firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 15 Sep 2022 08:10:22 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: EmV1MhcXT4Ka1peD3cbHZNKhNxthO1CYqI1EQhKnsirT4mFjo7qkLg==
Age: 3166
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b9349e0a9b42de7771bd96cba16cff77
5c17db1c19c7a7c4ab9a07657982c5055ff73b96
83029d376be1375c815b1021f02c20b78358ea5335826d21180032eeccd5e117
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "83029D376BE1375C815B1021F02C20B78358EA5335826D21180032EECCD5E117"
Last-Modified: Thu, 15 Sep 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3465
Expires: Thu, 15 Sep 2022 10:00:53 GMT
Date: Thu, 15 Sep 2022 09:03:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash be88d3e043e3b95b52e41812e50fb634
0318ba1ce487817ea7cba61dd9413bed29213800
b5f178d23e633283f226cca7a9ae79b01e6cab2299ff7065c980d3a9953212fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7013
Expires: Thu, 15 Sep 2022 11:00:01 GMT
Date: Thu, 15 Sep 2022 09:03:08 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 15 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: VyESPuc9VZrX7IrpvT9Te-1IPS5mz3MsTOiQCnBpo8N-t5R2G0ym7g==
age: 16073
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 09:03:08 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
everyoilydrivers.hmtlsfsf.repl.co/
34.149.204.188200 OK 32 kB URL HTTP/2 everyoilydrivers.hmtlsfsf.repl.co/
IP 34.149.204.188:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 90a1df4e45f0524da41c5f25c30b4d5c
a3211def4cbedd39fa9bc72f9b46f977889cd56e
cfb184f8343e86676177a3e497b6241d63e9b2c19acf4dc12be069652015418b
Analyzer Verdict Alert openphish Davivienda
GET / HTTP/1.1
Host: everyoilydrivers.hmtlsfsf.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Thu, 15 Sep 2022 09:03:08 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=5593180; includeSubDomains
content-length: 31650
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/bootstrap@5.2.0/dist/css/bootstrap.min.css
151.101.85.229200 OK 28 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@5.2.0/dist/css/bootstrap.min.css
IP 151.101.85.229:0
File type Unicode text, UTF-8 text, with very long lines (65305)
Hash 7888a9c5ee7f0dcbc252f18ea9205250
56fab9f4b3bf2422446e394be042eb29ef6a15bf
5da8436a211d7384f5a0ce219c548d245ae077f3474c95a66f25852bb9aa28d1
GET /npm/bootstrap@5.2.0/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://everyoilydrivers.hmtlsfsf.repl.co
Connection: keep-alive
Referer: https://everyoilydrivers.hmtlsfsf.repl.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 5.2.0
x-jsd-version-type: version
etag: W/"2f88b-Yz6bIW1g1A6raHMXUTTpNbVU+JE"
content-encoding: gzip
accept-ranges: bytes
date: Thu, 15 Sep 2022 09:03:08 GMT
age: 4986847
x-served-by: cache-fra19139-FRA, cache-bma1644-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 27464
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/bootstrap@5.2.0/dist/js/bootstrap.bundle.min.js
151.101.85.229200 OK 23 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@5.2.0/dist/js/bootstrap.bundle.min.js
IP 151.101.85.229:0
File type ASCII text, with very long lines (65299)
Hash ed5c6463c7bbe5b6a99a36ee500352b7
05dcf59651be45fa7079e4586cb36c625f4a859c
e9c1ef143791a953e02f587edbddede54028c212954ec9daa5a789e79eb2e1cb
GET /npm/bootstrap@5.2.0/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://everyoilydrivers.hmtlsfsf.repl.co
Connection: keep-alive
Referer: https://everyoilydrivers.hmtlsfsf.repl.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 5.2.0
x-jsd-version-type: version
etag: W/"137ae-xmO6oFGFa2TXRmKalh4ju/D7r4w"
content-encoding: gzip
accept-ranges: bytes
date: Thu, 15 Sep 2022 09:03:08 GMT
age: 4986846
x-served-by: cache-fra19175-FRA, cache-bma1644-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23075
