r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5fe582397f3003b225cb9058e02c2190
68174a54a8f6c4de9247ccea2dcae3c9b76bdb9f
238a2ef5b61d56353d0a5e97ec3092b8f2792cde7cecf40e1a858f8c129d3a9d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "238A2EF5B61D56353D0A5E97EC3092B8F2792CDE7CECF40E1A858F8C129D3A9D"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17393
Expires: Fri, 27 Jan 2023 08:26:06 GMT
Date: Fri, 27 Jan 2023 03:36:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 58ffdcb539c3b250fdf31ed761627fc1
5b55b1522ef84c39b5c42f9bbfbc62b806c1269f
eb783cfa8c8544b0574b345abc0bf3c150979d4efce1a013f17b6cd48076fc63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB783CFA8C8544B0574B345ABC0BF3C150979D4EFCE1A013F17B6CD48076FC63"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5284
Expires: Fri, 27 Jan 2023 05:04:17 GMT
Date: Fri, 27 Jan 2023 03:36:13 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 27 Jan 2023 03:35:19 GMT
content-type: application/json
age: 54
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 49049f3c92aad686cd7ff28ecd2a5a4f
9cc2bc9c055450dbc4fae93eabe4ef8509b3ff57
02cf421968192286bb174ff0e6c818a843c4eca61a02cd493e6f95bb58a37015
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02CF421968192286BB174FF0E6C818A843C4ECA61A02CD493E6F95BB58A37015"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2274
Expires: Fri, 27 Jan 2023 04:14:07 GMT
Date: Fri, 27 Jan 2023 03:36:13 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 3XalnUAWbZSGfoHijarkhj9atze9HKFOCs9IIcQxbU/PyxUb7LDMc1uxUNnkTQEcnAbSI22A7NM=
x-amz-request-id: C0MGWDQ08K4GEJ3B
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 27 Jan 2023 03:20:22 GMT
age: 951
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
design.ctdesarrollo.org/wordpress/wp-includes/images/wlw/main/CBK/clients/login.php
181.39.49.158200 OK 1.4 kB URL HTTP/1.1 design.ctdesarrollo.org/wordpress/wp-includes/images/wlw/main/CBK/clients/login.php
IP 181.39.49.158:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 5d8153ddd228b23621e1c6a948fd4dbd
169863920ca700ac4f287205db3ba1c564dd8687
58b8799b0e2ff0f4dbb8b84cd599d2eb8b24f7a4dd89ad2839e7b61dea1ef2cb
Analyzer Verdict Alert openphish CaixaBank
fortinet Malware
GET /wordpress/wp-includes/images/wlw/main/CBK/clients/login.php HTTP/1.1
Host: design.ctdesarrollo.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 04:26:21 GMT
Server: Apache/2.4.10 (Debian)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
X-Robots-Tag: noindex, nofollow, noarchive, nosnippet
Content-Length: 1406
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=7locrlrsi6l12434htg1so7pg5; path=/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 03:36:13 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css
151.101.129.229200 OK 24 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css
IP 151.101.129.229:0
File type ASCII text, with very long lines (65326)
Hash 77348602be5574ea01c6e042f63a9b12
1a0d5e8fdf352f8e58351f85152be5d141547e11
57e4cabfd2685370ba747eb1216a753a389200451202efd886758debf0d33a2a
GET /npm/bootstrap@4.5.3/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://design.ctdesarrollo.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.5.3
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 27 Jan 2023 03:36:14 GMT
age: 26855527
x-served-by: cache-fra19178-FRA, cache-bma1644-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23906
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery.payment/3.0.0/jquery.payment.min.js
104.17.24.14200 OK 2.4 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery.payment/3.0.0/jquery.payment.min.js
IP 104.17.24.14:0
File type Unicode text, UTF-8 text, with very long lines (8392)
Hash 5fa1a60087fef53b1c0c4f4d6014f684
361a5d6829ec17ebf82571f3b20bd472ab4b0141
43c8409c5dc3b3b21b12068ca0089744c14770ba7f316dfb704b4104cb951bef
GET /ajax/libs/jquery.payment/3.0.0/jquery.payment.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://design.ctdesarrollo.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 03:36:14 GMT
content-type: application/javascript; charset=utf-8
content-length: 2420
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec3-210b"
last-modified: Mon, 04 May 2020 16:11:47 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 682875
expires: Wed, 17 Jan 2024 03:36:14 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fT9zirZ%2Bt2z0t5hCNfcAYcLXRZHK8oslh0Hnh4KTwzlyM0rfrrTAZfyCap4YHBKJmW0firv2et6DvMTLwL8wJJUJ6E1QoTkafU1J7Atr6pv2V0t4suVuCv%2BWIIdhHdRuzQlxQNVd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78fe71605e58b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/js/all.min.js
104.17.24.14200 OK 362 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/js/all.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (65350)
Size 362 kB (362308 bytes)
Hash 62bb7903fab88f2eb3e614bd662f4c72
7e404419744e5b1a842e50a344c6ac6f24753118
2fcdd5f98d838b1440e4101dc63a2a77881e9474fa52577f54f9407b61e418b6
GET /ajax/libs/font-awesome/5.15.1/js/all.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://design.ctdesarrollo.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 03:36:14 GMT
content-type: application/javascript; charset=utf-8
content-length: 362308
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f7b5b5f-123bd0"
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3657463
expires: Wed, 17 Jan 2024 03:36:14 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Vfp2TywaShxGDoXvGvCg7m2CtN9S5AM4PZaKrkGftzgGjMO3K26wny3X5sjD9quJYivIdUtoHZIbJBQAB1q3c97fJhxgLGA9EHys5s1bPdBwnJ4e5tCDyvWBn5EQkixKly9oSnE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78fe71605e56b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js
151.101.129.229200 OK 22 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js
IP 151.101.129.229:0
File type ASCII text, with very long lines (65299)
Hash 151629f36761d6fb6d0e0330239884a6
ebb9c30e5565793e2767735f0647bdf26fed4ab5
53c395dd774b12c572c9f1b453f7903c08de32f6958d974bc5db38634a6509d6
GET /npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://design.ctdesarrollo.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 4.5.3
x-jsd-version-type: version
etag: W/"148b8-qycDEVlyTiQh9v9ccPSOZXq+nTk"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 27 Jan 2023 03:36:14 GMT
age: 24452038
x-served-by: cache-fra19179-FRA, cache-bma1644-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 21785
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.5.1.min.js
69.16.175.10200 OK 31 kB URL HTTP/2 code.jquery.com/jquery-3.5.1.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (65451)
Hash 3700d0b271343804b9b9aa1c13efa521
3d6b03dbd74872ca3dfbb0529f6c80943788f918
fda7541f8e4cf921d20bcd0dc1d0efe69644c79bd18a0be4ce2f34246c83603e
GET /jquery-3.5.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://design.ctdesarrollo.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 03:36:14 GMT
content-encoding: gzip
content-length: 30879
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d84"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1674790574.dop012.sk1.t,1674790574.cds259.sk1.hn,1674790574.cds208.sk1.c
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
151.101.130.133200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 151.101.130.133:0
Hash 2493bdb85f36abd9710f0519ad0b19d1
4b9c025713a5cbd5ecbb835c5bf7d11b4bad68b7
38738a6f0164ef67288c80636262917bbea967568cffec10380b8d852d63c7d9
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1462
