bancavirtual34.bancavirtual34.repl.co/formsecurity.php
34.149.204.188308 Permanent Redirect 98 B URL HTTP/1.1 bancavirtual34.bancavirtual34.repl.co/formsecurity.php
IP 34.149.204.188:0
File type HTML document, ASCII text
Hash a8da8111d99562b8c7e2d29c26d897a4
0f0023f530931f37a4e784071f5f8d24f04f0dee
dd5b380f93d62691a77e66a3e9d6a64d9dcae61c91ece7048e1c6ce873afc460
Analyzer Verdict Alert openphish Scotiabank
GET /formsecurity.php HTTP/1.1
Host: bancavirtual34.bancavirtual34.repl.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 308 Permanent Redirect
Content-Type: text/html; charset=utf-8
Location: https://bancavirtual34.bancavirtual34.repl.co/formsecurity.php
Replit-Cluster: global
Date: Wed, 08 Feb 2023 05:24:26 GMT
Content-Length: 98
Via: 1.1 google
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b7407cc102d62a5acd5e61f8a79bed36
c2f4890a62454e514962b55b7fc14228339c8e90
be282de92da261128a7c8471f3067466aa9930fd0ab2a2cdda8cd2d6ce2bbd74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE282DE92DA261128A7C8471F3067466AA9930FD0AB2A2CDDA8CD2D6CE2BBD74"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5279
Expires: Wed, 08 Feb 2023 06:52:25 GMT
Date: Wed, 08 Feb 2023 05:24:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2412
Expires: Wed, 08 Feb 2023 06:04:38 GMT
Date: Wed, 08 Feb 2023 05:24:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16220
Expires: Wed, 08 Feb 2023 09:54:46 GMT
Date: Wed, 08 Feb 2023 05:24:26 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 08 Feb 2023 04:34:12 GMT
content-type: application/json
age: 3014
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 6ZCgb2rosA8zhCJxariscIFbMTlpXRfNYahxDqr4s5scaxx/L+NsHrdHLOWVJ9LgHy3aI2wGCsg=
x-amz-request-id: AKN8R7B5YQSJDYMP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 08 Feb 2023 04:45:50 GMT
age: 2316
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 05:24:26 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e9c9f00dba9b308cdd59a881153182b2
afe27e77e58e76cac69d4bbac19614d008be9c2e
836e56be4c0034ebe24cddf30a8d50ac8b8cd96e99ba6e896b45369b4c0c8075
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "836E56BE4C0034EBE24CDDF30A8D50AC8B8CD96E99BA6E896B45369B4C0C8075"
Last-Modified: Wed, 08 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 08 Feb 2023 11:24:26 GMT
Date: Wed, 08 Feb 2023 05:24:26 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Retry-After, Content-Length, Content-Type, ETag, Cache-Control, Alert, Pragma, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 08 Feb 2023 04:51:20 GMT
age: 1986
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5627
Expires: Wed, 08 Feb 2023 06:58:14 GMT
Date: Wed, 08 Feb 2023 05:24:27 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 8d5417d247d259e3c0186136b83d9f75
49fbcf99a352669aee2559579ef73fa60f46d38d
3c013921158ec27e44d5e80a5108557de80a27f38089ac3a52c6c1cf5636f585
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 05:24:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-T28RDJS
142.250.74.168200 OK 69 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-T28RDJS
IP 142.250.74.168:0
File type Unicode text, UTF-8 text, with very long lines (54816)
Hash affdc214cbecc44a0ddabc518addcdd4
17d300f987210e01c564fc7da98b7f3fdb909095
40cba943365c5ce8a24ec8e018c459404edf2099221b0be42bb83823f1ac2550
GET /gtm.js?id=GTM-T28RDJS HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bancavirtual34.bancavirtual34.repl.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 Feb 2023 05:24:27 GMT
expires: Wed, 08 Feb 2023 05:24:27 GMT
cache-control: private, max-age=900
last-modified: Wed, 08 Feb 2023 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 69065
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 8d5417d247d259e3c0186136b83d9f75
49fbcf99a352669aee2559579ef73fa60f46d38d
3c013921158ec27e44d5e80a5108557de80a27f38089ac3a52c6c1cf5636f585
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 05:24:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
35.160.122.190101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.160.122.190:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: QXuwLW7RJa263lnbqs2Ecw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QoB78hRj26z7RVMz6akIEz+YMdc=
bancavirtual34.bancavirtual34.repl.co/M_files/136231996928353
34.149.204.188404 Not Found 556 B URL HTTP/2 bancavirtual34.bancavirtual34.repl.co/M_files/136231996928353
IP 34.149.204.188:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 46632c9ec0b093a80e10bacb32c0922d
af98ebdb4f0c167b82c7ea0cd585e5771e5969b6
dd094b7dd46406aa4d7df7ee4d1f1093519f6c4c25eb7f722db93048c1434402
Analyzer Verdict Alert openphish Scotiabank
GET /M_files/136231996928353 HTTP/1.1
Host: bancavirtual34.bancavirtual34.repl.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bancavirtual34.bancavirtual34.repl.co/formsecurity.php
Cookie: PHPSESSID=0f06f453d1ee66439e5d6cdc003ecaf8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Wed, 08 Feb 2023 05:24:27 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7759144; includeSubDomains
content-length: 556
X-Firefox-Spdy: h2
bancavirtual34.bancavirtual34.repl.co/M_files/fbevents.js.descarga
34.149.204.188404 Not Found 561 B URL HTTP/2 bancavirtual34.bancavirtual34.repl.co/M_files/fbevents.js.descarga
IP 34.149.204.188:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b226c6d41da6bc42bd7f524b2a87dbb8
82220cd119af3d4137bf1ccf34e676545b04c51a
7076f01c8f97e5c026f1e07bd6f1e329be3a52e7593b43264369b5cfd3f9ee10
Analyzer Verdict Alert openphish Scotiabank
GET /M_files/fbevents.js.descarga HTTP/1.1
Host: bancavirtual34.bancavirtual34.repl.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bancavirtual34.bancavirtual34.repl.co/formsecurity.php
Cookie: PHPSESSID=0f06f453d1ee66439e5d6cdc003ecaf8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Wed, 08 Feb 2023 05:24:27 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7759144; includeSubDomains
content-length: 561
X-Firefox-Spdy: h2
bancavirtual34.bancavirtual34.repl.co/M_files/fpd2.js.descarga
34.149.204.188404 Not Found 557 B URL HTTP/2 bancavirtual34.bancavirtual34.repl.co/M_files/fpd2.js.descarga
IP 34.149.204.188:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash db203b0abe91c5bb2409c449bc33c07b
cf6e9af36f3a7b149f3c2079f22849056bf4a0c2
bce6d1a5b4df799444336493d58d745df4d97dd50643250b36016439730e0995
Analyzer Verdict Alert openphish Scotiabank
GET /M_files/fpd2.js.descarga HTTP/1.1
Host: bancavirtual34.bancavirtual34.repl.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bancavirtual34.bancavirtual34.repl.co/formsecurity.php
Cookie: PHPSESSID=0f06f453d1ee66439e5d6cdc003ecaf8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Wed, 08 Feb 2023 05:24:27 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7759144; includeSubDomains
content-length: 557
X-Firefox-Spdy: h2
bancavirtual34.bancavirtual34.repl.co/M_files/analytics.js.descarga
34.149.204.188200 OK 46 kB URL HTTP/2 bancavirtual34.bancavirtual34.repl.co/M_files/analytics.js.descarga
IP 34.149.204.188:0
File type ASCII text, with very long lines (1350)
Hash 871c39943ac31c498d591a714a31212c
1d9ff3e3db5eb5293de06df5726f6058f07d98de
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Analyzer Verdict Alert openphish Scotiabank
GET /M_files/analytics.js.descarga HTTP/1.1
Host: bancavirtual34.bancavirtual34.repl.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bancavirtual34.bancavirtual34.repl.co/formsecurity.php
Cookie: PHPSESSID=0f06f453d1ee66439e5d6cdc003ecaf8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 05:24:27 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7759144; includeSubDomains
content-type: text/plain; charset=utf-8
content-length: 45958
X-Firefox-Spdy: h2
bancavirtual34.bancavirtual34.repl.co/M_files/styles.4cae5a1b74c52d656054.css
34.149.204.188200 OK 76 kB URL HTTP/2 bancavirtual34.bancavirtual34.repl.co/M_files/styles.4cae5a1b74c52d656054.css
IP 34.149.204.188:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 2f59353436ef48e8bb6e1ad4a499eb0e
3f2993d57a9892cbdc672d9494b3fcc645b1f94b
2cfe17fce9fa1f7c194ab9696c53286f22ccab881fa0faa0e65d7dae582e8226
Analyzer Verdict Alert openphish Scotiabank
GET /M_files/styles.4cae5a1b74c52d656054.css HTTP/1.1
Host: bancavirtual34.bancavirtual34.repl.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bancavirtual34.bancavirtual34.repl.co/formsecurity.php
Cookie: PHPSESSID=0f06f453d1ee66439e5d6cdc003ecaf8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=UTF-8
date: Wed, 08 Feb 2023 05:24:27 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7759144; includeSubDomains
content-length: 76212
X-Firefox-Spdy: h2
bancavirtual34.bancavirtual34.repl.co/M_files/js
34.149.204.188200 OK 125 kB URL HTTP/2 bancavirtual34.bancavirtual34.repl.co/M_files/js
IP 34.149.204.188:0
File type ASCII text, with very long lines (2102)
Size 125 kB (124736 bytes)
Hash 3bcca5e497274cc92f0383ef7848c6f2
1e39125188f65f5911d739240cd3572f980549f2
f6277602d0fa9d4c989818f6bf4c49f802e53e30baccd839ada2ddd306518bf3
Analyzer Verdict Alert openphish Scotiabank
GET /M_files/js HTTP/1.1
Host: bancavirtual34.bancavirtual34.repl.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bancavirtual34.bancavirtual34.repl.co/formsecurity.php
Cookie: PHPSESSID=0f06f453d1ee66439e5d6cdc003ecaf8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 05:24:27 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7759144; includeSubDomains
content-type: text/plain; charset=utf-8
content-length: 124736
X-Firefox-Spdy: h2
bancavirtual34.bancavirtual34.repl.co/seguridad_files/5.ed9471278e13c974656c.js.descarga
34.149.204.188404 Not Found 583 B URL HTTP/2 bancavirtual34.bancavirtual34.repl.co/seguridad_files/5.ed9471278e13c974656c.js.descarga
IP 34.149.204.188:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 32e9a6fc78a8579dce6f6ebf91c636a8
5de95536084283f38892351875c331df71898eb4
79bcb337d91d6ddf05ba4166c3845c2a8022e018cf60bc12ebc96eff13274a43
Analyzer Verdict Alert openphish Scotiabank
GET /seguridad_files/5.ed9471278e13c974656c.js.descarga HTTP/1.1
Host: bancavirtual34.bancavirtual34.repl.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bancavirtual34.bancavirtual34.repl.co/formsecurity.php
Cookie: PHPSESSID=0f06f453d1ee66439e5d6cdc003ecaf8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Wed, 08 Feb 2023 05:24:28 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7759144; includeSubDomains
content-length: 583
X-Firefox-Spdy: h2
bancavirtual34.bancavirtual34.repl.co/seguridad_files/1.5abf7b8ed07cbd2f8feb.js.descarga
34.149.204.188404 Not Found 583 B URL HTTP/2 bancavirtual34.bancavirtual34.repl.co/seguridad_files/1.5abf7b8ed07cbd2f8feb.js.descarga
IP 34.149.204.188:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 851aaa6ea7b787c0a985fc3083610275
55a7b332098d32306dc7a05f585952082df44e91
10841b9122075a3ec7aea4785ee40c3c330d45784f61f6dcbd4a554d0d84523b
Analyzer Verdict Alert openphish Scotiabank
GET /seguridad_files/1.5abf7b8ed07cbd2f8feb.js.descarga HTTP/1.1
Host: bancavirtual34.bancavirtual34.repl.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bancavirtual34.bancavirtual34.repl.co/formsecurity.php
Cookie: PHPSESSID=0f06f453d1ee66439e5d6cdc003ecaf8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Wed, 08 Feb 2023 05:24:28 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7759144; includeSubDomains
content-length: 583
X-Firefox-Spdy: h2
bancavirtual34.bancavirtual34.repl.co/M_files/runtime.4dafd9dfda278a00d466.js.descarga
34.149.204.188404 Not Found 581 B URL HTTP/2 bancavirtual34.bancavirtual34.repl.co/M_files/runtime.4dafd9dfda278a00d466.js.descarga
IP 34.149.204.188:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 3e49e674e94b92e8009b8a8fa06f55a4
ba4b364e2c95e4b2222db0f02dceb745dcf64a86
165ce194282ed0436e50a5c1d23cf19b3d28fed727c6bbfc97c010fbafa7aff4
Analyzer Verdict Alert openphish Scotiabank
GET /M_files/runtime.4dafd9dfda278a00d466.js.descarga HTTP/1.1
Host: bancavirtual34.bancavirtual34.repl.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bancavirtual34.bancavirtual34.repl.co/formsecurity.php
Cookie: PHPSESSID=0f06f453d1ee66439e5d6cdc003ecaf8; _ga_DLPT7Q2WK0=GS1.1.1675833920.1.0.1675833920.60.0.0; _ga=GA1.1.1011498913.1675833920
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Wed, 08 Feb 2023 05:24:28 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7759144; includeSubDomains
content-length: 581
X-Firefox-Spdy: h2
bancavirtual34.bancavirtual34.repl.co/M_files/symbol-red.svg
34.149.204.188200 OK 2.6 kB URL HTTP/2 bancavirtual34.bancavirtual34.repl.co/M_files/symbol-red.svg
IP 34.149.204.188:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1898)
Hash b7f91f845629dfc1021cc4bad4450b27
7e41c835f335539c41303fb9db622e34f69d741d
192acd11e276a8a6131abbf54aa56e6563eaf3203ea4b7394ad2c88227e358b8
Analyzer Verdict Alert openphish Scotiabank
GET /M_files/symbol-red.svg HTTP/1.1
Host: bancavirtual34.bancavirtual34.repl.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bancavirtual34.bancavirtual34.repl.co/formsecurity.php
Cookie: PHPSESSID=0f06f453d1ee66439e5d6cdc003ecaf8; _ga_DLPT7Q2WK0=GS1.1.1675833920.1.0.1675833920.60.0.0; _ga=GA1.1.1011498913.1675833920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Wed, 08 Feb 2023 05:24:28 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7759144; includeSubDomains
content-length: 2556
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-DLPT7Q2WK0>m=45je3260&_p=1044037321&_gaz=1&cid=1011498913.1675833920&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675833920&sct=1&seg=0&dl=https%3A%2F%2Fbancavirtual34.bancavirtual34.repl.co%2Fformsecurity.php&dt=Scotiabank%20Colpatria%20%7C%20Banca%20virtual&uid=undefined&en=page_view&_fv=1&_nsi=1&_ss=2
216.239.34.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-DLPT7Q2WK0>m=45je3260&_p=1044037321&_gaz=1&cid=1011498913.1675833920&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675833920&sct=1&seg=0&dl=https%3A%2F%2Fbancavirtual34.bancavirtual34.repl.co%2Fformsecurity.php&dt=Scotiabank%20Colpatria%20%7C%20Banca%20virtual&uid=undefined&en=page_view&_fv=1&_nsi=1&_ss=2
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-DLPT7Q2WK0>m=45je3260&_p=1044037321&_gaz=1&cid=1011498913.1675833920&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675833920&sct=1&seg=0&dl=https%3A%2F%2Fbancavirtual34.bancavirtual34.repl.co%2Fformsecurity.php&dt=Scotiabank%20Colpatria%20%7C%20Banca%20virtual&uid=undefined&en=page_view&_fv=1&_nsi=1&_ss=2 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bancavirtual34.bancavirtual34.repl.co
Connection: keep-alive
Referer: https://bancavirtual34.bancavirtual34.repl.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://bancavirtual34.bancavirtual34.repl.co
date: Wed, 08 Feb 2023 05:24:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
bancavirtual34.bancavirtual34.repl.co/M_files/polyfills.b31d5f0d61f1caf2d082.js.descarga
34.149.204.188404 Not Found 583 B URL HTTP/2 bancavirtual34.bancavirtual34.repl.co/M_files/polyfills.b31d5f0d61f1caf2d082.js.descarga
IP 34.149.204.188:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash bc804a2caa8e37f8f00dba44ed4ac921
9b37a395cfcd7c31328ea2bde55923e5dff00179
e587ab7190e8ea969b74cdc75574c20d2efaecc0b9ac643061e36fa7aac3f518
Analyzer Verdict Alert openphish Scotiabank
GET /M_files/polyfills.b31d5f0d61f1caf2d082.js.descarga HTTP/1.1
Host: bancavirtual34.bancavirtual34.repl.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bancavirtual34.bancavirtual34.repl.co/formsecurity.php
Cookie: PHPSESSID=0f06f453d1ee66439e5d6cdc003ecaf8; _ga_DLPT7Q2WK0=GS1.1.1675833920.1.0.1675833920.60.0.0; _ga=GA1.1.1011498913.1675833920
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Wed, 08 Feb 2023 05:24:28 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7759144; includeSubDomains
content-length: 583
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 7ec32dff957003dae195c36ca9e3bd6c
6761a20819b0d5a48216d74782e3ea752af7257a
953a3a2d35250df7b506b42f7d1d8813301dd1f9f9bcc30d2d100bd0788e4c76
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 05:24:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/g/collect?v=2&tid=G-DLPT7Q2WK0&cid=1011498913.1675833920>m=45je3260&aip=1&uid=undefined
64.233.164.156204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-DLPT7Q2WK0&cid=1011498913.1675833920>m=45je3260&aip=1&uid=undefined
IP 64.233.164.156:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-DLPT7Q2WK0&cid=1011498913.1675833920>m=45je3260&aip=1&uid=undefined HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bancavirtual34.bancavirtual34.repl.co
Connection: keep-alive
Referer: https://bancavirtual34.bancavirtual34.repl.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://bancavirtual34.bancavirtual34.repl.co
date: Wed, 08 Feb 2023 05:24:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
bancavirtual34.bancavirtual34.repl.co/M_files/entrust.png
34.149.204.188200 OK 3.3 kB URL HTTP/2 bancavirtual34.bancavirtual34.repl.co/M_files/entrust.png
IP 34.149.204.188:0
File type PNG image data, 60 x 60, 8-bit colormap, non-interlaced\012- data
Hash 2aa528af16b6e49929884f8d6977fd04
704cdbbe14e8fc5f563588a9fe19ae9f25624911
74176684708ef45ced6533dcc528f363ea07756260d1025506e754370050346e
Analyzer Verdict Alert openphish Scotiabank
GET /M_files/entrust.png HTTP/1.1
Host: bancavirtual34.bancavirtual34.repl.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bancavirtual34.bancavirtual34.repl.co/formsecurity.php
Cookie: PHPSESSID=0f06f453d1ee66439e5d6cdc003ecaf8; _ga_DLPT7Q2WK0=GS1.1.1675833920.1.0.1675833920.60.0.0; _ga=GA1.1.1011498913.1675833920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
date: Wed, 08 Feb 2023 05:24:28 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7759144; includeSubDomains
content-length: 3301
X-Firefox-Spdy: h2
bancavirtual34.bancavirtual34.repl.co/M_files/red%20virtual.svg
34.149.204.188200 OK 12 kB URL HTTP/2 bancavirtual34.bancavirtual34.repl.co/M_files/red%20virtual.svg
IP 34.149.204.188:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (2233)
Hash 390b47a563375fde47578592524018c3
dfe7e6362e82d43c9c1c05921691a3c44ffc5e60
2933c5c27784b1869ba9534af1f8ebd72d151dd5a7e581b588d5a36406c8956e
Analyzer Verdict Alert openphish Scotiabank
GET /M_files/red%20virtual.svg HTTP/1.1
Host: bancavirtual34.bancavirtual34.repl.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bancavirtual34.bancavirtual34.repl.co/formsecurity.php
Cookie: PHPSESSID=0f06f453d1ee66439e5d6cdc003ecaf8; _ga_DLPT7Q2WK0=GS1.1.1675833920.1.0.1675833920.60.0.0; _ga=GA1.1.1011498913.1675833920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Wed, 08 Feb 2023 05:24:28 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7759144; includeSubDomains
content-length: 11925
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 7ec32dff957003dae195c36ca9e3bd6c
6761a20819b0d5a48216d74782e3ea752af7257a
953a3a2d35250df7b506b42f7d1d8813301dd1f9f9bcc30d2d100bd0788e4c76
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 05:24:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bancavirtual34.bancavirtual34.repl.co/seguridad_files/5.ed9471278e13c974656c.js.descarga
34.149.204.188404 Not Found 583 B URL HTTP/2 bancavirtual34.bancavirtual34.repl.co/seguridad_files/5.ed9471278e13c974656c.js.descarga
IP 34.149.204.188:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 32e9a6fc78a8579dce6f6ebf91c636a8
5de95536084283f38892351875c331df71898eb4
79bcb337d91d6ddf05ba4166c3845c2a8022e018cf60bc12ebc96eff13274a43
Analyzer Verdict Alert openphish Scotiabank
GET /seguridad_files/5.ed9471278e13c974656c.js.descarga HTTP/1.1
Host: bancavirtual34.bancavirtual34.repl.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bancavirtual34.bancavirtual34.repl.co/formsecurity.php
Cookie: PHPSESSID=0f06f453d1ee66439e5d6cdc003ecaf8; _ga_DLPT7Q2WK0=GS1.1.1675833920.1.0.1675833920.60.0.0; _ga=GA1.1.1011498913.1675833920
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Wed, 08 Feb 2023 05:24:28 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7759143; includeSubDomains
content-length: 583
X-Firefox-Spdy: h2
bancavirtual34.bancavirtual34.repl.co/M_files/runtime.4dafd9dfda278a00d466.js.descarga
34.149.204.188404 Not Found 581 B URL HTTP/2 bancavirtual34.bancavirtual34.repl.co/M_files/runtime.4dafd9dfda278a00d466.js.descarga
IP 34.149.204.188:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 3e49e674e94b92e8009b8a8fa06f55a4
ba4b364e2c95e4b2222db0f02dceb745dcf64a86
165ce194282ed0436e50a5c1d23cf19b3d28fed727c6bbfc97c010fbafa7aff4
Analyzer Verdict Alert openphish Scotiabank
GET /M_files/runtime.4dafd9dfda278a00d466.js.descarga HTTP/1.1
Host: bancavirtual34.bancavirtual34.repl.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bancavirtual34.bancavirtual34.repl.co/formsecurity.php
Cookie: PHPSESSID=0f06f453d1ee66439e5d6cdc003ecaf8; _ga_DLPT7Q2WK0=GS1.1.1675833920.1.0.1675833920.60.0.0; _ga=GA1.1.1011498913.1675833920
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Wed, 08 Feb 2023 05:24:28 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7759143; includeSubDomains
content-length: 581
X-Firefox-Spdy: h2
bancavirtual34.bancavirtual34.repl.co/M_files/gtm.js.descarga
34.149.204.188200 OK 211 kB URL HTTP/2 bancavirtual34.bancavirtual34.repl.co/M_files/gtm.js.descarga
IP 34.149.204.188:0
File type Unicode text, UTF-8 text, with very long lines (855)
Size 211 kB (210992 bytes)
Hash ca6484d2ad9d44cdb0cea01681ed1cf0
6ca9f6995692372e3ec76623af316b8958f6ba75
3ae13c4fbf51e8abefb8a4f05d19e017b457abce8bd1b22cd7871478fcccce99
Analyzer Verdict Alert openphish Scotiabank
GET /M_files/gtm.js.descarga HTTP/1.1
Host: bancavirtual34.bancavirtual34.repl.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bancavirtual34.bancavirtual34.repl.co/formsecurity.php
Cookie: PHPSESSID=0f06f453d1ee66439e5d6cdc003ecaf8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 05:24:27 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7759144; includeSubDomains
content-type: text/plain; charset=utf-8
content-length: 210992
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6853
Expires: Wed, 08 Feb 2023 07:18:41 GMT
Date: Wed, 08 Feb 2023 05:24:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6853
Expires: Wed, 08 Feb 2023 07:18:41 GMT
Date: Wed, 08 Feb 2023 05:24:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6853
Expires: Wed, 08 Feb 2023 07:18:41 GMT
Date: Wed, 08 Feb 2023 05:24:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6853
Expires: Wed, 08 Feb 2023 07:18:41 GMT
Date: Wed, 08 Feb 2023 05:24:28 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9070541c-6707-464e-b141-b6c767d8a58a.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9070541c-6707-464e-b141-b6c767d8a58a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 062e186a259eda97173695240a492c63
9b476a4ec219667f560b88199a3a4e4b0a93b579
d18570d3c4ada689b5c2a99b0783ce41c629bd125e6683cf225e01b7032f14a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9070541c-6707-464e-b141-b6c767d8a58a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12256
x-amzn-requestid: 1b959eb9-cf69-414c-b57b-4a63277d709c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fvgx-EhgoAMF2wA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc7b3f-2c58e8ac2aee8a8f409a93a0;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 03:10:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Mujn0m9G4SIcD-5qZiD5kaYHg8x3rDtx-jYus-hrWFx_UjWEMNM_Tw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 06:48:36 GMT
age: 81352
etag: "9b476a4ec219667f560b88199a3a4e4b0a93b579"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf4a5986-35e6-4c6b-9dba-c981908d9ec1.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf4a5986-35e6-4c6b-9dba-c981908d9ec1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 726928e5de19ef978faebbe933c34008
bdaba3ed0c7efb65de88af96063d830683c8499b
c6d208fcee052da80de1bf2dcccbbc48853511b8888c4777799ee676abba51b5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf4a5986-35e6-4c6b-9dba-c981908d9ec1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8644
x-amzn-requestid: d6d71f42-f887-4ad0-a2b7-9073d3857b03
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_OjRHBFoAMF4_Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c47b-57490f255d8d30a561fdcd3a;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:36:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qfHMhMAdnYcOa0Xm23enTGXj4CQC-QFHV50Pq6QQdvM5YcIgUZVPRQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:54:36 GMT
etag: "bdaba3ed0c7efb65de88af96063d830683c8499b"
content-type: image/jpeg
age: 26992
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3ed9aa0-a88e-4b92-a2bb-567735d813b6.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3ed9aa0-a88e-4b92-a2bb-567735d813b6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fbe359ce6fb136add75c8f3d3cc06330
e6584afcf39b6fad21eccbcce95c6645b8e1b3b8
29478bf1b8168dc457bb7d298448a78e1040bd3aa80cbf11cfa37475568590d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3ed9aa0-a88e-4b92-a2bb-567735d813b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8170
x-amzn-requestid: d1ddb47f-3472-4015-8d55-72f435671f03
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f5aSPHiroAMFpSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e070da-114975440d70915472cdba2f;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 03:15:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0w6JgtsKSRHLPJ3LyY6YUI8N7PS-gVlLuivQUq9jdyeYYm3STiJJIQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 04:34:33 GMT
age: 2995
etag: "e6584afcf39b6fad21eccbcce95c6645b8e1b3b8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb27041-48b2-474f-b9d5-f88e9e662723.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb27041-48b2-474f-b9d5-f88e9e662723.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8a3fa4f1ec82d501942f9db3de2cb7d
b91c2aea7f2fb26131c8929b254c5596a1bb25ff
9d246eeab8ba04c775a03fd960c8859934a0accb737e845e89aba40bc573fdaa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb27041-48b2-474f-b9d5-f88e9e662723.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6342
x-amzn-requestid: b2b61a71-5326-4fc6-baba-7baad29cf7c5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_OkbHfDIAMF5AQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c482-5cc4028d01d05305637af317;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:37:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: iIQAy6CQSvnvQ79UJ6ifJbs-0kEqUYe8OyCqPb2HSKxoDoLykOyaLg==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:52:28 GMT
age: 27120
etag: "b91c2aea7f2fb26131c8929b254c5596a1bb25ff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c8f31c82179856e39ee5fc43d7f0b685
5b37f807a19ffc80c0b9334e6d24d5bb717496ce
c099c91c6f2125a8a89ee6e9dc0e37e2c2c9914adadb2c8b77795063baa62037
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6805
x-amzn-requestid: ef7a879d-25be-42b0-a5c5-df6ad8f1482c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_R2FFv5IAMFZ7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c9c0-2f8fa7ef41b70de04cfb5ac6;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:59:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JxJrYYY7fMm_DCBcuC4OEdR62HL5VMvJbt_a6TWp4QfqN0qxgFgj-A==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 22:06:50 GMT
etag: "5b37f807a19ffc80c0b9334e6d24d5bb717496ce"
content-type: image/jpeg
age: 26258
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5708e132-62b1-4b5b-aa88-fe22e522eb0e.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5708e132-62b1-4b5b-aa88-fe22e522eb0e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b327816bc2c6fd7291c75c693685d54
771070be61d0724b1c90ca86ea34c804bd7e501a
d45188239cacc7b228bc75ccc95afb48914aaa434c418cd5b786533e8b9cb983
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5708e132-62b1-4b5b-aa88-fe22e522eb0e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6838
x-amzn-requestid: 54fc5ae9-d37a-46cf-97e0-d05de1417cfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7QEsCoAMFY1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c514-40de6212468fcd0e78a93708;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mgfr5wO7Bj5BVjKYY7O0c4ogLognfq09QrA9khZROr2CVyOWgKTz1g==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:52:35 GMT
age: 27113
etag: "771070be61d0724b1c90ca86ea34c804bd7e501a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
bancavirtual34.bancavirtual34.repl.co/FrutigerLTforBNS-Light.fd1c0f449fc8540f82c4.woff2
34.149.204.188200 OK 24 kB URL HTTP/2 bancavirtual34.bancavirtual34.repl.co/FrutigerLTforBNS-Light.fd1c0f449fc8540f82c4.woff2
IP 34.149.204.188:0
File type Web Open Font Format (Version 2), TrueType, length 23716, version 1.13107\012- data
Hash fd1c0f449fc8540f82c47e1629cbd5dd
147b4ddff7e0110b1185f0e35ca2e11fc09d9fa0
e1f8e67d54b287369f8fb000d14af4ea5ea2da8519ffae2e04f4be83d3af9141
Analyzer Verdict Alert openphish Scotiabank
GET /FrutigerLTforBNS-Light.fd1c0f449fc8540f82c4.woff2 HTTP/1.1
Host: bancavirtual34.bancavirtual34.repl.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://bancavirtual34.bancavirtual34.repl.co/formsecurity.php
Cookie: PHPSESSID=0f06f453d1ee66439e5d6cdc003ecaf8; _ga_DLPT7Q2WK0=GS1.1.1675833920.1.0.1675833920.60.0.0; _ga=GA1.1.1011498913.1675833920
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
date: Wed, 08 Feb 2023 05:24:28 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7759143; includeSubDomains
content-length: 23716
X-Firefox-Spdy: h2
bancavirtual34.bancavirtual34.repl.co/FrutigerLTforBNS-Bold.8424a042624210828b0f.woff2
34.149.204.188200 OK 24 kB URL HTTP/2 bancavirtual34.bancavirtual34.repl.co/FrutigerLTforBNS-Bold.8424a042624210828b0f.woff2
IP 34.149.204.188:0
File type Web Open Font Format (Version 2), TrueType, length 23992, version 1.13107\012- data
Hash 8424a042624210828b0fbe7a8c533b2a
d2d90e7b6c6fac1b0a78f16eee3889ef50414044
d1e87295d125e7f5f258383b2e35751dbec33675f7ac6ebcb7570ede83413ba6
Analyzer Verdict Alert openphish Scotiabank
GET /FrutigerLTforBNS-Bold.8424a042624210828b0f.woff2 HTTP/1.1
Host: bancavirtual34.bancavirtual34.repl.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://bancavirtual34.bancavirtual34.repl.co/formsecurity.php
Cookie: PHPSESSID=0f06f453d1ee66439e5d6cdc003ecaf8; _ga_DLPT7Q2WK0=GS1.1.1675833920.1.0.1675833920.60.0.0; _ga=GA1.1.1011498913.1675833920
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
date: Wed, 08 Feb 2023 05:24:28 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7759143; includeSubDomains
content-length: 23992
X-Firefox-Spdy: h2
bancavirtual34.bancavirtual34.repl.co/M_files/polyfills.b31d5f0d61f1caf2d082.js.descarga
34.149.204.188404 Not Found 583 B URL HTTP/2 bancavirtual34.bancavirtual34.repl.co/M_files/polyfills.b31d5f0d61f1caf2d082.js.descarga
IP 34.149.204.188:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash bc804a2caa8e37f8f00dba44ed4ac921
9b37a395cfcd7c31328ea2bde55923e5dff00179
e587ab7190e8ea969b74cdc75574c20d2efaecc0b9ac643061e36fa7aac3f518
Analyzer Verdict Alert openphish Scotiabank
GET /M_files/polyfills.b31d5f0d61f1caf2d082.js.descarga HTTP/1.1
Host: bancavirtual34.bancavirtual34.repl.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bancavirtual34.bancavirtual34.repl.co/formsecurity.php
Cookie: PHPSESSID=0f06f453d1ee66439e5d6cdc003ecaf8; _ga_DLPT7Q2WK0=GS1.1.1675833920.1.0.1675833920.60.0.0; _ga=GA1.1.1011498913.1675833920
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Wed, 08 Feb 2023 05:24:28 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7759143; includeSubDomains
content-length: 583
X-Firefox-Spdy: h2
bancavirtual34.bancavirtual34.repl.co/M_files/oficina.svg
34.149.204.188200 OK 161 kB URL HTTP/2 bancavirtual34.bancavirtual34.repl.co/M_files/oficina.svg
IP 34.149.204.188:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (64508)
Size 161 kB (161274 bytes)
Hash 498496cd013385a8c0dfd09559d3036c
a1ff8193ab6c607de71940f1a66238a706681ffa
21556881d83678dd614d24528f68aeb543cc08b01e948a33913fb5390dd833af
Analyzer Verdict Alert openphish Scotiabank
GET /M_files/oficina.svg HTTP/1.1
Host: bancavirtual34.bancavirtual34.repl.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bancavirtual34.bancavirtual34.repl.co/formsecurity.php
Cookie: PHPSESSID=0f06f453d1ee66439e5d6cdc003ecaf8; _ga_DLPT7Q2WK0=GS1.1.1675833920.1.0.1675833920.60.0.0; _ga=GA1.1.1011498913.1675833920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Wed, 08 Feb 2023 05:24:28 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7759144; includeSubDomains
content-length: 161274
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 2ccbef7dcf1b1d32956833f5127c1ad5
af220576c82f064130ee7bfa3ea966d033e51707
f6eceec81f5b6deb7005fa9f3855ecb54e4bd6b3159c705decf0921e3a49067d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 05:24:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c0251492cae08969a77cc1f8b4fa25e5
110161e230f81ac3a954dc1d5114c7401c1ecd93
6483e465b117e6af3950e659d8692acc4bb38f60c7dc312ec8c6824ac5f000ba
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 872
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 05:24:30 GMT
Last-Modified: Wed, 08 Feb 2023 05:09:59 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DLPT7Q2WK0&cid=1011498913.1675833920>m=45je3260&aip=1&uid=undefined&z=302217505
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DLPT7Q2WK0&cid=1011498913.1675833920>m=45je3260&aip=1&uid=undefined&z=302217505
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DLPT7Q2WK0&cid=1011498913.1675833920>m=45je3260&aip=1&uid=undefined&z=302217505 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bancavirtual34.bancavirtual34.repl.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 08 Feb 2023 05:24:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 2ccbef7dcf1b1d32956833f5127c1ad5
af220576c82f064130ee7bfa3ea966d033e51707
f6eceec81f5b6deb7005fa9f3855ecb54e4bd6b3159c705decf0921e3a49067d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 05:24:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
157.240.221.16200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.221.16:0
File type ASCII text, with very long lines (64348)
Hash dd1f85cc598419df61e254e53f9ec1ef
f86c0ee563f5b7a01e1d40b566f2bc184a32380f
c06f52b233c835b03292f39cb847507a03bb971066bf91341b58a580244398c0
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bancavirtual34.bancavirtual34.repl.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 9uVP+GzgnCUUO2qe5jKJWhxxLh9OQFjksEG9QXg4fBpbGz3SScLjl8FYkSjgHE8jPa7tzo4daVrnSJw+SzadIA==
priority: u=3,i
content-length: 27843
x-fb-trip-id: 1679558926
date: Wed, 08 Feb 2023 05:24:30 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c0251492cae08969a77cc1f8b4fa25e5
110161e230f81ac3a954dc1d5114c7401c1ecd93
6483e465b117e6af3950e659d8692acc4bb38f60c7dc312ec8c6824ac5f000ba
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 872
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 05:24:30 GMT
Last-Modified: Wed, 08 Feb 2023 05:09:59 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
bancavirtual34.bancavirtual34.repl.co/M_files/favicon.ico
34.149.204.188200 OK 16 kB URL HTTP/2 bancavirtual34.bancavirtual34.repl.co/M_files/favicon.ico
IP 34.149.204.188:0
File type MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel\012- data
Hash d809c2fbf53f07f4cd360b40104e3e34
4e49e3e73a218b180817ca30e677e095b35c7283
fe40e89bbfd0f07f717648028b9683f75944795160154613862773353316b2aa
Analyzer Verdict Alert openphish Scotiabank
GET /M_files/favicon.ico HTTP/1.1
Host: bancavirtual34.bancavirtual34.repl.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bancavirtual34.bancavirtual34.repl.co/formsecurity.php
Cookie: PHPSESSID=0f06f453d1ee66439e5d6cdc003ecaf8; _ga_DLPT7Q2WK0=GS1.1.1675833920.1.0.1675833920.60.0.0; _ga=GA1.1.1011498913.1675833920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/x-icon
date: Wed, 08 Feb 2023 05:24:30 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7759141; includeSubDomains
content-length: 16446
X-Firefox-Spdy: h2
bancavirtual34.bancavirtual34.repl.co/M_files/main.bfc149b668eb5562f4a5.js.descarga
34.149.204.188200 OK 922 kB URL HTTP/2 bancavirtual34.bancavirtual34.repl.co/M_files/main.bfc149b668eb5562f4a5.js.descarga
IP 34.149.204.188:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 922 kB (921461 bytes)
Hash aef85a370b1bee2ca018fff09dd71356
dcd442017b378521f9e99b0294e8b8466de68855
c6e6588dfc9001a26563251079ee0c9af5749316eb5adfe3a2b08ddaf6e34954
Analyzer Verdict Alert openphish Scotiabank
GET /M_files/main.bfc149b668eb5562f4a5.js.descarga HTTP/1.1
Host: bancavirtual34.bancavirtual34.repl.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bancavirtual34.bancavirtual34.repl.co/formsecurity.php
Cookie: PHPSESSID=0f06f453d1ee66439e5d6cdc003ecaf8; _ga_DLPT7Q2WK0=GS1.1.1675833920.1.0.1675833920.60.0.0; _ga=GA1.1.1011498913.1675833920
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 05:24:28 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7759144; includeSubDomains
content-type: text/plain; charset=utf-8
content-length: 921461
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=136231996928353&ev=PageView&dl=https%3A%2F%2Fbancavirtual34.bancavirtual34.repl.co%2Fformsecurity.php&rl=&if=false&ts=1675833923865&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=28&cs_est=true&fbp=fb.2.1675833923864.445610864&it=1675833923159&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=136231996928353&ev=PageView&dl=https%3A%2F%2Fbancavirtual34.bancavirtual34.repl.co%2Fformsecurity.php&rl=&if=false&ts=1675833923865&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=28&cs_est=true&fbp=fb.2.1675833923864.445610864&it=1675833923159&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=136231996928353&ev=PageView&dl=https%3A%2F%2Fbancavirtual34.bancavirtual34.repl.co%2Fformsecurity.php&rl=&if=false&ts=1675833923865&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=28&cs_est=true&fbp=fb.2.1675833923864.445610864&it=1675833923159&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bancavirtual34.bancavirtual34.repl.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Wed, 08 Feb 2023 05:24:30 GMT
X-Firefox-Spdy: h2
bancavirtual34.bancavirtual34.repl.co/formsecurity.php
34.149.204.188200 OK 0 B URL HTTP/2 bancavirtual34.bancavirtual34.repl.co/formsecurity.php
IP 34.149.204.188:0
Analyzer Verdict Alert openphish Scotiabank
GET /formsecurity.php HTTP/1.1
Host: bancavirtual34.bancavirtual34.repl.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
cache-control: no-store, no-cache, must-revalidate
content-type: text/html; charset=UTF-8
date: Wed, 08 Feb 2023 05:24:26 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
replit-cluster: global
set-cookie: PHPSESSID=0f06f453d1ee66439e5d6cdc003ecaf8; path=/
strict-transport-security: max-age=7759145; includeSubDomains
x-powered-by: PHP/7.4.21
X-Firefox-Spdy: h2