef17e668883a-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 13085
Keep-Alive: timeout=10, max=200
Content-Type: application/javascript

catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/serviceworker.js.descarga

200.58.111.50

200 OK

128 B

URL HTTP/1.1
catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/serviceworker.js.descarga
IP
200.58.111.50:0
ASN
#27823 Dattatec.com

File type
ASCII text
Size
128 B (128 bytes)
Hash
ebda863f34573f56b2664a4cfe27a210
b6c365b40d34f8b8182cb3dc1275de84cb18f795
572eb748ac2f65f92b3452d3ef0adc686e06e1d3beee8e3a792df6f042dfbb0a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/ciudad/Banco%20Ciudad_files/serviceworker.js.descarga HTTP/1.1
Host: catalogojitanjafora.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://catalogojitanjafora.org/img/ciudad/

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 10:41:21 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 05 Dec 2022 17:20:14 GMT
ETag: "8b-5ef17e68464f7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 128
Keep-Alive: timeout=10, max=200
Content-Type: application/javascript

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
2b9d6a686aa3c4ea24568425e43a5221
d53bb4c9579bd1db78a0520619e888aec79f750f
c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6546
Cache-Control: max-age=87277
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 10:41:21 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 10:55:58 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/runtime.ec2944dd8b20ec099bf3.js.descarga

200.58.111.50

200 OK

717 B

URL HTTP/1.1
catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/runtime.ec2944dd8b20ec099bf3.js.descarga
IP
200.58.111.50:0
ASN
#27823 Dattatec.com

File type
ASCII text, with very long lines (1451), with no line terminators
Size
717 B (717 bytes)
Hash
089a6a5085dbb1423d9d5a4668550906
6b6d12206fd15c0c53fe2636d04e2e79f0a5bfec
a7bc66bdb985c1340aa9ebd9417a0fd4c4b284298c94eaf4568aaef747371a5a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/ciudad/Banco%20Ciudad_files/runtime.ec2944dd8b20ec099bf3.js.descarga HTTP/1.1
Host: catalogojitanjafora.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://catalogojitanjafora.org/img/ciudad/

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 10:41:21 GMT
Server: Apache
Last-Modified: Mon, 05 Dec 2022 17:20:13 GMT
ETag: "5ab-5ef17e67f735b-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 717
Keep-Alive: timeout=10, max=198
Connection: Keep-Alive
Content-Type: application/javascript

catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/polyfills.78e7bb2b516c2ee870f0.js.descarga

200.58.111.50

200 OK

48 kB

URL HTTP/1.1
catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/polyfills.78e7bb2b516c2ee870f0.js.descarga
IP
200.58.111.50:0
ASN
#27823 Dattatec.com

File type
ASCII text, with very long lines (65536), with no line terminators
Size
48 kB (48115 bytes)
Hash
eb1c3688254c91ede1581c71355c8139
f0ef36b6bac9a560fd384da20555f39550a3e7aa
269f08a5a8ef881fc6a0df667a4cefdf367b55a1efe1b0a91e7c41c479df3860

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/ciudad/Banco%20Ciudad_files/polyfills.78e7bb2b516c2ee870f0.js.descarga HTTP/1.1
Host: catalogojitanjafora.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://catalogojitanjafora.org/img/ciudad/

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 10:41:21 GMT
Server: Apache
Last-Modified: Mon, 05 Dec 2022 17:20:13 GMT
ETag: "22d5b-5ef17e673d2d2-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 48115
Keep-Alive: timeout=10, max=199
Connection: Keep-Alive
Content-Type: application/javascript

catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/ciudad.svg

200.58.111.50

200 OK

4.5 kB

URL HTTP/1.1
catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/ciudad.svg
IP
200.58.111.50:0
ASN
#27823 Dattatec.com

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (3283)
Size
4.5 kB (4511 bytes)
Hash
c73e5d18223746a44d6d2fc666e9e804
4e0e21ce77d00569449cb264229b347300038783
69c24732e6b7afebfc32b64f5dc465aed7c1e5ae2083d8a4327931618f323f17

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/ciudad/Banco%20Ciudad_files/ciudad.svg HTTP/1.1
Host: catalogojitanjafora.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://catalogojitanjafora.org/img/ciudad/