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash f6df7aa3b35ba4a20ffd438fcfff06a1
3094c5f784bc2a77e6d6334951e52406da6849f8
0bd049943d007194546be28bcb48ef780be8043c1e1f45f9e10a6f608d9283f6
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 09:03:08 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "C23BE55A1DBE97412CB5394368A04A23D64F63EE"
Expires: Thu, 15 Sep 2022 20:00:00 GMT
Last-Modified: Thu, 15 Sep 2022 08:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2000
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74b02fff38c90b55-OSL
everyoilydrivers.hmtlsfsf.repl.co/imgs/ayuda.png
34.149.204.188200 OK 1.1 kB URL HTTP/2 everyoilydrivers.hmtlsfsf.repl.co/imgs/ayuda.png
IP 34.149.204.188:0
File type PNG image data, 100 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash 10686af24475d35ee34249a44b81de21
5521b6335a201253a4f188c5f1cc5b0763dcebd7
743257b15df80b8d5eae8fe465b98014572c3289b5a651d946837d2a030f2582
Analyzer Verdict Alert openphish Davivienda
GET /imgs/ayuda.png HTTP/1.1
Host: everyoilydrivers.hmtlsfsf.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://everyoilydrivers.hmtlsfsf.repl.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
date: Thu, 15 Sep 2022 09:03:08 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=5593180; includeSubDomains
content-length: 1059
X-Firefox-Spdy: h2
everyoilydrivers.hmtlsfsf.repl.co/imgs/bullets.png
34.149.204.188200 OK 253 B URL HTTP/2 everyoilydrivers.hmtlsfsf.repl.co/imgs/bullets.png
IP 34.149.204.188:0
File type PNG image data, 7 x 10, 8-bit/color RGBA, non-interlaced\012- data
Hash 08472c94d9d38a6b05af50b0053250eb
ae89594579eb49b293618deb192e9394bb16b755
fbe8ef344efb7478e8f583c73fa9b590098f6364a292a291a1970058395cb0ad
Analyzer Verdict Alert openphish Davivienda
GET /imgs/bullets.png HTTP/1.1
Host: everyoilydrivers.hmtlsfsf.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://everyoilydrivers.hmtlsfsf.repl.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
date: Thu, 15 Sep 2022 09:03:08 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=5593180; includeSubDomains
content-length: 253
X-Firefox-Spdy: h2
everyoilydrivers.hmtlsfsf.repl.co/imgs/seguridad.png
34.149.204.188200 OK 1.9 kB URL HTTP/2 everyoilydrivers.hmtlsfsf.repl.co/imgs/seguridad.png
IP 34.149.204.188:0
File type PNG image data, 96 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash 1e45e6ef5dd9eac151080587acdc9aed
f534d57f7aa37e8e77bd54621413552aa7909302
2a657b32862ac716f10823b5f65279c24245299d85a6cc579714d11779dddb03
Analyzer Verdict Alert openphish Davivienda
GET /imgs/seguridad.png HTTP/1.1
Host: everyoilydrivers.hmtlsfsf.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://everyoilydrivers.hmtlsfsf.repl.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
date: Thu, 15 Sep 2022 09:03:08 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=5593180; includeSubDomains
content-length: 1928
X-Firefox-Spdy: h2
everyoilydrivers.hmtlsfsf.repl.co/imgs/cerrar.png
34.149.204.188200 OK 583 B URL HTTP/2 everyoilydrivers.hmtlsfsf.repl.co/imgs/cerrar.png
IP 34.149.204.188:0
File type PNG image data, 33 x 33, 8-bit gray+alpha, non-interlaced\012- data
Hash 38be66c4f8c604d9d4dbd14c0a4b30aa
a8ce3cb7d5524624bdde885176f401089514d481
9b1da8a91a1223e7fc001f3ff24a8b24e8f45f90e1660421ad1601ba6cf2f6b5
Analyzer Verdict Alert openphish Davivienda
GET /imgs/cerrar.png HTTP/1.1
Host: everyoilydrivers.hmtlsfsf.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://everyoilydrivers.hmtlsfsf.repl.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
date: Thu, 15 Sep 2022 09:03:08 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=5593180; includeSubDomains
content-length: 583
X-Firefox-Spdy: h2
