jeranit.be/tmp/92.16.217.1494628/verificando/info
185.220.172.6301 Moved Permanently 265 B URL HTTP/1.1 jeranit.be/tmp/92.16.217.1494628/verificando/info
IP 185.220.172.6:0
ASN #206281 Stichting DIGI NL
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 12098944dd0e50b286d3c4ada4722f70
606679a68c25e6d3f9bc8b30e4bd2302532b5049
c41acd841898e0d2253c83b553a7766d26b6bf0642c498ede094de181e85fc4b
Analyzer Verdict Alert fortinet Phishing
GET /tmp/92.16.217.1494628/verificando/info HTTP/1.1
Host: jeranit.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
date: Mon, 12 Dec 2022 07:54:13 GMT
server: Apache/2
location: http://jeranit.be/tmp/92.16.217.1494628/verificando/info/
content-length: 265
content-type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 43ad67f241ee3692a9c9c1da080dae58
6a024f7d71eeee257edc91ba9273416f634aaae5
636635b57f9e6d2ad9b1b949298ee7d3b5b7e251a63516ff68bfb1eceded5688
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "636635B57F9E6D2AD9B1B949298EE7D3B5B7E251A63516FF68BFB1ECEDED5688"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8716
Expires: Mon, 12 Dec 2022 10:19:29 GMT
Date: Mon, 12 Dec 2022 07:54:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 430f1651125c14bfa4924aa1f1a392e9
304141c5fe7ac8b370a67912b2592f9622de9600
315d77a9956f34b1615e38f5f1971dd05146980f8a36b35a8108d47ebba7e8e5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "315D77A9956F34B1615E38F5F1971DD05146980F8A36B35A8108D47EBBA7E8E5"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4455
Expires: Mon, 12 Dec 2022 09:08:28 GMT
Date: Mon, 12 Dec 2022 07:54:13 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 12 Dec 2022 07:33:40 GMT
content-type: application/json
age: 1233
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dbd022fec0a71226daaf29b7563a8896
c37d14dc7b3849a4bb815fa325fb5e70fae54039
22da5e6e3f9507688fc8cb02183d52cf38f4adf8b2c6c52eaf5f88182471efeb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22DA5E6E3F9507688FC8CB02183D52CF38F4ADF8B2C6C52EAF5F88182471EFEB"
Last-Modified: Sun, 11 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10642
Expires: Mon, 12 Dec 2022 10:51:35 GMT
Date: Mon, 12 Dec 2022 07:54:13 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: HcE1g+lzxlo7ofSaQ05T0xd6lbBv/U2iCbOa35Tg+quq6RtxH18zKVh2wH3elWXus38ywRKslsw=
x-amz-request-id: YFA99CYY8EYQF8SW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 12 Dec 2022 07:49:31 GMT
age: 282
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
jeranit.be/tmp/92.16.217.1494628/verificando/info/
185.220.172.6200 OK 14 kB URL HTTP/1.1 jeranit.be/tmp/92.16.217.1494628/verificando/info/
IP 185.220.172.6:0
ASN #206281 Stichting DIGI NL
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ISO-8859 text, with very long lines (15236)
Hash c5a2e61291da99bfb82c53d78c5b0305
6f064de4bb133054354d3234a241ae7c326251e7
d097df0b40d60c15afdc564d90b625397d27ad2c08cfedc521db2eded8c83a8b
Analyzer Verdict Alert fortinet Phishing
GET /tmp/92.16.217.1494628/verificando/info/ HTTP/1.1
Host: jeranit.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
date: Mon, 12 Dec 2022 07:54:13 GMT
server: Apache/2
upgrade: h2,h2c
connection: Upgrade
last-modified: Mon, 12 Dec 2022 02:43:25 GMT
etag: "9b80-5ef9877b40e26-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 13650
content-type: text/html
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 12 Dec 2022 07:54:13 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
jeranit.be/tmp/92.16.217.1494628/verificando/info/Index_files/017cf77fef
185.220.172.6200 OK 57 B URL HTTP/1.1 jeranit.be/tmp/92.16.217.1494628/verificando/info/Index_files/017cf77fef
IP 185.220.172.6:0
ASN #206281 Stichting DIGI NL
File type ASCII text, with no line terminators
Hash 06dd80aeb628c60dc680bc7a4bee6651
8c86eb7ddff5e1e5d527bd7a41c9d3f6767e23e0
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
Analyzer Verdict Alert urlquery phishing Phishing - Bancolombia
fortinet Phishing
GET /tmp/92.16.217.1494628/verificando/info/Index_files/017cf77fef HTTP/1.1
Host: jeranit.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jeranit.be/tmp/92.16.217.1494628/verificando/info/
HTTP/1.1 200 OK
date: Mon, 12 Dec 2022 07:54:13 GMT
server: Apache/2
upgrade: h2,h2c
connection: Upgrade
last-modified: Mon, 12 Dec 2022 02:43:25 GMT
etag: "39-5ef9877b4297e"
accept-ranges: bytes
content-length: 57
vary: User-Agent
jeranit.be/tmp/92.16.217.1494628/verificando/info/Index_files/nr-1071.min.js
185.220.172.6200 OK 9.1 kB URL HTTP/1.1 jeranit.be/tmp/92.16.217.1494628/verificando/info/Index_files/nr-1071.min.js
IP 185.220.172.6:0
ASN #206281 Stichting DIGI NL
File type ASCII text, with very long lines (23651), with no line terminators
Hash ea7d98da6b8048d3c3905a1c8c7413f1
222c966ad76450aefe8c8e8575678dd7733696bc
1ea4b27f6a8e25490b451cd0f484bb5f7ccf7031175f28f74ee14024461eef6a
Analyzer Verdict Alert fortinet Phishing
GET /tmp/92.16.217.1494628/verificando/info/Index_files/nr-1071.min.js HTTP/1.1
Host: jeranit.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jeranit.be/tmp/92.16.217.1494628/verificando/info/
HTTP/1.1 200 OK
date: Mon, 12 Dec 2022 07:54:13 GMT
server: Apache/2
upgrade: h2,h2c
connection: Upgrade
last-modified: Mon, 12 Dec 2022 02:43:25 GMT
etag: "5c63-5ef9877b4297e-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 9086
content-type: application/javascript
jeranit.be/tmp/92.16.217.1494628/verificando/info/Index_files/validations.js
185.220.172.6200 OK 2.1 kB URL HTTP/1.1 jeranit.be/tmp/92.16.217.1494628/verificando/info/Index_files/validations.js
IP 185.220.172.6:0
ASN #206281 Stichting DIGI NL
File type ISO-8859 text, with very long lines (441)
Hash a7a8423aec56fe8e71aee3d7d6487645
fa7a069c4580ac461c1bacd350c37603b258676c
4004f6c2340bd0f5c0cdafaba27fb43e1d6e45c21612d2eacf36c62dc8f35c98
Analyzer Verdict Alert fortinet Phishing
GET /tmp/92.16.217.1494628/verificando/info/Index_files/validations.js HTTP/1.1
Host: jeranit.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jeranit.be/tmp/92.16.217.1494628/verificando/info/
HTTP/1.1 200 OK
date: Mon, 12 Dec 2022 07:54:13 GMT
server: Apache/2
upgrade: h2,h2c
connection: Upgrade
last-modified: Mon, 12 Dec 2022 02:43:25 GMT
etag: "1b15-5ef9877b4314e-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2058
content-type: application/javascript
jeranit.be/tmp/92.16.217.1494628/verificando/info/Index_files/jquery-validations.js
185.220.172.6200 OK 269 B URL HTTP/1.1 jeranit.be/tmp/92.16.217.1494628/verificando/info/Index_files/jquery-validations.js
IP 185.220.172.6:0
ASN #206281 Stichting DIGI NL
Hash 3cc7eee4a5d1d79f8ce08df701324e59
6ba1230754aa70396ee06646804cb33595b3a2e1
6d5b3aa10010dd8fbbcf7d7c391233f382e3576d682be73ce5af230b8d8ad4f8
Analyzer Verdict Alert fortinet Phishing
GET /tmp/92.16.217.1494628/verificando/info/Index_files/jquery-validations.js HTTP/1.1
Host: jeranit.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jeranit.be/tmp/92.16.217.1494628/verificando/info/
HTTP/1.1 200 OK
date: Mon, 12 Dec 2022 07:54:13 GMT
server: Apache/2
upgrade: h2,h2c
connection: Upgrade
last-modified: Mon, 12 Dec 2022 02:43:25 GMT
etag: "454-5ef9877b4297e-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 269
content-type: application/javascript
jeranit.be/tmp/92.16.217.1494628/verificando/info/Index_files/jquery.validate-1.11.1.js
185.220.172.6200 OK 7.0 kB URL HTTP/1.1 jeranit.be/tmp/92.16.217.1494628/verificando/info/Index_files/jquery.validate-1.11.1.js
IP 185.220.172.6:0
ASN #206281 Stichting DIGI NL
File type ASCII text, with very long lines (2795)
Hash 279f420c7d0cdc8bdf7b726804196ac5
16ba522e5eb521c3b9f2795638dc1589cb5a4b75
c53e5b4058dc3a2944b29dec9968d4ef908e3fe247d67f108a1f6f93d484e842
Analyzer Verdict Alert fortinet Phishing
GET /tmp/92.16.217.1494628/verificando/info/Index_files/jquery.validate-1.11.1.js HTTP/1.1
Host: jeranit.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jeranit.be/tmp/92.16.217.1494628/verificando/info/
HTTP/1.1 200 OK
date: Mon, 12 Dec 2022 07:54:13 GMT
server: Apache/2
upgrade: h2,h2c
connection: Upgrade
last-modified: Mon, 12 Dec 2022 02:43:25 GMT
etag: "675b-5ef9877b42d66-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 7024
content-type: application/javascript
jeranit.be/tmp/92.16.217.1494628/verificando/info/Index_files/blockKeys.js
185.220.172.6200 OK 117 B URL HTTP/1.1 jeranit.be/tmp/92.16.217.1494628/verificando/info/Index_files/blockKeys.js
IP 185.220.172.6:0
ASN #206281 Stichting DIGI NL
Hash 5e8511c97144f62125dff163f5602826
39de3e346fcbc0b8325a159604ddc50cae14dac6
078a085283f978267eeabf828914c6ad036159509bf45e4d024cebc770e62694
Analyzer Verdict Alert fortinet Phishing
GET /tmp/92.16.217.1494628/verificando/info/Index_files/blockKeys.js HTTP/1.1
Host: jeranit.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jeranit.be/tmp/92.16.217.1494628/verificando/info/
HTTP/1.1 200 OK
date: Mon, 12 Dec 2022 07:54:13 GMT
server: Apache/2
upgrade: h2,h2c
connection: Upgrade
last-modified: Mon, 12 Dec 2022 02:43:25 GMT
etag: "9c-5ef9877b4314e-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 117
content-type: application/javascript
jeranit.be/tmp/92.16.217.1494628/verificando/info/Index_files/jquery.jclock-min.js
185.220.172.6200 OK 1.3 kB URL HTTP/1.1 jeranit.be/tmp/92.16.217.1494628/verificando/info/Index_files/jquery.jclock-min.js
IP 185.220.172.6:0
ASN #206281 Stichting DIGI NL
File type ASCII text, with very long lines (2957)
Hash 38386ecedb25a2b73fa153a7242af2e8
3771e6f2c812b7af510f5b1d8693986b07b2f04d
c30176f7e71309c513407b9eabf3b97b7fb8a7fc80cadbcecdc47126af8a7c3a
Analyzer Verdict Alert fortinet Phishing
GET /tmp/92.16.217.1494628/verificando/info/Index_files/jquery.jclock-min.js HTTP/1.1
Host: jeranit.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jeranit.be/tmp/92.16.217.1494628/verificando/info/
HTTP/1.1 200 OK
date: Mon, 12 Dec 2022 07:54:13 GMT
server: Apache/2
upgrade: h2,h2c
connection: Upgrade
last-modified: Mon, 12 Dec 2022 02:43:25 GMT
etag: "c41-5ef9877b42d66-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1262
content-type: application/javascript
jeranit.be/tmp/92.16.217.1494628/verificando/info/Index_files/jquery-1.10.1.js
185.220.172.6200 OK 41 kB URL HTTP/1.1 jeranit.be/tmp/92.16.217.1494628/verificando/info/Index_files/jquery-1.10.1.js
IP 185.220.172.6:0
ASN #206281 Stichting DIGI NL
File type ASCII text, with very long lines (1618)
Hash 4393c7755eaa416193014c23b5e419b2
9efaf24ac90dd5f73a3bb9ebcf0d554541c8b3bf
8ef3f6d167b63ebdf86799fab79153158d7ede1ff63bcc203f047a5d66ef384c
Analyzer Verdict Alert fortinet Phishing
GET /tmp/92.16.217.1494628/verificando/info/Index_files/jquery-1.10.1.js HTTP/1.1
Host: jeranit.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jeranit.be/tmp/92.16.217.1494628/verificando/info/
HTTP/1.1 200 OK
date: Mon, 12 Dec 2022 07:54:13 GMT
server: Apache/2
upgrade: h2,h2c
connection: Upgrade
last-modified: Mon, 12 Dec 2022 02:43:25 GMT
etag: "239c2-5ef9877b4314e-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 41423
content-type: application/javascript
jeranit.be/tmp/92.16.217.1494628/verificando/info/Index_files/bootstrap.js
185.220.172.6200 OK 8.5 kB URL HTTP/1.1 jeranit.be/tmp/92.16.217.1494628/verificando/info/Index_files/bootstrap.js
IP 185.220.172.6:0
ASN #206281 Stichting DIGI NL
File type ASCII text, with very long lines (415)
Hash 23cfec4ec6f4f8691e0b987872419b45
1bbfd843344613878c97f5f28db37014b46a1534
483316db597657235fecf8e8764621f9eeb0d08efe5a5ad914bfa4132e71e3cd
Analyzer Verdict Alert fortinet Phishing
GET /tmp/92.16.217.1494628/verificando/info/Index_files/bootstrap.js HTTP/1.1
Host: jeranit.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jeranit.be/tmp/92.16.217.1494628/verificando/info/
HTTP/1.1 200 OK
date: Mon, 12 Dec 2022 07:54:13 GMT
server: Apache/2
upgrade: h2,h2c
connection: Upgrade
last-modified: Mon, 12 Dec 2022 02:43:25 GMT
etag: "8d9a-5ef9877b4297e-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 8466
content-type: application/javascript
jeranit.be/tmp/92.16.217.1494628/verificando/info/Index_files/jquery-ui.css
185.220.172.6200 OK 6.1 kB URL HTTP/1.1 jeranit.be/tmp/92.16.217.1494628/verificando/info/Index_files/jquery-ui.css
IP 185.220.172.6:0
ASN #206281 Stichting DIGI NL
File type ASCII text, with very long lines (1363)
Hash bd9a12055e73def4b68b02ff05968453
c9f14ce2da1af9b9bf24e3e28370aa82b737c969
44d53a960eb1f73e758f4346c8c964cb68e04b4852b755c95a3a170384961be0
GET /tmp/92.16.217.1494628/verificando/info/Index_files/jquery-ui.css HTTP/1.1
Host: jeranit.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jeranit.be/tmp/92.16.217.1494628/verificando/info/
HTTP/1.1 200 OK
date: Mon, 12 Dec 2022 07:54:13 GMT
server: Apache/2
upgrade: h2,h2c
connection: Upgrade
last-modified: Mon, 12 Dec 2022 02:43:25 GMT
etag: "7c88-5ef9877b42d66-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 6121
content-type: text/css
jeranit.be/tmp/92.16.217.1494628/verificando/info/Index_files/rsa.js
185.220.172.6200 OK 10 kB URL HTTP/1.1 jeranit.be/tmp/92.16.217.1494628/verificando/info/Index_files/rsa.js
IP 185.220.172.6:0
ASN #206281 Stichting DIGI NL
File type ASCII text, with very long lines (1826)
Hash 8b0503d6766749272510aabccfbbd9c0
09285a200345959982c96713067019876e27f993
ecd43b5c7e5f100d1d5af616fbb931fb5b79b61cee9b16f692c87fb7f6541f83
Analyzer Verdict Alert fortinet Phishing
GET /tmp/92.16.217.1494628/verificando/info/Index_files/rsa.js HTTP/1.1
Host: jeranit.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jeranit.be/tmp/92.16.217.1494628/verificando/info/
HTTP/1.1 200 OK
date: Mon, 12 Dec 2022 07:54:13 GMT
server: Apache/2
upgrade: h2,h2c
connection: Upgrade
last-modified: Mon, 12 Dec 2022 02:43:25 GMT
etag: "8821-5ef9877b4297e-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 10097
content-type: application/javascript
jeranit.be/tmp/92.16.217.1494628/verificando/info/Index_files/AC_OETags.js
185.220.172.6200 OK 1.6 kB URL HTTP/1.1 jeranit.be/tmp/92.16.217.1494628/verificando/info/Index_files/AC_OETags.js
IP 185.220.172.6:0
ASN #206281 Stichting DIGI NL
File type ASCII text, with very long lines (1427)
Hash 97b4f6224d6185f96c89fe0dca6c0359
d2d20e46e7c3059ac7c1541841509e59f192eb3b
81b6cc5f72dfabb009fcd40b02d1fec6d8759e9b5f1e0fc1767b3bcfb3da8a72
Analyzer Verdict Alert fortinet Phishing
GET /tmp/92.16.217.1494628/verificando/info/Index_files/AC_OETags.js HTTP/1.1
Host: jeranit.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jeranit.be/tmp/92.16.217.1494628/verificando/info/
HTTP/1.1 200 OK
date: Mon, 12 Dec 2022 07:54:13 GMT
server: Apache/2
upgrade: h2,h2c
connection: Upgrade
last-modified: Mon, 12 Dec 2022 02:43:25 GMT
etag: "138c-5ef9877b42596-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1581
content-type: application/javascript
jeranit.be/tmp/92.16.217.1494628/verificando/info/Index_files/json2.js
185.220.172.6200 OK 1.4 kB URL HTTP/1.1 jeranit.be/tmp/92.16.217.1494628/verificando/info/Index_files/json2.js
IP 185.220.172.6:0
ASN #206281 Stichting DIGI NL
File type ASCII text, with very long lines (582)
Hash 9e42e390c9979adee54bc51d4bef9514
8b197c001f438b360a877ce0f82cacfe92bdb978
27f87f7d9a564a2c56d99d3151e213a990dfb754b463e1bfaf216c69c42ac078
Analyzer Verdict Alert urlquery phishing Phishing - Bancolombia
fortinet Phishing
GET /tmp/92.16.217.1494628/verificando/info/Index_files/json2.js HTTP/1.1
Host: jeranit.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jeranit.be/tmp/92.16.217.1494628/verificando/info/
HTTP/1.1 200 OK
date: Mon, 12 Dec 2022 07:54:13 GMT
server: Apache/2
upgrade: h2,h2c
connection: Upgrade
last-modified: Mon, 12 Dec 2022 02:43:25 GMT
etag: "d7a-5ef9877b4297e-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1362
content-type: application/javascript
jeranit.be/tmp/92.16.217.1494628/verificando/info/Index_files/swfRSACookieFunc.js
185.220.172.6200 OK 266 B URL HTTP/1.1 jeranit.be/tmp/92.16.217.1494628/verificando/info/Index_files/swfRSACookieFunc.js
IP 185.220.172.6:0
ASN #206281 Stichting DIGI NL
Hash bb4edcf2cda014c4f17d1eac598d1773
25ec81e99e4b81afa83f28c1f48c24ef0c1b05dd
5fd25695075abbf7c62bdfa6d0d7f4ab32fefb16d0127b280d13522af60c77d2
Analyzer Verdict Alert urlquery phishing Phishing - Bancolombia
fortinet Phishing
GET /tmp/92.16.217.1494628/verificando/info/Index_files/swfRSACookieFunc.js HTTP/1.1
Host: jeranit.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jeranit.be/tmp/92.16.217.1494628/verificando/info/
HTTP/1.1 200 OK
date: Mon, 12 Dec 2022 07:54:13 GMT
server: Apache/2
upgrade: h2,h2c
connection: Upgrade
last-modified: Mon, 12 Dec 2022 02:43:25 GMT
etag: "1fb-5ef9877b4297e-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 266
content-type: application/javascript
jeranit.be/tmp/92.16.217.1494628/verificando/info/Index_files/hashtable.js
185.220.172.6200 OK 3.3 kB URL HTTP/1.1 jeranit.be/tmp/92.16.217.1494628/verificando/info/Index_files/hashtable.js
IP 185.220.172.6:0
ASN #206281 Stichting DIGI NL
Hash 380ad80d0aaf5f540be4d916ada06745
ed3bc501c52ab968180877cfdeff5a9d4a4d2209
998a41a64183adf1fb56c07315be41160165fadc713c949d33c8eb9e8e619be2
Analyzer Verdict Alert fortinet Phishing
GET /tmp/92.16.217.1494628/verificando/info/Index_files/hashtable.js HTTP/1.1
Host: jeranit.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jeranit.be/tmp/92.16.217.1494628/verificando/info/
HTTP/1.1 200 OK
date: Mon, 12 Dec 2022 07:54:13 GMT
server: Apache/2
upgrade: h2,h2c
connection: Upgrade
last-modified: Mon, 12 Dec 2022 02:43:25 GMT
etag: "3570-5ef9877b4297e-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3326
content-type: application/javascript
jeranit.be/tmp/92.16.217.1494628/verificando/info/Index_files/styles.css
185.220.172.6200 OK 16 kB URL HTTP/1.1 jeranit.be/tmp/92.16.217.1494628/verificando/info/Index_files/styles.css
IP 185.220.172.6:0
ASN #206281 Stichting DIGI NL
File type ASCII text, with very long lines (360)
Hash 85cacd107ee1303f090d36055d8085c0
ed03975905192e2aff4bcf02c1d0be3000ffc6d0
37c8cc8a3ab8cd4e02032c71fd215f7438d0203f42e663591d1b545fff77dea8
GET /tmp/92.16.217.1494628/verificando/info/Index_files/styles.css HTTP/1.1
Host: jeranit.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jeranit.be/tmp/92.16.217.1494628/verificando/info/
HTTP/1.1 200 OK
date: Mon, 12 Dec 2022 07:54:13 GMT
server: Apache/2
upgrade: h2,h2c
connection: Upgrade
last-modified: Mon, 12 Dec 2022 02:43:25 GMT
etag: "1a5c5-5ef9877b4297e-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 15727
content-type: text/css
jeranit.be/tmp/92.16.217.1494628/verificando/info/Index_files/bootstrap.css
185.220.172.6200 OK 18 kB URL HTTP/1.1 jeranit.be/tmp/92.16.217.1494628/verificando/info/Index_files/bootstrap.css
IP 185.220.172.6:0
ASN #206281 Stichting DIGI NL
File type assembler source, ASCII text, with very long lines (540)
Hash 96ba750c4dbebf63ba9bd3c6e681ea42
8ca052b96a017efad70fb276b0bcdbb9ba87c0a2
ab5995b5dba5f7e558684e193a16bb83ba3ea7044ec277092016788b222df0d8
GET /tmp/92.16.217.1494628/verificando/info/Index_files/bootstrap.css HTTP/1.1
Host: jeranit.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jeranit.be/tmp/92.16.217.1494628/verificando/info/
HTTP/1.1 200 OK
date: Mon, 12 Dec 2022 07:54:13 GMT
server: Apache/2
upgrade: h2,h2c
connection: Upgrade
last-modified: Mon, 12 Dec 2022 02:43:25 GMT
etag: "1d9c5-5ef9877b4314e-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 18365
content-type: text/css
jeranit.be/tmp/92.16.217.1494628/verificando/info/Index_files/login_SVP_BC_zonaA.html
185.220.172.6200 OK 813 B URL HTTP/1.1 jeranit.be/tmp/92.16.217.1494628/verificando/info/Index_files/login_SVP_BC_zonaA.html
IP 185.220.172.6:0
ASN #206281 Stichting DIGI NL
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (338)
Hash d2217e17460d24c89015a19a80761df1
17a4e6b424095771374312c085773aac4909269a
c0f9649936f7692517f256062297921aee312354eb4aa63f5f1a2acb6329fd7f
Analyzer Verdict Alert urlquery phishing Phishing - Bancolombia
fortinet Phishing
GET /tmp/92.16.217.1494628/verificando/info/Index_files/login_SVP_BC_zonaA.html HTTP/1.1
Host: jeranit.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jeranit.be/tmp/92.16.217.1494628/verificando/info/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
date: Mon, 12 Dec 2022 07:54:13 GMT
server: Apache/2
upgrade: h2,h2c
connection: Upgrade
last-modified: Mon, 12 Dec 2022 02:43:25 GMT
etag: "521-5ef9877b42d66-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 813
content-type: text/html
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 12 Dec 2022 07:33:17 GMT
age: 1256
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
monstat.com/BancolombiaPersonas.png?du=http%3A//jeranit.be/tmp/92.16.217.1494628/verificando/info/&dr=&rr=0.22026476470543221
40.69.200.41404 Not Found 221 B URL HTTP/1.1 monstat.com/BancolombiaPersonas.png?du=http%3A//jeranit.be/tmp/92.16.217.1494628/verificando/info/&dr=&rr=0.22026476470543221
IP 40.69.200.41:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 992f1b3807b786dcc4a21068cd9f6e8d
a021904f02a6b2496440a8ba44424866c5647624
cb93a44812e970e7d3344943984006d41a06d0776e8da68a2ca9dfce9c6bf424
GET /BancolombiaPersonas.png?du=http%3A//jeranit.be/tmp/92.16.217.1494628/verificando/info/&dr=&rr=0.22026476470543221 HTTP/1.1
Host: monstat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jeranit.be/
HTTP/1.1 404 Not Found
Date: Mon, 12 Dec 2022 07:54:13 GMT
Server: Apache
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Content-Length: 221
Connection: close
Content-Type: text/html; charset=iso-8859-1
jeranit.be/tmp/92.16.217.1494628/verificando/info/fonts/iconfont/icon_font_bc.ttf?61jkgi
185.220.172.6200 OK 7.3 kB URL HTTP/1.1 jeranit.be/tmp/92.16.217.1494628/verificando/info/fonts/iconfont/icon_font_bc.ttf?61jkgi
IP 185.220.172.6:0
ASN #206281 Stichting DIGI NL
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icon_font_bc\012- data
Hash 084c293851b832e4f2c91de139224824
73bf4ed3ecb672c4dbb508ccdf346041e55c37b5
b566b824e0cc8957f98a867bb2bae37871f8d53150c8f7992e2345d6742812f8
Analyzer Verdict Alert fortinet Phishing
GET /tmp/92.16.217.1494628/verificando/info/fonts/iconfont/icon_font_bc.ttf?61jkgi HTTP/1.1
Host: jeranit.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jeranit.be/tmp/92.16.217.1494628/verificando/info/Index_files/styles.css
HTTP/1.1 200 OK
date: Mon, 12 Dec 2022 07:54:13 GMT
server: Apache/2
upgrade: h2,h2c
connection: Upgrade
last-modified: Mon, 12 Dec 2022 02:43:25 GMT
etag: "357c-5ef9877b440ee-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
access-control-allow-origin: *
content-length: 7257
content-type: application/x-font-ttf
jeranit.be/tmp/92.16.217.1494628/verificando/info/fonts/opensans/OpenSans-Regular.ttf
185.220.172.6404 Not Found 0 B URL HTTP/1.1 jeranit.be/tmp/92.16.217.1494628/verificando/info/fonts/opensans/OpenSans-Regular.ttf
IP 185.220.172.6:0
ASN #206281 Stichting DIGI NL
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Bancolombia
fortinet Phishing
GET /tmp/92.16.217.1494628/verificando/info/fonts/opensans/OpenSans-Regular.ttf HTTP/1.1
Host: jeranit.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jeranit.be/tmp/92.16.217.1494628/verificando/info/Index_files/styles.css
HTTP/1.1 404 Not Found
date: Mon, 12 Dec 2022 07:54:13 GMT
server: Apache/2
x-powered-by: PHP/7.4.32
upgrade: h2,h2c
connection: Upgrade
vary: User-Agent
content-length: 0
content-type: text/html; charset=UTF-8
jeranit.be/tmp/92.16.217.1494628/verificando/info/fonts/opensans/CIBFontSans-Light.ttf
185.220.172.6404 Not Found 0 B URL HTTP/1.1 jeranit.be/tmp/92.16.217.1494628/verificando/info/fonts/opensans/CIBFontSans-Light.ttf
IP 185.220.172.6:0
ASN #206281 Stichting DIGI NL
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Bancolombia
fortinet Phishing
GET /tmp/92.16.217.1494628/verificando/info/fonts/opensans/CIBFontSans-Light.ttf HTTP/1.1
Host: jeranit.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jeranit.be/tmp/92.16.217.1494628/verificando/info/Index_files/styles.css
HTTP/1.1 404 Not Found
date: Mon, 12 Dec 2022 07:54:13 GMT
server: Apache/2
x-powered-by: PHP/7.4.32
upgrade: h2,h2c
connection: Upgrade
vary: User-Agent
content-length: 0
content-type: text/html; charset=UTF-8
jeranit.be/tmp/92.16.217.1494628/verificando/info/Index_files/jquery-ui.js
185.220.172.6200 OK 15 kB URL HTTP/1.1 jeranit.be/tmp/92.16.217.1494628/verificando/info/Index_files/jquery-ui.js
IP 185.220.172.6:0
ASN #206281 Stichting DIGI NL
File type ASCII text, with very long lines (1952)
Hash 654b8ab88c32ec4828c732ca8b44e07e
71d2dcc42288fbddd9716d06f89845a82764354e
b6b2f9a1476aa28f901dc595eeb7e2978322ce81c4199ffe4df366f315660b09
Analyzer Verdict Alert fortinet Phishing
GET /tmp/92.16.217.1494628/verificando/info/Index_files/jquery-ui.js HTTP/1.1
Host: jeranit.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jeranit.be/tmp/92.16.217.1494628/verificando/info/
HTTP/1.1 200 OK
date: Mon, 12 Dec 2022 07:54:13 GMT
server: Apache/2
upgrade: h2,h2c
connection: Upgrade
last-modified: Mon, 12 Dec 2022 02:43:25 GMT
etag: "37c7e-5ef9877b42d66-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 60862
content-type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 6e3f8d4746a504538feb23cb945c23b6
4b0b909d7eedbd454f1fd7b29d68d04bc33d3364
888b42c52a423769c8de9e5027b4c0e87b7975c1830b12bc222109046cb6d4b5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2862
Cache-Control: max-age=151247
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 07:54:14 GMT
Etag: "63967ec7-1d7"
Expires: Wed, 14 Dec 2022 01:55:01 GMT
Last-Modified: Mon, 12 Dec 2022 01:07:19 GMT
Server: ECS (amb/6B77)
X-Cache: HIT
Content-Length: 471
sucursalpersonas.transaccionesbancolombia.com/mua/images/icons/icon-user.png
162.159.255.116200 OK 447 B URL HTTP/2 sucursalpersonas.transaccionesbancolombia.com/mua/images/icons/icon-user.png
IP 162.159.255.116:0
File type PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced\012- data
Hash 0e3457ed5ea858d1e9287ef66dcbbfe4
006c99b62e141ebbc69f6e06cab757995d3f7417
75d5b455151a3b1a0a5b100041fee37de2daa0b41d1d177deaa863177c5b5b83
GET /mua/images/icons/icon-user.png HTTP/1.1
Host: sucursalpersonas.transaccionesbancolombia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jeranit.be/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Dec 2022 07:54:14 GMT
content-type: image/png
content-length: 447
x-frame-options: sameorigin, sameorigin, SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 27 Apr 2021 13:04:03 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-content-security-policy: default-src 'self';
content-security-policy: default-src 'self'; script-src 'self' https://cdn.siftscience.com *.medallia.com *.kampyle.com https://checkout.wompi.co https://www.google.com *.googleapis.com api.segment.io *.segment.com *.todo1.com *.cloudbancolombia.com *.newrelic.com bam.nr-data.net *.gstatic.com https://www.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'unsafe-inline' 'unsafe-eval'; connect-src https://sessions.bugsnag.com *.medallia.com *.kampyle.com api.segment.io *.segment.com *.todo1.com *.newrelic.com bam.nr-data.net https://www.google-analytics.com www.google-analytics.com tagmanager.google.com *.hotjar.com *.hotjar.io *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self'; img-src https://hexagon-analytics.com *.medallia.com *.kampyle.com images-cdn.info https://www.google-analytics.com www.google-analytics.com https://www.google.com *.gstatic.com *.cloudbancolombia.com *.bancolombia.com *.todo1.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self' data:; style-src 'self' *.medallia.com *.kampyle.com 'unsafe-inline' 'unsafe-eval' https://tagmanager.google.com https://fonts.googleapis.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com; frame-src 'self' https://checkout.wompi.co *.medallia.com *.kampyle.com https://www.google.com/ https://*.googleapis.com https://*.gstatic.com *.salesforce.com *.force.com *.visualforce.com *.cloudbancolombia.com *.bancolombia.corp *.bancolombia.com *.transaccionesbancolombia.com *.hotjar.com https://stags.bluekai.com https://www.facebook.com data: blob:; font-src https://*.gstatic.com 'self' data:
access-control-allow-origin: https://c.na7.visual.fo.todo1.com
cf-cache-status: HIT
age: 1601
expires: Mon, 12 Dec 2022 11:54:14 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
set-cookie: __cf_bm=qk8kttIW9PAJb1A.9S9Qhs5s5nNCeKJYoAL4_YF2po8-1670831654-0-ARu+bYt81IHwDuTfZ862VE0vY5qSJBCtTQ1OJyYkIVj61ybnHnqpvgu5uQ8u6EEL7Nu+UPhINdiJGVwpxuXq0DU=; path=/; expires=Mon, 12-Dec-22 08:24:14 GMT; domain=.transaccionesbancolombia.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7784e40de8ab23fb-LHR
X-Firefox-Spdy: h2
sucursalpersonas.transaccionesbancolombia.com/mua/static/imgPublicidad.jpg
162.159.255.116200 OK 53 kB URL HTTP/2 sucursalpersonas.transaccionesbancolombia.com/mua/static/imgPublicidad.jpg
IP 162.159.255.116:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 627x327, components 3\012- data
Hash 46ae51e0d163cbd8aa58e4220c486c6a
30ba07fd9a7f783a95aceb698d82798e872fb696
140831642d0b00aca04e0ce36d32207a7fb74ff0c9dcf3a4985acb88c4937a91
GET /mua/static/imgPublicidad.jpg HTTP/1.1
Host: sucursalpersonas.transaccionesbancolombia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jeranit.be/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Dec 2022 07:54:14 GMT
content-type: image/jpeg
content-length: 52567
access-control-allow-origin: https://c.na7.visual.fo.todo1.com
cf-bgj: h2pri
content-security-policy: default-src 'self'; script-src 'self' https://cdn.siftscience.com *.medallia.com *.kampyle.com https://checkout.wompi.co https://www.google.com *.googleapis.com api.segment.io *.segment.com *.todo1.com *.cloudbancolombia.com *.newrelic.com bam.nr-data.net *.gstatic.com https://www.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'unsafe-inline' 'unsafe-eval'; connect-src https://sessions.bugsnag.com *.medallia.com *.kampyle.com api.segment.io *.segment.com *.todo1.com *.newrelic.com bam.nr-data.net https://www.google-analytics.com www.google-analytics.com tagmanager.google.com *.hotjar.com *.hotjar.io *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self'; img-src https://hexagon-analytics.com *.medallia.com *.kampyle.com images-cdn.info https://www.google-analytics.com www.google-analytics.com https://www.google.com *.gstatic.com *.cloudbancolombia.com *.bancolombia.com *.todo1.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self' data:; style-src 'self' *.medallia.com *.kampyle.com 'unsafe-inline' 'unsafe-eval' https://tagmanager.google.com https://fonts.googleapis.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com; frame-src 'self' https://checkout.wompi.co *.medallia.com *.kampyle.com https://www.google.com/ https://*.googleapis.com https://*.gstatic.com *.salesforce.com *.force.com *.visualforce.com *.cloudbancolombia.com *.bancolombia.corp *.bancolombia.com *.transaccionesbancolombia.com *.hotjar.com https://stags.bluekai.com https://www.facebook.com data: blob:; font-src https://*.gstatic.com 'self' data:
last-modified: Fri, 04 Nov 2022 16:21:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-security-policy: default-src 'self';
x-content-type-options: nosniff
x-frame-options: sameorigin, sameorigin, SAMEORIGIN
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 5373
expires: Mon, 12 Dec 2022 11:54:14 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
set-cookie: __cf_bm=MZ1v.aM3t.zM5aOjdUVJMhtrDmS_59cVccaqaJ9vNNA-1670831654-0-ASyTHiPFrP6o+rpNRZl99LSvfg0TCI6E+KMCoT9XRj/ScVZZKxBze8lrh/4RxTJd2zmJA0Ykw3wlPgaT8cZzNcQ=; path=/; expires=Mon, 12-Dec-22 08:24:14 GMT; domain=.transaccionesbancolombia.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7784e40e08c223fb-LHR
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e12bb655426d080117693ba116f398cf
8fe1f7f8d0b191baed2decba3523656da97077f5
2c25ba0d1c806de98d5489934acd8e2f17487e4f7e40c7f0d39094ce49f91b8d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 100
Cache-Control: max-age=90862
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 07:54:14 GMT
Etag: "63959db0-1d7"
Expires: Tue, 13 Dec 2022 09:08:36 GMT
Last-Modified: Sun, 11 Dec 2022 09:06:56 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 6e3f8d4746a504538feb23cb945c23b6
4b0b909d7eedbd454f1fd7b29d68d04bc33d3364
888b42c52a423769c8de9e5027b4c0e87b7975c1830b12bc222109046cb6d4b5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=148385
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 07:54:14 GMT
Etag: "63967ec7-1d7"
Expires: Wed, 14 Dec 2022 01:07:19 GMT
Last-Modified: Mon, 12 Dec 2022 01:07:19 GMT
Server: nginx
Content-Length: 471
www.google-analytics.com/analytics.js
142.250.74.14200 OK 20 kB URL HTTP/1.1 www.google-analytics.com/analytics.js
IP 142.250.74.14:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jeranit.be/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 20039
Date: Mon, 12 Dec 2022 06:13:50 GMT
Expires: Mon, 12 Dec 2022 08:13:50 GMT
Cache-Control: public, max-age=7200
Age: 6024
Last-Modified: Tue, 27 Sep 2022 22:01:05 GMT
Content-Type: text/javascript
www.google-analytics.com/r/collect?v=1&_v=j66&a=1328661452&t=pageview&_s=1&dl=http%3A%2F%2Fjeranit.be%2Ftmp%2F92.16.217.1494628%2Fverificando%2Finfo%2FIndex_files%2Flogin_SVP_BC_zonaA.html&ul=en-us&de=UTF-8&dt=Sucursal%20Virtual%20Personas%20-%20Zona%20A%20-%20Login&sd=24-bit&sr=1280x1024&vp=749x352&je=0&_u=IEBAAEAB~&jid=1646818308&gjid=1811655222&cid=1599821949.1670831652&tid=UA-65546126-1&_gid=413849794.1670831652&_r=1&z=1616950293
142.250.74.14200 OK 35 B URL HTTP/1.1 www.google-analytics.com/r/collect?v=1&_v=j66&a=1328661452&t=pageview&_s=1&dl=http%3A%2F%2Fjeranit.be%2Ftmp%2F92.16.217.1494628%2Fverificando%2Finfo%2FIndex_files%2Flogin_SVP_BC_zonaA.html&ul=en-us&de=UTF-8&dt=Sucursal%20Virtual%20Personas%20-%20Zona%20A%20-%20Login&sd=24-bit&sr=1280x1024&vp=749x352&je=0&_u=IEBAAEAB~&jid=1646818308&gjid=1811655222&cid=1599821949.1670831652&tid=UA-65546126-1&_gid=413849794.1670831652&_r=1&z=1616950293
IP 142.250.74.14:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /r/collect?v=1&_v=j66&a=1328661452&t=pageview&_s=1&dl=http%3A%2F%2Fjeranit.be%2Ftmp%2F92.16.217.1494628%2Fverificando%2Finfo%2FIndex_files%2Flogin_SVP_BC_zonaA.html&ul=en-us&de=UTF-8&dt=Sucursal%20Virtual%20Personas%20-%20Zona%20A%20-%20Login&sd=24-bit&sr=1280x1024&vp=749x352&je=0&_u=IEBAAEAB~&jid=1646818308&gjid=1811655222&cid=1599821949.1670831652&tid=UA-65546126-1&_gid=413849794.1670831652&_r=1&z=1616950293 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jeranit.be/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Date: Mon, 12 Dec 2022 07:54:14 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
sucursalpersonas.transaccionesbancolombia.com/mua/images/logo.svg
162.159.255.116200 OK 2.5 kB URL HTTP/2 sucursalpersonas.transaccionesbancolombia.com/mua/images/logo.svg
IP 162.159.255.116:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (667)
Hash 62a1fa9f1bf2d0c03f55190cb282e725
d11660bbf60e4f009386849499e3fbed5a9b8ae2
41d3f89156bc151716e24ec8943dc961f2e4b7306aa94db1357a42ad1ff164b5
GET /mua/images/logo.svg HTTP/1.1
Host: sucursalpersonas.transaccionesbancolombia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jeranit.be/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Dec 2022 07:54:14 GMT
content-type: image/svg+xml
x-frame-options: sameorigin, sameorigin, SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 27 Apr 2021 13:04:03 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-content-security-policy: default-src 'self';
content-security-policy: default-src 'self'; script-src 'self' https://cdn.siftscience.com *.medallia.com *.kampyle.com https://checkout.wompi.co https://www.google.com *.googleapis.com api.segment.io *.segment.com *.todo1.com *.cloudbancolombia.com *.newrelic.com bam.nr-data.net *.gstatic.com https://www.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'unsafe-inline' 'unsafe-eval'; connect-src https://sessions.bugsnag.com *.medallia.com *.kampyle.com api.segment.io *.segment.com *.todo1.com *.newrelic.com bam.nr-data.net https://www.google-analytics.com www.google-analytics.com tagmanager.google.com *.hotjar.com *.hotjar.io *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self'; img-src https://hexagon-analytics.com *.medallia.com *.kampyle.com images-cdn.info https://www.google-analytics.com www.google-analytics.com https://www.google.com *.gstatic.com *.cloudbancolombia.com *.bancolombia.com *.todo1.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self' data:; style-src 'self' *.medallia.com *.kampyle.com 'unsafe-inline' 'unsafe-eval' https://tagmanager.google.com https://fonts.googleapis.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com; frame-src 'self' https://checkout.wompi.co *.medallia.com *.kampyle.com https://www.google.com/ https://*.googleapis.com https://*.gstatic.com *.salesforce.com *.force.com *.visualforce.com *.cloudbancolombia.com *.bancolombia.corp *.bancolombia.com *.transaccionesbancolombia.com *.hotjar.com https://stags.bluekai.com https://www.facebook.com data: blob:; font-src https://*.gstatic.com 'self' data:
access-control-allow-origin: https://c.na7.visual.fo.todo1.com
cf-cache-status: HIT
age: 1601
expires: Mon, 12 Dec 2022 11:54:14 GMT
cache-control: public, max-age=14400
set-cookie: __cf_bm=sl5gFdQXoWQtPSSYluIPRKYoANTDL6YTVVITv7Di5BQ-1670831654-0-AaJSY6i6LJdzNngm3djsu+Ovq24NR8j4yYil3m1Y5uzOdvpSL5HJNhcEoAo/YBVAa0a6ruSkKteEPaDBxkR2Evk=; path=/; expires=Mon, 12-Dec-22 08:24:14 GMT; domain=.transaccionesbancolombia.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7784e40e894a23fb-LHR
content-encoding: gzip
X-Firefox-Spdy: h2
js-agent.newrelic.com/nr-1071.min.js
151.101.194.137200 OK 9.1 kB URL HTTP/2 js-agent.newrelic.com/nr-1071.min.js
IP 151.101.194.137:0
File type ASCII text, with very long lines (23651), with no line terminators
Hash ea7d98da6b8048d3c3905a1c8c7413f1
222c966ad76450aefe8c8e8575678dd7733696bc
1ea4b27f6a8e25490b451cd0f484bb5f7ccf7031175f28f74ee14024461eef6a
GET /nr-1071.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jeranit.be/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TDQGaVamYM1k5Ib0WsFvThEc6kO3q23ZYAIRKLHQ8BntWl2VZ63nlTNHRjb2ks000rhVim24M/c=
x-amz-request-id: RRKKTM8ZSEDY9ANS
last-modified: Wed, 28 Feb 2018 23:33:31 GMT
etag: "a1a545c95f313a230157b47dca555c25"
x-amz-version-id: null
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Mon, 12 Dec 2022 07:54:14 GMT
via: 1.1 varnish
x-served-by: cache-bma1627-BMA
x-cache: HIT
x-cache-hits: 96
x-timer: S1670831654.371368,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 9086
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.162.52.254101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.52.254:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: gUikOhRWk94dfW14zEF2fQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: b4e/ArdB0GFi48wQ6ShH/Zsl1ik=
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 110e2f3f2b3b9f8bca77eeb4fb4e5cdb
8da8cd9c8f1ea386cc44e04c762da66ffe59fe0c
c66170116aefa5191bb9aad2717f9b54282689e28c1edff106a10e7f466d1753
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5137
Cache-Control: max-age=144150
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 07:54:14 GMT
Etag: "63965a2b-1d7"
Expires: Tue, 13 Dec 2022 23:56:44 GMT
Last-Modified: Sun, 11 Dec 2022 22:31:07 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
bam.nr-data.net/1/017cf77fef?a=33598753&v=1071.385e752&to=YAFQY0VZWkFTAUcPX1lLYUdFUVpVcQ1dEkJYCF5SRRdhYXcwE053cjAb&rst=1294&ref=http://jeranit.be/tmp/92.16.217.1494628/verificando/info/&ap=5&be=578&fe=1135&dc=858&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1670831651342,%22n%22:0,%22r%22:-5,%22re%22:281,%22f%22:281,%22dn%22:281,%22dne%22:281,%22c%22:281,%22ce%22:281,%22rq%22:290,%22rp%22:325,%22rpe%22:326,%22dl%22:387,%22di%22:749,%22ds%22:857,%22de%22:880,%22dc%22:1134,%22l%22:1134,%22le%22:1141%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&jsonp=NREUM.setToken
162.247.241.14200 OK 77 B URL HTTP/1.1 bam.nr-data.net/1/017cf77fef?a=33598753&v=1071.385e752&to=YAFQY0VZWkFTAUcPX1lLYUdFUVpVcQ1dEkJYCF5SRRdhYXcwE053cjAb&rst=1294&ref=http://jeranit.be/tmp/92.16.217.1494628/verificando/info/&ap=5&be=578&fe=1135&dc=858&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1670831651342,%22n%22:0,%22r%22:-5,%22re%22:281,%22f%22:281,%22dn%22:281,%22dne%22:281,%22c%22:281,%22ce%22:281,%22rq%22:290,%22rp%22:325,%22rpe%22:326,%22dl%22:387,%22di%22:749,%22ds%22:857,%22de%22:880,%22dc%22:1134,%22l%22:1134,%22le%22:1141%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash f1442f5831dbbe0210da2d7a4180d6b8
2ade23c6c7a001c66f0c0a9a101ec152747b434e
c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
GET /1/017cf77fef?a=33598753&v=1071.385e752&to=YAFQY0VZWkFTAUcPX1lLYUdFUVpVcQ1dEkJYCF5SRRdhYXcwE053cjAb&rst=1294&ref=http://jeranit.be/tmp/92.16.217.1494628/verificando/info/&ap=5&be=578&fe=1135&dc=858&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1670831651342,%22n%22:0,%22r%22:-5,%22re%22:281,%22f%22:281,%22dn%22:281,%22dne%22:281,%22c%22:281,%22ce%22:281,%22rq%22:290,%22rp%22:325,%22rpe%22:326,%22dl%22:387,%22di%22:749,%22ds%22:857,%22de%22:880,%22dc%22:1134,%22l%22:1134,%22le%22:1141%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jeranit.be/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 07:54:14 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7784e410bc931c16-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=2ae6ce3516402b9d; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16952
Expires: Mon, 12 Dec 2022 12:36:47 GMT
Date: Mon, 12 Dec 2022 07:54:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16952
Expires: Mon, 12 Dec 2022 12:36:47 GMT
Date: Mon, 12 Dec 2022 07:54:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16952
Expires: Mon, 12 Dec 2022 12:36:47 GMT
Date: Mon, 12 Dec 2022 07:54:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16952
Expires: Mon, 12 Dec 2022 12:36:47 GMT
Date: Mon, 12 Dec 2022 07:54:15 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcded97a1-bc2d-405f-b231-35f5af035463.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcded97a1-bc2d-405f-b231-35f5af035463.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 75dd1ecae61b991cd21929deb9244aac
4f14c9f7b36dfa356877251f1e6a0f5936286c4b
3435eda8961bb9954fcf5fd7c957ce58fd7aa4bb9e00525b8f42756adcf341e7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcded97a1-bc2d-405f-b231-35f5af035463.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6438
x-amzn-requestid: 517b1627-9789-48e8-b5df-106fee878820
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAENaGN6IAMFoUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964d88-28cbd126745e8ab15d937936;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:37:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: amWbF9zOStURk7mvKoCOs0babDMecP7hOWzf4Hrn8RGThFiqv-_elg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 21:59:55 GMT
age: 35660
etag: "4f14c9f7b36dfa356877251f1e6a0f5936286c4b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4418c2ea-4d6b-42e4-b986-77cd48499c65.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4418c2ea-4d6b-42e4-b986-77cd48499c65.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 665db2974528174adf4da45c9e4b15c5
bc5da80d2b23ecd8cb1dc0f343cd70cac5229f93
6ac19de84424ab4d05b265c486d04e060b961c5acc566265d63639e8f3e9bac3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4418c2ea-4d6b-42e4-b986-77cd48499c65.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8894
x-amzn-requestid: 6c1e691c-7512-45af-a72f-640c769e4e18
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAENuHSGoAMFdJQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964d8a-57aef859427d9cca66bb2799;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: WarTF-L4qx_MgfnGaoVBnOe4PIKxCRjqgWdVg0ZhEeMsEaxMNBMDRg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 21:57:39 GMT
etag: "bc5da80d2b23ecd8cb1dc0f343cd70cac5229f93"
content-type: image/jpeg
age: 35796
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5d9c5ff-aaa2-4c2a-ab2b-661f84126bf7.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5d9c5ff-aaa2-4c2a-ab2b-661f84126bf7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 86bce3d677c0dd541440ebf38920020d
f11e21b6ad97e07b1d7103ad40a2e158e06fda73
9e23bc16cd1402d9124ebb9e625a5580f677ca9e008d3e04dc95080072fd1df4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5d9c5ff-aaa2-4c2a-ab2b-661f84126bf7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7104
x-amzn-requestid: b1117224-be51-4e21-8b3b-01e5485f0af0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAD2yH4loAMFuWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964cf8-1382e1a6710239ec629eedb8;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:34:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: A--8wjYJWCj_JD6eaj3FoD0dLarj6gvH2uQrmsEDLgPwZdQgtUmaoA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 21:57:39 GMT
etag: "f11e21b6ad97e07b1d7103ad40a2e158e06fda73"
content-type: image/jpeg
age: 35796
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb6bca12a-103c-4b98-a218-27a61f8d6951.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb6bca12a-103c-4b98-a218-27a61f8d6951.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2020df3404a4b7c3e142af4a1330b848
2fe69b52fe03128e86550bf08474ecac82682384
37a52c158d5cfdf3589e19163cf446c02ce1466f444656080b02da82d2bcefae
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb6bca12a-103c-4b98-a218-27a61f8d6951.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6311
x-amzn-requestid: 46ccaee0-bde8-4be6-9dc8-46e3ae356dc8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c8xUYH10oAMF8Ig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6394fc1b-2440251f06cb950a57489555;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 21:37:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bgmOsF49y9d_oDWjQxm7toxsydgt9HBKZunUbe-BZfSmdfJ7q0Jo3A==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 21:52:33 GMT
age: 36102
etag: "2fe69b52fe03128e86550bf08474ecac82682384"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a765cd8-d4ff-441c-a948-f6a223fa2b0b.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a765cd8-d4ff-441c-a948-f6a223fa2b0b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 38876d760ef06c8471468c474c1e28a7
d43cd03d5eb3e7618b6fb70c935010c2ac92ad32
a0747f29eb6084eef42d3c247594973b02c619c7ec56b6137e24b6d0362557a0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a765cd8-d4ff-441c-a948-f6a223fa2b0b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4720
x-amzn-requestid: dd990fe1-8447-403e-b276-40889af5baa0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAENuF6SoAMF7oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964d8a-59b5a8f92ef6111e64e16079;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SBYH2ZqOyZx6tB8u3g3dkimaCUGSWAMQhULpYs4gWrmZ6i3_1Br_zQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 21:57:39 GMT
etag: "d43cd03d5eb3e7618b6fb70c935010c2ac92ad32"
content-type: image/jpeg
age: 35796
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc57568b-de5b-4cc8-9e29-a57a302df9b6.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc57568b-de5b-4cc8-9e29-a57a302df9b6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9f8d3e3c9e5d2ed74c3894b4825fcc2f
6bbd19dbf5112b5c52a1ccbfff3c9d7d0ab030da
9e44f93e65206ae7095cf9177296f4f528f1c2597cffa4853b7d6dcabf032796
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc57568b-de5b-4cc8-9e29-a57a302df9b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5619
x-amzn-requestid: df7189d2-5cad-43a2-9511-20c5de53f710
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAEMPFCSIAMF4uA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964d81-729683c606fd6abc5bc70534;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:37:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: kbfjvh64NjCUE-e-3z7W58vyJMisRwERUV_W99jn3vrErY4bF1SFsg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 21:58:39 GMT
etag: "6bbd19dbf5112b5c52a1ccbfff3c9d7d0ab030da"
content-type: image/jpeg
age: 35736
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2