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 10:41:21 GMT
Server: Apache
Last-Modified: Mon, 05 Dec 2022 17:20:12 GMT
ETag: "119f-5ef17e669b8e9"
Accept-Ranges: bytes
Content-Length: 4511
Keep-Alive: timeout=10, max=199
Connection: Keep-Alive
Content-Type: image/svg+xml

catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/icono-login.png

200.58.111.50

200 OK

6.2 kB

URL HTTP/1.1
catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/icono-login.png
IP
200.58.111.50:0
ASN
#27823 Dattatec.com

File type
PNG image data, 141 x 141, 8-bit/color RGBA, non-interlaced\012- data
Size
6.2 kB (6233 bytes)
Hash
3060236dd0018dfbc4cb7a6cf0a3ec68
6c8496aa09c8262a23b7923ca8571f93e36b90d8
c0e6f30e7bbb291540bdc48ead3ce0c41a9c99cf813e521572225a46215e7931

HTTP Headers

GET /img/ciudad/Banco%20Ciudad_files/icono-login.png HTTP/1.1
Host: catalogojitanjafora.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://catalogojitanjafora.org/img/ciudad/

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 10:41:21 GMT
Server: Apache
Last-Modified: Mon, 05 Dec 2022 17:20:12 GMT
ETag: "1859-5ef17e66b1c60"
Accept-Ranges: bytes
Content-Length: 6233
Keep-Alive: timeout=10, max=199
Connection: Keep-Alive
Content-Type: image/png

catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/GuardianTextSans-Regular-App.2648b97ab884e20f4b2b.ttf

200.58.111.50

404 Not Found

196 B

URL HTTP/1.1
catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/GuardianTextSans-Regular-App.2648b97ab884e20f4b2b.ttf
IP
200.58.111.50:0
ASN
#27823 Dattatec.com

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
196 B (196 bytes)
Hash
62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/ciudad/Banco%20Ciudad_files/GuardianTextSans-Regular-App.2648b97ab884e20f4b2b.ttf HTTP/1.1
Host: catalogojitanjafora.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/styles.c4bbbb8559e969311498.css

HTTP/1.1 404 Not Found
Date: Tue, 06 Dec 2022 10:41:21 GMT
Server: Apache
Content-Length: 196
Keep-Alive: timeout=10, max=200
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/GuardianTextSans-Medium-App.aa2f0a6e826c5f02646a.ttf

200.58.111.50

404 Not Found

196 B

URL HTTP/1.1
catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/GuardianTextSans-Medium-App.aa2f0a6e826c5f02646a.ttf
IP
200.58.111.50:0
ASN
#27823 Dattatec.com

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
196 B (196 bytes)
Hash
62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/ciudad/Banco%20Ciudad_files/GuardianTextSans-Medium-App.aa2f0a6e826c5f02646a.ttf HTTP/1.1
Host: catalogojitanjafora.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/styles.c4bbbb8559e969311498.css

HTTP/1.1 404 Not Found
Date: Tue, 06 Dec 2022 10:41:21 GMT
Server: Apache
Content-Length: 196
Keep-Alive: timeout=10, max=200
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/Roboto-Regular.73f0a88bbca1bec19fb1.woff2

200.58.111.50

404 Not Found

196 B

URL HTTP/1.1
catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/Roboto-Regular.73f0a88bbca1bec19fb1.woff2
IP
200.58.111.50:0
ASN
#27823 Dattatec.com

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
196 B (196 bytes)
Hash
62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/ciudad/Banco%20Ciudad_files/Roboto-Regular.73f0a88bbca1bec19fb1.woff2 HTTP/1.1
Host: catalogojitanjafora.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/styles.c4bbbb8559e969311498.css

HTTP/1.1 404 Not Found
Date: Tue, 06 Dec 2022 10:41:21 GMT
Server: Apache
Content-Length: 196
Keep-Alive: timeout=10, max=199
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

push.services.mozilla.com/

35.161.136.21

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.161.136.21:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: W3V/SOM/cBTrH9GN7Zo9mg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: N9MPugMZ1qxeb25OMJQlmrXi4Wo=

catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/Roboto-Regular.12b50e8557e9de979737.woff

200.58.111.50

404 Not Found

196 B

URL HTTP/1.1
catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/Roboto-Regular.12b50e8557e9de979737.woff
IP
200.58.111.50:0
ASN
#27823 Dattatec.com