everyoilydrivers.hmtlsfsf.repl.co/imgs/logo.png
34.149.204.188200 OK 4.4 kB URL HTTP/2 everyoilydrivers.hmtlsfsf.repl.co/imgs/logo.png
IP 34.149.204.188:0
File type PNG image data, 318 x 47, 8-bit/color RGB, non-interlaced\012- data
Hash d78764ea207dcba7fd2a85ccc39bfb74
721df931f5488d023d93f793c3ff388a8fd42d53
9f82c0b396c6a080cc49c5a9110146c72b5dce3680c32e124870969b24075f7f
Analyzer Verdict Alert openphish Davivienda
GET /imgs/logo.png HTTP/1.1
Host: everyoilydrivers.hmtlsfsf.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://everyoilydrivers.hmtlsfsf.repl.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
date: Thu, 15 Sep 2022 09:03:08 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=5593180; includeSubDomains
content-length: 4393
X-Firefox-Spdy: h2
everyoilydrivers.hmtlsfsf.repl.co/imgs/buttons.png
34.149.204.188200 OK 4.0 kB URL HTTP/2 everyoilydrivers.hmtlsfsf.repl.co/imgs/buttons.png
IP 34.149.204.188:0
File type PNG image data, 268 x 64, 8-bit/color RGB, non-interlaced\012- data
Hash 3ca5ae3f6a8c93294648e497d37ace2b
d13977900b4d4934f359d6de1100c9226a7f09fc
440f5d8b87b5722aaa5efe18eb2ac858376bbc8a4cbf1773868d0deb81d4410a
Analyzer Verdict Alert openphish Davivienda
GET /imgs/buttons.png HTTP/1.1
Host: everyoilydrivers.hmtlsfsf.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://everyoilydrivers.hmtlsfsf.repl.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
date: Thu, 15 Sep 2022 09:03:08 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=5593180; includeSubDomains
content-length: 4021
X-Firefox-Spdy: h2
everyoilydrivers.hmtlsfsf.repl.co/imgs/ingreso.png
34.149.204.188200 OK 1.9 kB URL HTTP/2 everyoilydrivers.hmtlsfsf.repl.co/imgs/ingreso.png
IP 34.149.204.188:0
File type PNG image data, 128 x 61, 8-bit/color RGB, non-interlaced\012- data
Hash af72e4703f5ef9cdf74400ab1b2d5d03
f42ce6c9a5e0478aa258c625bc35f68281a2677a
dc0ca46842c059080b33eae413632faab0a2998fd6e2fe82fc0c5a5fc1531d55
Analyzer Verdict Alert openphish Davivienda
GET /imgs/ingreso.png HTTP/1.1
Host: everyoilydrivers.hmtlsfsf.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://everyoilydrivers.hmtlsfsf.repl.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
date: Thu, 15 Sep 2022 09:03:08 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=5593180; includeSubDomains
content-length: 1897
X-Firefox-Spdy: h2
everyoilydrivers.hmtlsfsf.repl.co/imgs/inactivo.png
34.149.204.188200 OK 4.4 kB URL HTTP/2 everyoilydrivers.hmtlsfsf.repl.co/imgs/inactivo.png
IP 34.149.204.188:0
File type PNG image data, 173 x 82, 8-bit/color RGBA, non-interlaced\012- data
Hash 07cce4bece276654e26806caf01f6cfc
58033e586126a71374c83ba718e70107bee52b87
daa34374ce40a336fa23a2ee3612bc05f525b6ee5296f2b1bd4d27e53fd67e78
Analyzer Verdict Alert openphish Davivienda
GET /imgs/inactivo.png HTTP/1.1
Host: everyoilydrivers.hmtlsfsf.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://everyoilydrivers.hmtlsfsf.repl.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
date: Thu, 15 Sep 2022 09:03:08 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=5593180; includeSubDomains
content-length: 4382
X-Firefox-Spdy: h2
everyoilydrivers.hmtlsfsf.repl.co/imgs/wcm.png
34.149.204.188200 OK 1.3 kB URL HTTP/2 everyoilydrivers.hmtlsfsf.repl.co/imgs/wcm.png
IP 34.149.204.188:0
File type PNG image data, 37 x 37, 8-bit colormap, non-interlaced\012- data
Hash ffc9fd1f3b4a8c9db127911b860c225f
421285b0d21afbacc33dde6365ed702b8188903d
6422ab8087425ba3bf35586c77933306b4daf33b6a7eee22c47de8bb1397045f
Analyzer Verdict Alert openphish Davivienda
GET /imgs/wcm.png HTTP/1.1
Host: everyoilydrivers.hmtlsfsf.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://everyoilydrivers.hmtlsfsf.repl.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