Content-Type: application/ocsp-response
Etag: "7D105016BC142138E43B0948EA1FE70D3514DB15"
Expires: Fri, 27 Jan 2023 14:00:00 UTC
Last-Modified: Fri, 27 Jan 2023 02:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
Accept-Ranges: bytes
Date: Fri, 27 Jan 2023 03:36:14 GMT
Via: 1.1 varnish
Age: 2195
X-Served-By: cache-bma1672-BMA
X-Cache: HIT
X-Cache-Hits: 3
X-Timer: S1674790574.226313,VS0,VE0
design.ctdesarrollo.org/wordpress/wp-includes/images/wlw/main/CBK/assets/css/style.css
181.39.49.158200 OK 2.2 kB URL HTTP/1.1 design.ctdesarrollo.org/wordpress/wp-includes/images/wlw/main/CBK/assets/css/style.css
IP 181.39.49.158:0
File type ASCII text, with very long lines (8669), with CRLF line terminators
Hash 986935371eef0c510575f05de77beb03
5972faffe3f2df9312abad433d36abb53bcc1a5d
e3e97653d5081d41baaf937f111cf950e3d9750f1a763211d9ce9638b1199d48
GET /wordpress/wp-includes/images/wlw/main/CBK/assets/css/style.css HTTP/1.1
Host: design.ctdesarrollo.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://design.ctdesarrollo.org/wordpress/wp-includes/images/wlw/main/CBK/clients/login.php
Cookie: PHPSESSID=7locrlrsi6l12434htg1so7pg5
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 04:26:21 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Sun, 01 Jan 2023 19:26:12 GMT
ETag: "21df-5f138ceb53d00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Robots-Tag: noindex, nofollow, noarchive, nosnippet
Content-Length: 2158
Content-Type: text/css
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
design.ctdesarrollo.org/wordpress/wp-includes/images/wlw/main/CBK/assets/css/helpers.css
181.39.49.158200 OK 4.7 kB URL HTTP/1.1 design.ctdesarrollo.org/wordpress/wp-includes/images/wlw/main/CBK/assets/css/helpers.css
IP 181.39.49.158:0
File type ASCII text, with very long lines (41750), with CRLF line terminators
Hash c5aeb7ee5d038c04c1b82e5b4e2337b8
50b3320cf173861f8562ea20a2b72b5fe7c340a9
8efa178c7d4276e48094ad066c7dc6a0ee09e3fc5ce6233634ef81ca350374ff
Analyzer Verdict Alert urlquery phishing Phishing - Caixa Bank
GET /wordpress/wp-includes/images/wlw/main/CBK/assets/css/helpers.css HTTP/1.1
Host: design.ctdesarrollo.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://design.ctdesarrollo.org/wordpress/wp-includes/images/wlw/main/CBK/clients/login.php
Cookie: PHPSESSID=7locrlrsi6l12434htg1so7pg5
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 04:26:21 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Thu, 20 Oct 2022 17:24:36 GMT
ETag: "a318-5eb7a996abd00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Robots-Tag: noindex, nofollow, noarchive, nosnippet
Content-Length: 4669
Content-Type: text/css
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 2ebcc7cd4c50e87a984668828c1e612e
f693d36335f333e3647f9fb2460e34dd73e17421
27f1d63422ccd02a6af514c2c0a36ac6f4e0d6f74ad6d9fc8c32e8ea487ffe15
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 03:36:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 2ebcc7cd4c50e87a984668828c1e612e
f693d36335f333e3647f9fb2460e34dd73e17421
27f1d63422ccd02a6af514c2c0a36ac6f4e0d6f74ad6d9fc8c32e8ea487ffe15
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 03:36:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
design.ctdesarrollo.org/wordpress/wp-includes/images/wlw/main/CBK/assets/imgs/logo2.png
181.39.49.158200 OK 3.8 kB URL HTTP/1.1 design.ctdesarrollo.org/wordpress/wp-includes/images/wlw/main/CBK/assets/imgs/logo2.png
IP 181.39.49.158:0
File type PNG image data, 179 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 1cd34bca30007450e43cb31aa8066eb5
9e3d9f79186c5508c14eb348c3863c088b3b014d
5cd785f49ff5a788853a8b1bc12a366f9f728c640bfbf239910fcca688cf3bcf
Analyzer Verdict Alert urlquery phishing Phishing - Caixa Bank
GET /wordpress/wp-includes/images/wlw/main/CBK/assets/imgs/logo2.png HTTP/1.1
Host: design.ctdesarrollo.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://design.ctdesarrollo.org/wordpress/wp-includes/images/wlw/main/CBK/clients/login.php
Cookie: PHPSESSID=7locrlrsi6l12434htg1so7pg5
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 04:26:21 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Thu, 20 Oct 2022 17:24:36 GMT
ETag: "ecf-5eb7a996abd00"
Accept-Ranges: bytes
Content-Length: 3791
X-Robots-Tag: noindex, nofollow, noarchive, nosnippet
Content-Type: image/png
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
design.ctdesarrollo.org/wordpress/wp-includes/images/wlw/main/CBK/assets/js/script.js
181.39.49.158200 OK 109 B URL HTTP/1.1 design.ctdesarrollo.org/wordpress/wp-includes/images/wlw/main/CBK/assets/js/script.js
IP 181.39.49.158:0
File type ASCII text, with CRLF line terminators
Hash 0a34b5eb919d1db42ea2a7d43e226e04
f6f2bcc0b1961e5bc080783987a8c58e606a457b
c339f7048ecc3ea0745e0697fd6608addee8c1df95a54032dfe592ffe6036d8a
Analyzer Verdict Alert urlquery phishing Phishing - Caixa Bank
GET /wordpress/wp-includes/images/wlw/main/CBK/assets/js/script.js HTTP/1.1
Host: design.ctdesarrollo.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://design.ctdesarrollo.org/wordpress/wp-includes/images/wlw/main/CBK/clients/login.php
Cookie: PHPSESSID=7locrlrsi6l12434htg1so7pg5
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 04:26:21 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Thu, 20 Oct 2022 17:24:36 GMT
ETag: "9a-5eb7a996abd00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Robots-Tag: noindex, nofollow, noarchive, nosnippet
Content-Length: 109
Content-Type: application/javascript
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
design.ctdesarrollo.org/wordpress/wp-includes/images/wlw/main/CBK/assets/imgs/header-right.png
181.39.49.158200 OK 1.1 kB URL HTTP/1.1 design.ctdesarrollo.org/wordpress/wp-includes/images/wlw/main/CBK/assets/imgs/header-right.png
IP 181.39.49.158:0
File type PNG image data, 80 x 14, 8-bit/color RGB, non-interlaced\012- data
Hash 82008cc0cff20a468522ebe4247cdd88
569bce431b3273c1982320fd21e0325afad1651d
f7468a451c18a2e791e1a02de984336e4e2476eac60b238101e7f97e3e47eae6
Analyzer Verdict Alert urlquery phishing Phishing - Caixa Bank
GET /wordpress/wp-includes/images/wlw/main/CBK/assets/imgs/header-right.png HTTP/1.1
Host: design.ctdesarrollo.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://design.ctdesarrollo.org/wordpress/wp-includes/images/wlw/main/CBK/clients/login.php
Cookie: PHPSESSID=7locrlrsi6l12434htg1so7pg5
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 04:26:21 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Thu, 20 Oct 2022 17:24:36 GMT
ETag: "462-5eb7a996abd00"
Accept-Ranges: bytes
Content-Length: 1122
X-Robots-Tag: noindex, nofollow, noarchive, nosnippet
Content-Type: image/png
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
design.ctdesarrollo.org/wordpress/wp-includes/images/wlw/main/CBK/assets/imgs/lock.png
181.39.49.158200 OK 1.7 kB URL HTTP/1.1 design.ctdesarrollo.org/wordpress/wp-includes/images/wlw/main/CBK/assets/imgs/lock.png
IP 181.39.49.158:0
File type PNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced\012- data
Hash ce29058cd51b6b684a8491f039931192
3f08da5cf9c0b0e745a6bbe52b4e77935051a9e4
9723a6d5f5ea669e43fd75e6af8770704573ebc065e148c13c78c334654f9007
Analyzer Verdict Alert urlquery phishing Phishing - Caixa Bank
GET /wordpress/wp-includes/images/wlw/main/CBK/assets/imgs/lock.png HTTP/1.1
Host: design.ctdesarrollo.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://design.ctdesarrollo.org/wordpress/wp-includes/images/wlw/main/CBK/clients/login.php
Cookie: PHPSESSID=7locrlrsi6l12434htg1so7pg5
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 04:26:21 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Thu, 20 Oct 2022 17:24:36 GMT
ETag: "6a2-5eb7a996abd00"
Accept-Ranges: bytes
Content-Length: 1698
X-Robots-Tag: noindex, nofollow, noarchive, nosnippet
Content-Type: image/png
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 27 Jan 2023 02:41:40 GMT
age: 3274
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash d9bf2793558044193d7e5d27708a9144
5a8f73462cfda6544cc3efe488854c3cd80bb0a7
e1db5ce5f130aa6d6a1bf18da60fee5c6bb76625a26aef0fee67702e7209ef7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 03:36:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash d9bf2793558044193d7e5d27708a9144
5a8f73462cfda6544cc3efe488854c3cd80bb0a7
e1db5ce5f130aa6d6a1bf18da60fee5c6bb76625a26aef0fee67702e7209ef7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 03:36:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://design.ctdesarrollo.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 18:52:41 GMT
expires: Tue, 23 Jan 2024 18:52:41 GMT
cache-control: public, max-age=31536000
age: 290613
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
design.ctdesarrollo.org/wordpress/wp-includes/images/wlw/main/CBK/assets/imgs/left.png
181.39.49.158200 OK 370 B URL HTTP/1.1 design.ctdesarrollo.org/wordpress/wp-includes/images/wlw/main/CBK/assets/imgs/left.png
IP 181.39.49.158:0
File type PNG image data, 20 x 12, 8-bit/color RGBA, non-interlaced\012- data
Hash a1f2576ec3e4f2116a01754d56d118e7
890da4dbf23d69601928cda5f7aa1f7b4f1f1dfc
2e17d633851029691b889873b7bec28230da38513ce85c0d71c8128950f55ac8
Analyzer Verdict Alert urlquery phishing Phishing - Caixa Bank
GET /wordpress/wp-includes/images/wlw/main/CBK/assets/imgs/left.png HTTP/1.1
Host: design.ctdesarrollo.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://design.ctdesarrollo.org/wordpress/wp-includes/images/wlw/main/CBK/clients/login.php
Cookie: PHPSESSID=7locrlrsi6l12434htg1so7pg5
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 04:26:21 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Thu, 20 Oct 2022 17:24:36 GMT
ETag: "172-5eb7a996abd00"
Accept-Ranges: bytes
Content-Length: 370
X-Robots-Tag: noindex, nofollow, noarchive, nosnippet
Content-Type: image/png
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
design.ctdesarrollo.org/wordpress/wp-includes/images/wlw/main/CBK/assets/imgs/key2.png
181.39.49.158200 OK 1.6 kB URL HTTP/1.1 design.ctdesarrollo.org/wordpress/wp-includes/images/wlw/main/CBK/assets/imgs/key2.png
IP 181.39.49.158:0
File type PNG image data, 138 x 17, 8-bit/color RGB, non-interlaced\012- data
Hash 8b3b2613a7fc7d3551a02df7f4cbcf7c
4e027bcc74abbcd1cf12dcf95a67fcd20b37f16e
a615a2d7035f38f27a596dab3e5e562a7b4db64ba7e995a89972ff2db1c2c4d0
Analyzer Verdict Alert urlquery phishing Phishing - Caixa Bank
GET /wordpress/wp-includes/images/wlw/main/CBK/assets/imgs/key2.png HTTP/1.1
Host: design.ctdesarrollo.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://design.ctdesarrollo.org/wordpress/wp-includes/images/wlw/main/CBK/clients/login.php
Cookie: PHPSESSID=7locrlrsi6l12434htg1so7pg5
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 04:26:21 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Thu, 20 Oct 2022 17:24:36 GMT
ETag: "641-5eb7a996abd00"
Accept-Ranges: bytes
Content-Length: 1601
X-Robots-Tag: noindex, nofollow, noarchive, nosnippet
Content-Type: image/png
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash d9bf2793558044193d7e5d27708a9144
5a8f73462cfda6544cc3efe488854c3cd80bb0a7
e1db5ce5f130aa6d6a1bf18da60fee5c6bb76625a26aef0fee67702e7209ef7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 03:36:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash d9bf2793558044193d7e5d27708a9144
5a8f73462cfda6544cc3efe488854c3cd80bb0a7
e1db5ce5f130aa6d6a1bf18da60fee5c6bb76625a26aef0fee67702e7209ef7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 03:36:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
design.ctdesarrollo.org/wordpress/wp-includes/images/wlw/main/CBK/assets/imgs/logo.png
181.39.49.158200 OK 3.9 kB URL HTTP/1.1 design.ctdesarrollo.org/wordpress/wp-includes/images/wlw/main/CBK/assets/imgs/logo.png
IP 181.39.49.158:0
File type PNG image data, 200 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash ce8730e4ffe45d3e6fd6ba6eae772885
18432d9a921768aa16f537c63877f28e4950ce7e
243e7d9077b620eb71838d4b489c0aa63b453912cfa2ca71b5f68a08c69959e1
Analyzer Verdict Alert urlquery phishing Phishing - Caixa Bank
GET /wordpress/wp-includes/images/wlw/main/CBK/assets/imgs/logo.png HTTP/1.1
Host: design.ctdesarrollo.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://design.ctdesarrollo.org/wordpress/wp-includes/images/wlw/main/CBK/clients/login.php
Cookie: PHPSESSID=7locrlrsi6l12434htg1so7pg5
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 04:26:22 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Thu, 20 Oct 2022 17:24:36 GMT
ETag: "f1f-5eb7a996abd00"
Accept-Ranges: bytes
Content-Length: 3871
X-Robots-Tag: noindex, nofollow, noarchive, nosnippet
Content-Type: image/png
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
design.ctdesarrollo.org/wordpress/wp-includes/images/wlw/main/CBK/assets/imgs/key1.png
181.39.49.158200 OK 1.5 kB URL HTTP/1.1 design.ctdesarrollo.org/wordpress/wp-includes/images/wlw/main/CBK/assets/imgs/key1.png
IP 181.39.49.158:0
File type PNG image data, 120 x 17, 8-bit/color RGB, non-interlaced\012- data
Hash d659e929aae92bddb49a4d5dfef2e0ee
be13d0a31407e79b810965f408c19fd0c9ae952b
236901c09ca4b7b523f990fdd398e7ba4bd1b2f2c4afb1a4f1a7116a536ee6ba
Analyzer Verdict Alert urlquery phishing Phishing - Caixa Bank
GET /wordpress/wp-includes/images/wlw/main/CBK/assets/imgs/key1.png HTTP/1.1
Host: design.ctdesarrollo.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://design.ctdesarrollo.org/wordpress/wp-includes/images/wlw/main/CBK/clients/login.php
Cookie: PHPSESSID=7locrlrsi6l12434htg1so7pg5
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 04:26:22 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Thu, 20 Oct 2022 17:24:36 GMT
ETag: "5b9-5eb7a996abd00"
Accept-Ranges: bytes
Content-Length: 1465
X-Robots-Tag: noindex, nofollow, noarchive, nosnippet
Content-Type: image/png
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c398b6b39d11d25b8ae9bc5cd94a1c98
640aa8c399ced71d0c2a9f5a90fbaf091b01d642
a6f07f7c6a4746acc25457c726701df33120628dfb578bc4982448d8efee5855
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A6F07F7C6A4746ACC25457C726701DF33120628DFB578BC4982448D8EFEE5855"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18472
Expires: Fri, 27 Jan 2023 08:44:06 GMT
Date: Fri, 27 Jan 2023 03:36:14 GMT
Connection: keep-alive
design.ctdesarrollo.org/wordpress/wp-includes/images/wlw/main/CBK/assets/imgs/favicon.ico
181.39.49.158200 OK 2.2 kB URL HTTP/1.1 design.ctdesarrollo.org/wordpress/wp-includes/images/wlw/main/CBK/assets/imgs/favicon.ico
IP 181.39.49.158:0
File type MS Windows icon resource - 1 icon, 32x32, 255 colors\012- data
Hash 319392dc052e4d16142712fe46c06476
1f2b9e013e766ca8e68fdef043349c3cff414652
e75a1c250fe81fbf6d339da1549f5d0e985c4739a56c3b75625064c41e8d085c
Analyzer Verdict Alert urlquery phishing Phishing - Caixa Bank
GET /wordpress/wp-includes/images/wlw/main/CBK/assets/imgs/favicon.ico HTTP/1.1
Host: design.ctdesarrollo.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://design.ctdesarrollo.org/wordpress/wp-includes/images/wlw/main/CBK/clients/login.php
Cookie: PHPSESSID=7locrlrsi6l12434htg1so7pg5
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 04:26:22 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Thu, 20 Oct 2022 17:24:36 GMT
ETag: "8be-5eb7a996abd00"
Accept-Ranges: bytes
Content-Length: 2238
X-Robots-Tag: noindex, nofollow, noarchive, nosnippet
Content-Type: image/vnd.microsoft.icon
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
push.services.mozilla.com/
50.112.247.170101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 50.112.247.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: QFe4ak/ejHMfJm3Db+U+1w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: PgUb8S5fP2/n2wAhK/kIzUQGtUs=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9832
Expires: Fri, 27 Jan 2023 06:20:08 GMT
Date: Fri, 27 Jan 2023 03:36:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9832
Expires: Fri, 27 Jan 2023 06:20:08 GMT
Date: Fri, 27 Jan 2023 03:36:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9832
Expires: Fri, 27 Jan 2023 06:20:08 GMT
Date: Fri, 27 Jan 2023 03:36:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9832
Expires: Fri, 27 Jan 2023 06:20:08 GMT
Date: Fri, 27 Jan 2023 03:36:16 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a181da5-9eaa-4508-9ba5-ce3527c87698.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a181da5-9eaa-4508-9ba5-ce3527c87698.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7a01352e094fda751e3227191ca74469
7ad63fabc3d52f7fc3f2f648d11edf7241e24368
8c06a16bab3b9c3130a8d8d91e52a01073b685d4831d1ba7129ac571bd7d0bc3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a181da5-9eaa-4508-9ba5-ce3527c87698.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7525
x-amzn-requestid: a7a05ec2-92ae-4813-b087-c4f32df1f7f9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fB5k7GgkoAMF6eg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ca3c85-3c08d20509992a0d031213ad;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 07:02:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PyRhsgixwVqdtaNructs84RGA6AYOgTbqE_lUViwIZCHFMosWEo_8w==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 09:59:33 GMT
age: 63403
etag: "7ad63fabc3d52f7fc3f2f648d11edf7241e24368"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48b381df-c118-4c63-bd08-99ac7a51ae39.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48b381df-c118-4c63-bd08-99ac7a51ae39.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 06130c82b0c12aabc0cc9f920114e1c5
c2137e969f6eb3790923e1bc30d4288105fd1296
70b50dc9f7e76372b557da8d5188e86b4307e3d855619c5974d7830ab187cec1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48b381df-c118-4c63-bd08-99ac7a51ae39.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11689
x-amzn-requestid: c72f71e2-e235-4611-826b-94b55c1a6a17
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fR1YDGl8oAMF2Lw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d09c33-3e8a69900c1267e102d2c2bc;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 03:04:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tVR_sITOzOjgI7rbEZtkZxix7ndnSvWOM86XQWgT4mbLyjP_5cY0BQ==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 03:52:59 GMT
age: 85397
etag: "c2137e969f6eb3790923e1bc30d4288105fd1296"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73f08a17-fd76-4130-b0e4-891c4a522ac4.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73f08a17-fd76-4130-b0e4-891c4a522ac4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 540b084166fb1ad476a2b816848004ac
d10694af4ff8fbdf58896085611b4614a7353eda
b5ce9c01e4ac5a634ab858787c69fe4bf1f297df92b1258f0de6e1461329154b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73f08a17-fd76-4130-b0e4-891c4a522ac4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5567
x-amzn-requestid: 07346e30-a195-4e30-80ed-09bc2844c64d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fORCGGMGIAMFmWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf2eda-266bd30056d9d09c009ac086;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 01:05:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1S1gNaWbByU2Ufc46x0shFDogteGouCIQZ9xX2n2QAFa4AjsFozrRA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 23:04:49 GMT
age: 16287
etag: "d10694af4ff8fbdf58896085611b4614a7353eda"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 131eb343c5abd61939457d69bd371348
ffb2035cf64fc83f01db5c6f26ffa264b6aac95b
8486eb9dc6325018f8721bc6f37408f260b6e652b145280f2d778d860d3ec2d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7538
x-amzn-requestid: 113924cc-a196-4dbd-91d9-68c213265afe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3fobF-ZoAMFjjA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c61302-6b24941a642b22cf21e47dc0;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2P09wOtKPDHjxxAuzcLFMQJwmGN1zNJcH9LA6IJpeaGiaPVRF4y-TA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 21:59:56 GMT
age: 20180
etag: "ffb2035cf64fc83f01db5c6f26ffa264b6aac95b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F91a77b6d-ccc1-422b-8493-221c615accaf.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F91a77b6d-ccc1-422b-8493-221c615accaf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e0fe44d9606e6a149a253423f312dfc5
78e442e8a9142311c25dafd01823a240f4acb0d6
9aad8938c1fda9641f95a4369f57ea57303a28e05f56e3bb1961e17cfbb123f4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F91a77b6d-ccc1-422b-8493-221c615accaf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13175
x-amzn-requestid: 14ccf28a-a84a-4903-9edc-7659096cb3ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fRxOCFrkIAMFt8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0958c-6a67f1aa65038439793808fd;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 02:35:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6Af7rqnIDAKAw6O0CYUv1epQ8VxFyXBjtAtpovQZJ72aKEymQu_O8Q==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 07:43:29 GMT
age: 71567
etag: "78e442e8a9142311c25dafd01823a240f4acb0d6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47dfbf8f-d762-4550-83d7-2992a8c8fe66.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47dfbf8f-d762-4550-83d7-2992a8c8fe66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bad60daf652c598a06510ff955137b69
235bf4642e726bb6a303fe1b69238e2e973414cb
d655c5ac17274a30a89c31674e14dc9c1b6bc39bfff94db1c9ff0d8006bb673b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47dfbf8f-d762-4550-83d7-2992a8c8fe66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12508
x-amzn-requestid: 68787c38-72fe-4d8a-9521-aeb9efa56b05
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fBYWyGIHoAMF-LQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ca075e-1ee9488d2dd0437728beac94;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 03:15:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2RZzMCqjRpKbm-g_6vAq1YV4LQ5RAB9HrkKCQx_ah4C6PnAzHZpKCg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 18:49:04 GMT
age: 31632
etag: "235bf4642e726bb6a303fe1b69238e2e973414cb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&display=swap
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&display=swap
IP 142.250.74.74:0
GET /css2?family=Open+Sans:wght@400;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://design.ctdesarrollo.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 27 Jan 2023 03:36:14 GMT
date: Fri, 27 Jan 2023 03:36:14 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2