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
196 B (196 bytes)
Hash
62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/ciudad/Banco%20Ciudad_files/Roboto-Regular.12b50e8557e9de979737.woff HTTP/1.1
Host: catalogojitanjafora.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/styles.c4bbbb8559e969311498.css

HTTP/1.1 404 Not Found
Date: Tue, 06 Dec 2022 10:41:22 GMT
Server: Apache
Content-Length: 196
Keep-Alive: timeout=10, max=198
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/Roboto-Regular.3e1af3ef546b9e6ecef9.ttf

200.58.111.50

404 Not Found

196 B

URL HTTP/1.1
catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/Roboto-Regular.3e1af3ef546b9e6ecef9.ttf
IP
200.58.111.50:0
ASN
#27823 Dattatec.com

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
196 B (196 bytes)
Hash
62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/ciudad/Banco%20Ciudad_files/Roboto-Regular.3e1af3ef546b9e6ecef9.ttf HTTP/1.1
Host: catalogojitanjafora.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/styles.c4bbbb8559e969311498.css

HTTP/1.1 404 Not Found
Date: Tue, 06 Dec 2022 10:41:22 GMT
Server: Apache
Content-Length: 196
Keep-Alive: timeout=10, max=197
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8560
Expires: Tue, 06 Dec 2022 13:04:03 GMT
Date: Tue, 06 Dec 2022 10:41:23 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8560
Expires: Tue, 06 Dec 2022 13:04:03 GMT
Date: Tue, 06 Dec 2022 10:41:23 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8560
Expires: Tue, 06 Dec 2022 13:04:03 GMT
Date: Tue, 06 Dec 2022 10:41:23 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8560
Expires: Tue, 06 Dec 2022 13:04:03 GMT
Date: Tue, 06 Dec 2022 10:41:23 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7663e5fc-37de-4be8-9be7-49805622f85d.jpeg

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7663e5fc-37de-4be8-9be7-49805622f85d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10183 bytes)
Hash
99d1ff8fa2e095dcf2bda3d1e1af1221
f914f04a0e1fb45a221d31d2105bfc73015b03e6
90325d4299a44dbd213857ada6f6880db8c33ad61685cfcb60c4a2455a84cf87

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7663e5fc-37de-4be8-9be7-49805622f85d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10183
x-amzn-requestid: 0cdea572-aab4-4d52-948b-976170a787a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_uLHQZoAMF4hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1327-7948052f39c4f6071b4a0e0d;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WDqUFMBT59kulx4WLxNh5XTsHzr4_u524juvZJnGMYBH-mUaJclnTg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:49:44 GMT
age: 46299
etag: "f914f04a0e1fb45a221d31d2105bfc73015b03e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

18 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b9928a3-5708-47a4-8d92-f3af8d54a81d.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
18 kB (18490 bytes)
Hash
f4bbfe2037fd1658cad81b5b8e4d885c
9487451d24db59cc0f426410da2b55f94f3bb34b
2a124c75c6c90c5633f3538c8b84422262f81cb35d8f4cf4ed0032cc897a5ab9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b9928a3-5708-47a4-8d92-f3af8d54a81d.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 18490
x-amzn-requestid: f01c056f-b0bc-4833-9934-d0c37f4d701c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csS4wE5NIAMFQmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6504-1111ee0221c3c4165a9ef2ab;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:39:16 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: L83k-5N1ntWkhPbKsReH19NWajYEVyQSBQIKM6aSZSovDKHTYeXhUQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:30:52 GMT
age: 43831
etag: "9487451d24db59cc0f426410da2b55f94f3bb34b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11224 bytes)
Hash
b15136d60fd0a5e0f657a4f5c75d540f
36082b7329d473829178f280cb71a83b1531e486
79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:09:28 GMT
age: 45115
etag: "36082b7329d473829178f280cb71a83b1531e486"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10594 bytes)
Hash
7e1b54923ba506fde6b21c5bfb51ccc8
366aa3ab0790c496ea51bc08d1f2ff3358530d9e
a993ca6dc9a1f854f4542f9221e4f90060825ea863974b5163a9d3e284dc4663