date: Thu, 15 Sep 2022 09:03:08 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=5593180; includeSubDomains
content-length: 1263
X-Firefox-Spdy: h2
everyoilydrivers.hmtlsfsf.repl.co/imgs/ico-boton.png
34.149.204.188200 OK 392 B URL HTTP/2 everyoilydrivers.hmtlsfsf.repl.co/imgs/ico-boton.png
IP 34.149.204.188:0
File type PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced\012- data
Hash 150f5659236c66c8ab46c6f03ffcb860
37d04110118c1d9f0cb4a2b08c827daf6695ea76
6596c9aaaf7ce0dde93c1627ea62f954fb6a93b3f5e3f3fe12cbe93570688b24
Analyzer Verdict Alert openphish Davivienda
GET /imgs/ico-boton.png HTTP/1.1
Host: everyoilydrivers.hmtlsfsf.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://everyoilydrivers.hmtlsfsf.repl.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
date: Thu, 15 Sep 2022 09:03:08 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=5593180; includeSubDomains
content-length: 392
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 15 Sep 2022 08:03:22 GMT
Cache-Control: max-age=3600
Expires: Thu, 15 Sep 2022 08:54:38 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: CHdXYz0ZlZROeE4Up2Q8doWMVIR9R88fnq4fkcCWi576Oc3blzhtlQ==
Age: 3586
everyoilydrivers.hmtlsfsf.repl.co/imgs/fondo-login.jpg
34.149.204.188200 OK 54 kB URL HTTP/2 everyoilydrivers.hmtlsfsf.repl.co/imgs/fondo-login.jpg
IP 34.149.204.188:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=250, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=2076], baseline, precision 8, 2076x307, components 3\012- data
Hash 49ed9827c31d3e97dcaca45f9e8206a1
b193b4910579f1a17e8bd939f91d5c2ecab3943a
a60b41f61e11919cc87cea38911021b5c730751c608b11ce90c6440b3315efb3
Analyzer Verdict Alert openphish Davivienda
GET /imgs/fondo-login.jpg HTTP/1.1
Host: everyoilydrivers.hmtlsfsf.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://everyoilydrivers.hmtlsfsf.repl.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
date: Thu, 15 Sep 2022 09:03:08 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=5593180; includeSubDomains
content-length: 53564
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d3ac56507d17ffff5e8b486406985d68
17d26336cd8ea65af3f23db166945f1b3fbbfbab
e7e321340eed681c1269f715b0214e1511d5762fffbe930e7c157b800afa9a39
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3958
Cache-Control: max-age=86989
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 09:03:09 GMT
Etag: "63218ba4-1d7"
Expires: Fri, 16 Sep 2022 09:12:58 GMT
Last-Modified: Wed, 14 Sep 2022 08:07:00 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.80.175.197101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.80.175.197:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: MboIDs/1Q2SuDfo8g50aRQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: okMAsUdE4EZH/l17TNbKQb7rohc=
everyoilydrivers.hmtlsfsf.repl.co/imgs/banner.jpg
34.149.204.188200 OK 1.1 MB URL HTTP/2 everyoilydrivers.hmtlsfsf.repl.co/imgs/banner.jpg
IP 34.149.204.188:0
File type PNG image data, 1666 x 798, 8-bit/color RGBA, non-interlaced\012- data
Size 1.1 MB (1069621 bytes)
Hash 512c73d3eec589b11046ba73e0a63c99
df02ee90fcb9141ee078b0471d46894e7fdabfa1
b423c6a7975148217402cebb879a668b67c6bfa1a861f3dbefee92152283509a
Analyzer Verdict Alert openphish Davivienda
GET /imgs/banner.jpg HTTP/1.1
Host: everyoilydrivers.hmtlsfsf.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://everyoilydrivers.hmtlsfsf.repl.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
date: Thu, 15 Sep 2022 09:03:08 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=5593180; includeSubDomains
content-length: 1069621
X-Firefox-Spdy: h2
everyoilydrivers.hmtlsfsf.repl.co/imgs/faviconDav.ico
34.149.204.188200 OK 1.4 kB URL HTTP/2 everyoilydrivers.hmtlsfsf.repl.co/imgs/faviconDav.ico
IP 34.149.204.188:0
File type MS Windows icon resource - 1 icon, 16x16\012- data
Hash 4b4927d3b2a8cab04acade59aedca9f9
f1e3cc17fdc86a984baf401ef98903df28e414b7
48230ee52e1bd018f51317c56b7cefe65152db3018dc42b074983afa923e0a63
Analyzer Verdict Alert openphish Davivienda
fortinet Phishing
GET /imgs/faviconDav.ico HTTP/1.1
Host: everyoilydrivers.hmtlsfsf.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://everyoilydrivers.hmtlsfsf.repl.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/x-icon
date: Thu, 15 Sep 2022 09:03:09 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=5593179; includeSubDomains
content-length: 1406
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13779
Expires: Thu, 15 Sep 2022 12:52:49 GMT
Date: Thu, 15 Sep 2022 09:03:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13779
Expires: Thu, 15 Sep 2022 12:52:49 GMT
Date: Thu, 15 Sep 2022 09:03:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13779
Expires: Thu, 15 Sep 2022 12:52:49 GMT
Date: Thu, 15 Sep 2022 09:03:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13779
Expires: Thu, 15 Sep 2022 12:52:49 GMT
Date: Thu, 15 Sep 2022 09:03:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13779
Expires: Thu, 15 Sep 2022 12:52:49 GMT
Date: Thu, 15 Sep 2022 09:03:10 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc482abf3-9a0f-40ae-8d4b-c95977ab3e5f.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc482abf3-9a0f-40ae-8d4b-c95977ab3e5f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ebe7a0235de91cc1bf4cc6baecbf43f5
fb0078b3be78ca41f46c102148b9e801cfacba8e
6b35ef88d4ca58338480a87d0b0143fc4e1885427735d5ea48ba6e99aa882678
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc482abf3-9a0f-40ae-8d4b-c95977ab3e5f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9630
x-amzn-requestid: c48fade7-f2d1-480e-a411-9bfd080b4b92
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YXwx8Fe-oAMFtiQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631fc80c-20c8930c7269503e6195fe72;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 00:00:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: bFdVw0FZgpuFUOM1MQPSvXByye8bqcrEXDc6O3rFwQKgUOvLxoT7Xg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:46:22 GMT
age: 79183
etag: "fb0078b3be78ca41f46c102148b9e801cfacba8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e9a2626-acb3-4c73-9ff9-e09ad82d489e.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e9a2626-acb3-4c73-9ff9-e09ad82d489e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5a6939786c9343412c9af87efd3f44e0
14131148fda4e8d85b582fd20e76bcc814341bf1
8412c50f0fdc131d9c4422f2d7307fc1ee062c3580a1d754ef71cf84f9727d49
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e9a2626-acb3-4c73-9ff9-e09ad82d489e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8447
x-amzn-requestid: 3237c2fa-bc17-4b8d-8afd-bacfaa90ca71
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X7FypF7KIAMFd7A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63145010-7052273b184685c83569c712;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 07:13:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: wzi_WnjJW5XjIfj8kyVL4LcQEjcuw1_zwrDiJegEZ2r8GOZcQahPEw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:46:45 GMT
age: 40585
etag: "14131148fda4e8d85b582fd20e76bcc814341bf1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3545c74-7af3-4ad8-815b-6a50681a2362.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3545c74-7af3-4ad8-815b-6a50681a2362.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f42b72c3fd66a6758ebcf0ca8cc1a046
13d42d455f5131b7b861b97eb3f0e91236d4d222
4a07fcacde77dc890164fda9f295b61af6947b2d7f3f84f64749d93e3a1e5b99
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3545c74-7af3-4ad8-815b-6a50681a2362.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10633
x-amzn-requestid: 8dbc7f5f-1cb9-4b45-913d-2d4db71449fd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X7FSvG98IAMFeLQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63144f44-3094163533977c6d1ee90274;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 07:09:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5Gx5Pfp0fH7GtvITXwV1CVZlM6wbfIXmyk_4xZtIVf8qkmg0AyxBPQ==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 20:21:01 GMT
age: 45729
etag: "13d42d455f5131b7b861b97eb3f0e91236d4d222"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d547c90-3ccc-4c25-a8e5-de1d932a8cfb.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d547c90-3ccc-4c25-a8e5-de1d932a8cfb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aaf675adec05212317877a5f479d11a7
cab4d850cd2bc5b3e1570ae837a58382e6eae5ec
cb4eb5b406f1ec01e3094d0519d8e4e7a469056bb898e2c47d48378e4b2b261d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d547c90-3ccc-4c25-a8e5-de1d932a8cfb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3951
x-amzn-requestid: 65c15365-1bff-4dd2-a651-33683a033e05
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YE9_oHP_oAMF3Fw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63184397-148253910e5cd21b0e436b09;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 07:09:11 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _BTSN2zHd-FiETAJVrQhk9Odsn_M3GGs0nU0QpLrE9Rpin0VQPzy2w==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 22:19:41 GMT
age: 38609
etag: "cab4d850cd2bc5b3e1570ae837a58382e6eae5ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f370e89-6cc5-4da8-83dc-68d5a685ce0f.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f370e89-6cc5-4da8-83dc-68d5a685ce0f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a05eafb022d09a0c88432fe018f2c325
b8ae9f4346fe63c5aa7a3b07ef84eac8fc63ca94
91b3994632d954d1c93ee53a46d2d8850ebe387af40962aad787d341b742e9f0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f370e89-6cc5-4da8-83dc-68d5a685ce0f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9340
x-amzn-requestid: 23ab295a-91a0-4a91-ba26-8302088a50c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNxvmEPIIAMFZlQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bc996-10ccfaf45b93ef066901573d;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 23:17:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: j_TffmLpWMBRCuHyrY6e6DuD3g8nOMX296pqnkra4KHsAwSkXj-3_w==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 22:00:43 GMT
age: 39747
etag: "b8ae9f4346fe63c5aa7a3b07ef84eac8fc63ca94"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86bf6a5e-a3e5-479d-a052-fa843c45a3d9.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86bf6a5e-a3e5-479d-a052-fa843c45a3d9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4833535b1650b0ac875704023b650e66
96ab8cd8e14350f730d26731f3445710324e24e2
d2b5a51e39a4890ba56e819d4d5d1d57d4d3cfc50dde42efdf23b8e9be17d1c7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86bf6a5e-a3e5-479d-a052-fa843c45a3d9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9400
x-amzn-requestid: 8cf35176-18a1-427b-870c-bdae465060c8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYM18E-iIAMFcmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ff4f2-427bc0ff6593e71e25b91589;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 03:11:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZVnPAYUOBCRUYD3wEx79lIMjBJCKyVB9CmnTqMJIaFPbQGPoHwB73w==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 20:21:37 GMT
age: 45693
etag: "96ab8cd8e14350f730d26731f3445710324e24e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2