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10594
x-amzn-requestid: eee9f193-eef5-44bf-997a-877fa206749e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSyIHpGoAMF1fw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64da-0a9190f7698dbf2f73bb1575;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T28mItwomGU8iDJ18lUF7ZrFuyh_P3ZTwUtA4AC5qZ5C5FQurDMgmQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:54:01 GMT
age: 46042
etag: "366aa3ab0790c496ea51bc08d1f2ff3358530d9e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ca09fa3-9c1c-4e27-b763-2de04564da9d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.8 kB (4827 bytes)
Hash
73b9f329cd3a39d0756de62dd5f190b7
0f1c7567b89cc3de60196e47e37879296359bc78
e15711efe27a3d302a9869cf01d27fd65bd0beca9d03a19d93bbf11e28f3e1d8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ca09fa3-9c1c-4e27-b763-2de04564da9d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4827
x-amzn-requestid: 26ac5a48-3e41-4638-88d6-c94ba8b7a6c8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csS3nFxPoAMFcpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64fd-28f8cb92130706e3652eb971;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:39:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YUk1Nt1XioDColWXDiEZsL8BmFpyWaV5tRbsbmAiR6A2psM_Gx3j_A==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:41:49 GMT
age: 46774
etag: "0f1c7567b89cc3de60196e47e37879296359bc78"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11175 bytes)
Hash
38b97436af942d5eb1111ca7043259a0
0234fe32c84c4711f0619714f3ac6d3db1b717d3
a76a7721355abbaecd5c8cb5218e7e4626dc345eb26e7541c71bf4ceaa7ae5d8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11175
x-amzn-requestid: 9c93ddca-1247-44af-a364-e617f69ace26
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSzYEnEoAMFa2A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64e2-7d38ea383725901524bc2ca0;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fNsYsKfPUM8QaG7-F1tSBDdsNit1BfYpWddNssXwyFO2HgdA0RpjAQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:54:21 GMT
age: 46022
etag: "0234fe32c84c4711f0619714f3ac6d3db1b717d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/main.932b736ee76466992588.js.descarga

200.58.111.50

200 OK

1.1 MB

URL HTTP/1.1
catalogojitanjafora.org/img/ciudad/Banco%20Ciudad_files/main.932b736ee76466992588.js.descarga
IP
200.58.111.50:0
ASN
#27823 Dattatec.com

File type
ASCII text, with very long lines (65536), with no line terminators
Size
1.1 MB (1108212 bytes)
Hash
2aec79a56e01f94fe94923f1c15c23de
a06b6e2f458b413c9d61a6a52cc139ef758e1383
0160a37c87e9d35326cb00c0f8ae72dadefe8fd19e32a852df5dc67d35c69b6c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/ciudad/Banco%20Ciudad_files/main.932b736ee76466992588.js.descarga HTTP/1.1
Host: catalogojitanjafora.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://catalogojitanjafora.org/img/ciudad/

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 10:41:21 GMT
Server: Apache
Last-Modified: Mon, 05 Dec 2022 17:20:14 GMT
ETag: "62ba9f-5ef17e68752f5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=10, max=199
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript

ocsp.usertrust.com/

104.18.32.68

200 OK

2.2 kB

URL HTTP/1.1
ocsp.usertrust.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
2.2 kB (2236 bytes)
Hash
b396cbd5acf7ac2b121be1438e74ad09
3a1c97848fe7400af50f4072a41862023c804cbb
50475b195ac0d6c6a4d63e68ac5add05af0cc1ce6a8b38036a95f3f8cc6bcc1f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 10:41:24 GMT
Content-Type: application/ocsp-response
Content-Length: 2236
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 22:12:16 GMT
Expires: Sat, 10 Dec 2022 22:12:15 GMT
Etag: "3a1c97848fe7400af50f4072a41862023c804cbb"
Cache-Control: max-age=602698,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 955
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 775468b1ef0bb4f4-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
7d5d9191fc889f98b98ab78a53d15700
1a3876cca1013ccf15b3d9f3a1316061f053eb4a
da06887aeb944c0ee34cb08a6189dd4b0c3461b1ebc267bc0dc912e08e1b85de

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 10:41:24 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 21:03:41 GMT
Expires: Sun, 11 Dec 2022 21:03:40 GMT
Etag: "1a3876cca1013ccf15b3d9f3a1316061f053eb4a"
Cache-Control: max-age=468735,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775468b1f8a2b4fd-OSL

hb.bancociudad.com.ar/assets/favicon.png

45.233.70.123

200 OK

8.9 kB

URL HTTP/1.1
hb.bancociudad.com.ar/assets/favicon.png
IP
45.233.70.123:0
ASN
#22798 RED LINK S.A.

File type
PNG image data, 322 x 322, 8-bit/color RGBA, non-interlaced\012- data
Size
8.9 kB (8925 bytes)
Hash
25a9870ada58fd297d30493deb73dc07
5621be8ef54b0aa4e108ff9a43c2f51900e7c33d
2bdf4ac46b037d1abce919e168a390a071fd0c32542b116cf6826ea26e6eab1b

HTTP Headers

GET /assets/favicon.png HTTP/1.1
Host: hb.bancociudad.com.ar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://catalogojitanjafora.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 10:41:24 GMT
Content-Type: image/png
Content-Length: 8925
Last-Modified: Fri, 04 Nov 2022 03:03:51 GMT
Connection: keep-alive
ETag: "63648117-22dd"
Expires: Thu, 05 Jan 2023 10:41:24 GMT
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Set-Cookie: TS01fe601c=016e5a5cb0ad2edb9fa5625f66ff5495834faa0fa6022c32f50fc40cac895c9c1a82a1fea92b66a858ae85408fbd5c9b66e91a405d; Path=/; Domain=.hb.bancociudad.com.ar

ocsp.digicert.com/

93.184.220.29

200 OK

727 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
727 B (727 bytes)
Hash
628583acbb10ac440469a7cd479fea23
8d9fb78572e6fb6f75d6e673eed99088285b1577
33e51e984151cf52520bd893f59fa22d8d1fea05490fe73b2cf62ee32b45be87

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=85796
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 10:41:25 GMT
Etag: "638dc879-2d7"
Expires: Wed, 07 Dec 2022 10:31:21 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:21 GMT
Server: nginx
Content-Length: 727

ocsp.digicert.com/

93.184.220.29

200 OK

727 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
727 B (727 bytes)
Hash
628583acbb10ac440469a7cd479fea23
8d9fb78572e6fb6f75d6e673eed99088285b1577
33e51e984151cf52520bd893f59fa22d8d1fea05490fe73b2cf62ee32b45be87

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=85796
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 10:41:25 GMT
Etag: "638dc879-2d7"
Expires: Wed, 07 Dec 2022 10:31:21 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:21 GMT
Server: nginx
Content-Length: 727

analytics.redlink.com.ar/hblogin/p1.htm?url=http://catalogojitanjafora.org/img/ciudad/

45.233.68.25

302 Redirect

155 B

URL HTTP/1.1
analytics.redlink.com.ar/hblogin/p1.htm?url=http://catalogojitanjafora.org/img/ciudad/
IP
45.233.68.25:0
ASN
#22798 RED LINK S.A.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
155 B (155 bytes)
Hash
96a3c98889299dc742cef1e3f837f6d7
5f279dcb9db73fb8b9aa6e4a96ed58559b095aef
de7b0fd139bd0be08cca4b3a25ec21f201959df8acfa555df1e01251276076fa

HTTP Headers

GET /hblogin/p1.htm?url=http://catalogojitanjafora.org/img/ciudad/ HTTP/1.1
Host: analytics.redlink.com.ar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://catalogojitanjafora.org
Connection: keep-alive
Referer: http://catalogojitanjafora.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Redirect
Content-Type: text/html; charset=UTF-8
Location: https://analytics.redlink.com.ar
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Date: Tue, 06 Dec 2022 10:41:25 GMT
Content-Length: 155

analytics.redlink.com.ar/

45.233.68.25

200 OK

246 B

URL HTTP/1.1
analytics.redlink.com.ar/
IP
45.233.68.25:0
ASN
#22798 RED LINK S.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
246 B (246 bytes)
Hash
aac68c3f2973ae6bcf1e154e6bb4ff98
0ca9c79f5f9aef9d79220f109f634c1bc50c05d0
774185757f47228d9b59ce512424a72614e1ffb88e4bc0a9a38141a318021cf1

HTTP Headers

GET / HTTP/1.1
Host: analytics.redlink.com.ar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://catalogojitanjafora.org
Referer: http://catalogojitanjafora.org/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Fri, 09 Oct 2015 19:27:42 GMT
Accept-Ranges: bytes
ETag: "0b291c82d11:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Date: Tue, 06 Dec 2022 10:41:25 GMT
Content-Length: 246

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations