Overview

URL gloomyunfinisheddivisor.juanperez109.repl.co/online/login24b8.html
IP34.149.204.188
ASNGOOGLE
Location United States
Report completed2022-09-14 21:52:18 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish
Scan Date Severity Indicator Comment
2022-09-14 2 gloomyunfinisheddivisor.juanperez109.repl.co/online/login24b8.html Banco Galicia
2022-09-14 2 gloomyunfinisheddivisor.juanperez109.repl.co/online/login24b8.html Banco Galicia
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-14 2 gloomyunfinisheddivisor.juanperez109.repl.co/online/login24b8.html Phishing
2022-09-14 2 gloomyunfinisheddivisor.juanperez109.repl.co/online/login24b8.html Phishing
2022-09-14 2 gloomyunfinisheddivisor.juanperez109.repl.co/online/Content/Keyboard/keyboa (...) Phishing
2022-09-14 2 gloomyunfinisheddivisor.juanperez109.repl.co/online/logo.svg Phishing
2022-09-14 2 gloomyunfinisheddivisor.juanperez109.repl.co/online/Scripts/FrontFunctions. (...) Phishing
2022-09-14 2 gloomyunfinisheddivisor.juanperez109.repl.co/online/Content/bootstrap.min17 (...) Phishing
2022-09-14 2 gloomyunfinisheddivisor.juanperez109.repl.co/online/Scripts/Keyboard/keyboard.js Phishing
2022-09-14 2 gloomyunfinisheddivisor.juanperez109.repl.co/online/Scripts/Keyboard/polyfill.js Phishing
2022-09-14 2 gloomyunfinisheddivisor.juanperez109.repl.co/assets.adobedtm.com/87fc8b53a8 (...) Phishing
2022-09-14 2 gloomyunfinisheddivisor.juanperez109.repl.co/online/Scripts/Keyboard/simple (...) Phishing
2022-09-14 2 gloomyunfinisheddivisor.juanperez109.repl.co/online/bundles/sharedout3c32?v (...) Phishing
2022-09-14 2 gloomyunfinisheddivisor.juanperez109.repl.co/online/Content/default.min2cc7 (...) Phishing
2022-09-14 2 gloomyunfinisheddivisor.juanperez109.repl.co/online/Content/logo.svg Phishing
2022-09-14 2 gloomyunfinisheddivisor.juanperez109.repl.co/online/Content/fonts/Inter-Reg (...) Phishing
2022-09-14 2 gloomyunfinisheddivisor.juanperez109.repl.co/online/Content/fonts/fontaweso (...) Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (10)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-09-14 04:47:59 UTC 23.36.76.226
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-14 04:47:55 UTC 143.204.55.110
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-14 04:48:23 UTC 35.165.143.157
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-14 12:35:36 UTC 34.120.237.76
mnemonic passive DNS detectca.easysol.net (2) 60033 2012-08-17 16:57:34 UTC 2022-09-13 02:07:49 UTC 107.23.44.14
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-09-14 18:38:37 UTC 143.204.55.36
mnemonic passive DNS gloomyunfinisheddivisor.juanperez109.repl.co (23) 0 2022-09-14 01:42:53 UTC 2022-09-14 15:42:27 UTC 34.149.204.188 Unknown ranking
mnemonic passive DNS ocsp.digicert.com (4) 86 2012-05-21 07:02:23 UTC 2022-09-14 18:30:48 UTC 93.184.220.29
mnemonic passive DNS sifo.bancogalicia.com.ar (3) 778628 2017-06-08 06:32:18 UTC 2022-08-23 06:52:10 UTC 52.44.182.201
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-14 04:48:22 UTC 34.117.237.239


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 34.149.204.188

Date UQ / IDS / BL URL IP
2022-12-03 04:54:36 +0000
5 - 0 - 7 equipodeseguridadoutlook-1.solicitarcancel.re (...) 34.149.204.188
2022-12-03 04:38:17 +0000
0 - 0 - 2 07cddb43-e469-4ea8-b0a6-be49142f60c8.id.repl. (...) 34.149.204.188
2022-12-03 04:13:37 +0000
0 - 0 - 14 servicodevalidacion.revisar.repl.co/ 34.149.204.188
2022-12-03 04:04:39 +0000
26 - 0 - 18 bancolombia.corbuenoss.repl.co/ 34.149.204.188
2022-12-03 03:56:38 +0000
0 - 0 - 2 b65753ef-e7b3-49b2-ac10-b3620b8f886e.id.repl.co/ 34.149.204.188

Last 5 reports on ASN: GOOGLE

Date UQ / IDS / BL URL IP
2022-12-03 09:33:06 +0000
0 - 0 - 2 fiberhaber.blogspot.com/2013/02/yoneticiye-kz (...) 142.250.74.161
2022-12-03 09:30:23 +0000
0 - 0 - 59 www.newsandpromotions.com/tracking/8461 34.117.221.220
2022-12-03 09:26:19 +0000
0 - 0 - 3 georgiatechhts.blogspot.ru/search/label/civil (...) 172.217.21.161
2022-12-03 09:18:54 +0000
0 - 0 - 3 slumberlandsmd1.blogspot.ru/ 172.217.21.161
2022-12-03 09:16:30 +0000
0 - 0 - 1 49celcius.blogspot.com/search/label/Quick?m=1 172.217.21.161

Last 3 reports on domain: juanperez109.repl.co

Date UQ / IDS / BL URL IP
2022-10-16 05:31:54 +0000
0 - 0 - 17 darlingtruebyte.juanperez109.repl.co/ 34.149.204.188
2022-09-14 23:50:56 +0000
0 - 0 - 17 gloomyunfinisheddivisor.juanperez109.repl.co/ (...) 34.149.204.188
2022-09-14 21:52:18 +0000
0 - 0 - 17 gloomyunfinisheddivisor.juanperez109.repl.co/ (...) 34.149.204.188

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-12-03 07:53:40 +0000
0 - 0 - 3 www.catus.click/07ukmcRFwAge2KqZSC3dQSFEv8/ 159.223.207.102
2022-12-03 07:46:26 +0000
0 - 0 - 1 petfinder.co/ 192.99.158.243
2022-12-03 07:25:26 +0000
0 - 0 - 13 demo2.cloudwp.dev/trial-8t506179/pagomente 151.139.128.10
2022-12-03 06:54:51 +0000
0 - 0 - 1 for.first-prize.click/ASIA-Server/TW/7eleven- (...) 104.21.32.4
2022-12-03 06:45:39 +0000
0 - 0 - 1 bancoestado.home.cl.cpnsbimbel.com/process.as (...) 51.81.66.153


JavaScript

Executed Scripts (14)


Executed Evals (2)

#1 JavaScript::Eval (size: 36, repeated: 1) - SHA256: 3a432892366ff54070e907455807f9f5f767ccaa664a1164fa862e6dccc38398

                                        dca = document.createElement('script')
                                    

#2 JavaScript::Eval (size: 44, repeated: 1) - SHA256: 1260373596fccab9f78ef49644de6a84937c8dc65de99f5ff1c273ec30de4327

                                        s = document.getElementsByTagName('script')[0]
                                    

Executed Writes (0)



HTTP Transactions (49)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 14 Sep 2022 20:59:23 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: iHYWM9YY5_Za4KI3Ix6hpAhU1dymZWEU94lEOQZ74kEgP2NyFmoyXg==
Age: 3164


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    b593eb39329cfe060d55be5e4a5405e2
Sha1:   78e46c1028e9f94f8569303ad2d90d7df13a059a
Sha256: 08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9028
Expires: Thu, 15 Sep 2022 00:22:35 GMT
Date: Wed, 14 Sep 2022 21:52:07 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.110
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 14 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: uYHgTyzEKN0QW9srREZ59Cec84AYuUumkRvHgF9SiSdZBy7awc4lCQ==
age: 62212
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    742edb4038f38bc533514982f3d2e861
Sha1:   cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 14 Sep 2022 21:52:07 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /online/login24b8.html HTTP/1.1 
Host: gloomyunfinisheddivisor.juanperez109.repl.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         34.149.204.188
HTTP/1.1 308 Permanent Redirect
Content-Type: text/html; charset=utf-8
                                        
Location: https://gloomyunfinisheddivisor.juanperez109.repl.co/online/login24b8.html
Replit-Cluster: global
Date: Wed, 14 Sep 2022 21:52:07 GMT
Content-Length: 110
Via: 1.1 google


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   110
Md5:    87bd770114d093d7490de82bc8ffaa71
Sha1:   de030e7f824ab34c82683969cf3c672b268eebc7
Sha256: 9143f8926dfe9dec751cbe3c44b6f77d6404bb066a285e665e93788dd81c33a9

Alerts:
  Blocklists:
    - openphish: Banco Galicia
    - fortinet: Phishing
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 14 Sep 2022 21:03:22 GMT
Cache-Control: max-age=3600
Expires: Wed, 14 Sep 2022 21:10:49 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: yajwRXWnyK9RShJpVQSSFzGU04FWqCCcHII3t-iN9ngr1tUWrnaHKQ==
Age: 2925


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A6DA84B85E47FB60AF9CE6B66FF9950604D0C0F26E1C3B187EC5619623FD2A04"
Last-Modified: Wed, 14 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 15 Sep 2022 03:52:08 GMT
Date: Wed, 14 Sep 2022 21:52:08 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6279
Cache-Control: 'max-age=158059'
Date: Wed, 14 Sep 2022 21:52:08 GMT
Last-Modified: Wed, 14 Sep 2022 20:07:29 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: crCqi2V9PolENXoE2aeeLw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         35.165.143.157
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: d794AeWnfjAfMOvzYjScgcx/Rx8=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A4F07D30F29E785E2EE605AEE590AB928C3E1412F4DC61FF163CF32445CC3AF4"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9602
Expires: Thu, 15 Sep 2022 00:32:11 GMT
Date: Wed, 14 Sep 2022 21:52:09 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A4F07D30F29E785E2EE605AEE590AB928C3E1412F4DC61FF163CF32445CC3AF4"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9602
Expires: Thu, 15 Sep 2022 00:32:11 GMT
Date: Wed, 14 Sep 2022 21:52:09 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A4F07D30F29E785E2EE605AEE590AB928C3E1412F4DC61FF163CF32445CC3AF4"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9602
Expires: Thu, 15 Sep 2022 00:32:11 GMT
Date: Wed, 14 Sep 2022 21:52:09 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A4F07D30F29E785E2EE605AEE590AB928C3E1412F4DC61FF163CF32445CC3AF4"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9602
Expires: Thu, 15 Sep 2022 00:32:11 GMT
Date: Wed, 14 Sep 2022 21:52:09 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e9a2626-acb3-4c73-9ff9-e09ad82d489e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8447
x-amzn-requestid: 3237c2fa-bc17-4b8d-8afd-bacfaa90ca71
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X7FypF7KIAMFd7A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63145010-7052273b184685c83569c712;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 07:13:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: wzi_WnjJW5XjIfj8kyVL4LcQEjcuw1_zwrDiJegEZ2r8GOZcQahPEw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:46:45 GMT
age: 324
etag: "14131148fda4e8d85b582fd20e76bcc814341bf1"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8447
Md5:    5a6939786c9343412c9af87efd3f44e0
Sha1:   14131148fda4e8d85b582fd20e76bcc814341bf1
Sha256: 8412c50f0fdc131d9c4422f2d7307fc1ee062c3580a1d754ef71cf84f9727d49
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafb10f81-8409-401c-bd62-3ec01954600c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6770
x-amzn-requestid: b7c9513c-b8ba-41c7-9f9a-0a9d2266172d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X7FlpEVRIAMFygA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63144fbd-7a4408363cdc46c9355a9f47;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: fqj5PljprRruE1jwYAVwKoHkjys-RakUjzuV67_Ued6T4et99JPxPg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:45:05 GMT
age: 424
etag: "f6b742549ea35a4b1345cffb937a8bbcceee08ef"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6770
Md5:    2e5f57ba37fac4e6047a9a321a8ec084
Sha1:   f6b742549ea35a4b1345cffb937a8bbcceee08ef
Sha256: f8c67c54806e47089b9ba297599e3e4cde1fd2e2e38b76acc9e8de0e99d7b77e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc482abf3-9a0f-40ae-8d4b-c95977ab3e5f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9630
x-amzn-requestid: c48fade7-f2d1-480e-a411-9bfd080b4b92
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YXwx8Fe-oAMFtiQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631fc80c-20c8930c7269503e6195fe72;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 00:00:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: bFdVw0FZgpuFUOM1MQPSvXByye8bqcrEXDc6O3rFwQKgUOvLxoT7Xg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:46:22 GMT
age: 79183
etag: "fb0078b3be78ca41f46c102148b9e801cfacba8e"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9630
Md5:    ebe7a0235de91cc1bf4cc6baecbf43f5
Sha1:   fb0078b3be78ca41f46c102148b9e801cfacba8e
Sha256: 6b35ef88d4ca58338480a87d0b0143fc4e1885427735d5ea48ba6e99aa882678
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e20bf1d-c24c-4dc0-9796-f2f870591ff2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6484
x-amzn-requestid: cefd7270-c8ca-4ced-b9bd-52353fbefa5a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YBIIUHOZIAMF9wQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6316ba35-7d4c4c53090c83ea3fadbf4e;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 03:10:45 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: V0CJvbFSNJT2eHVOeCkdZNStr6eZg3EO0YTNyTUsmiirYMm9gfzBKg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:46:45 GMT
age: 324
etag: "098d000aebd7ba0637fe420b9dfdacd2146af240"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6484
Md5:    cb7c9c7f4257ab79526157f3ba507d6e
Sha1:   098d000aebd7ba0637fe420b9dfdacd2146af240
Sha256: 74fd95bcffcaf6919e8bca4184978340bef089528f9d184e7d88e1fd4c83288b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faa0051cf-bacd-445a-a6c3-6e5be807c94d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9773
x-amzn-requestid: a66002a7-8621-4e8c-ba24-ca935485c6ea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeBrlH7vIAMFz8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322497d-05c3244840ad5aba14217936;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 21:37:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: lDemHpZRnewiVzefg9awBl9gxMBK2owZTV00EDzHLn4kbHa0tyINeg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:45:05 GMT
age: 424
etag: "35417f27e4529b172aff7581d25ef8de26158a6c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9773
Md5:    a29b48f8601db6bee0408f77ef7e1810
Sha1:   35417f27e4529b172aff7581d25ef8de26158a6c
Sha256: 37f2b7accb42719f1f2c25d371691aaed05160bbb40d4941da2650adc12be316
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5392f754-e2f9-4a41-bd41-e281b109c83d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5097
x-amzn-requestid: 7d0072f1-0832-4b01-9f5a-081c7d193420
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YaGbEGDiIAMFqGw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320b779-2ee57a3e5641f70c00116156;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 17:01:45 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5TMIu7RzFcpyWKH_HSAd4LDal3PFMAa37n0SVEVDFGyz5RJeqJq5Rw==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:46:45 GMT
age: 324
etag: "96afd6daa0d13f8a05ceb77880f967d539f37702"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5097
Md5:    6fcd0641757ecb9061e0272fc9377b8a
Sha1:   96afd6daa0d13f8a05ceb77880f967d539f37702
Sha256: 8af5e3c3e524a5e3661e50a36403a5cc6c95521e77984ce954ceefd5a542abfc
                                        
                                            GET /online/login24b8.html HTTP/1.1 
Host: gloomyunfinisheddivisor.juanperez109.repl.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         34.149.204.188
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Wed, 14 Sep 2022 21:52:13 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7699316; includeSubDomains
content-length: 65833
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (18845)
Size:   65833
Md5:    30dc2a6683e561b792cda7419d1c7582
Sha1:   740702c8a74276dd99db50d3ef8cdbb486c334f1
Sha256: bc62558d3d6a8ccd3b118c9e8a7dc8fcda5dc3b4ea361d14deea71377c4f3d1f

Alerts:
  Blocklists:
    - openphish: Banco Galicia
    - fortinet: Phishing
                                        
                                            GET /online/Content/Keyboard/keyboard9862.css?v=637945410729640000 HTTP/1.1 
Host: gloomyunfinisheddivisor.juanperez109.repl.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloomyunfinisheddivisor.juanperez109.repl.co/online/login24b8.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         34.149.204.188
HTTP/2 200 OK
content-type: text/css; charset=UTF-8
                                        
date: Wed, 14 Sep 2022 21:52:13 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7699311; includeSubDomains
content-length: 492
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   492
Md5:    cde47bbdcc48b7a1883bfa6ff9461e1b
Sha1:   df0ffcc2e83ba3da25ffdb9e4dfe70165e1f34a8
Sha256: 612a237e8ee113c28afb5b58bce39eed244dc31b6d2127b45da334edca204b85

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /online/Content/Keyboard/simple-keyboarddb0a.css?v=637945410729650000 HTTP/1.1 
Host: gloomyunfinisheddivisor.juanperez109.repl.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloomyunfinisheddivisor.juanperez109.repl.co/online/login24b8.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         34.149.204.188
HTTP/2 200 OK
content-type: text/css; charset=UTF-8
                                        
date: Wed, 14 Sep 2022 21:52:13 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7699311; includeSubDomains
content-length: 2790
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   2790
Md5:    7ac8b1ce1d4560506b4ddaace5546637
Sha1:   ec9cf772f643b3583aa07012f94715a4c55c22ed
Sha256: c46e9d5b86e7a9c0405f4edb56d1f7f8a4a463dca80ff9b99b916da39064a233
                                        
                                            GET /online/Content/customcarousel.minf971.css?v=637945410727810000 HTTP/1.1 
Host: gloomyunfinisheddivisor.juanperez109.repl.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloomyunfinisheddivisor.juanperez109.repl.co/online/login24b8.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         34.149.204.188
HTTP/2 200 OK
content-type: text/css; charset=UTF-8
                                        
date: Wed, 14 Sep 2022 21:52:13 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7699311; includeSubDomains
content-length: 1949
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1920)
Size:   1949
Md5:    507cddc424365cfc443858856b1747fa
Sha1:   74f55054e13021d5b5c6331778e42dc42c80d6d4
Sha256: f397778bb003ff2d647f5d7d90050f9b50f43622fb02637c8537f159f460bbad
                                        
                                            GET /online/bundles/seguloginclientless21b1?v=9ZoP9ZFYiPx6cKccgyoSkhtYxZ89MVu0hcQrXZ7YUtM1 HTTP/1.1 
Host: gloomyunfinisheddivisor.juanperez109.repl.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloomyunfinisheddivisor.juanperez109.repl.co/online/login24b8.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         34.149.204.188
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
date: Wed, 14 Sep 2022 21:52:13 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7699311; includeSubDomains
content-length: 436
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (436), with no line terminators
Size:   436
Md5:    b5b11848c082822cdadac05e9f169809
Sha1:   d4373a43ca4cc74d1e3a9a1da6fc1c61853c38c1
Sha256: b8f28cd9cc6257cdefca49414abb41ad8eabfaf681b33663da840e88d72ebfbd
                                        
                                            GET /online/bundles/seguloginborders85dc?v=GEgi_2YCCdJcWit_704ESvjq-n4qBXwbOONJ0vLJ0j01 HTTP/1.1 
Host: gloomyunfinisheddivisor.juanperez109.repl.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloomyunfinisheddivisor.juanperez109.repl.co/online/login24b8.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         34.149.204.188
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
date: Wed, 14 Sep 2022 21:52:13 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7699311; includeSubDomains
content-length: 651
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (651), with no line terminators
Size:   651
Md5:    972ec8df496b03ff74dca5a0f72e21c5
Sha1:   bc7837d85c544fd47a87ab6a4b2929e35a36f4be
Sha256: c714daca086c41b0915c1eb7cdfc38696582eba1d6a0259e2fec643e84728be6
                                        
                                            GET /online/logo.svg HTTP/1.1 
Host: gloomyunfinisheddivisor.juanperez109.repl.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloomyunfinisheddivisor.juanperez109.repl.co/online/login24b8.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         34.149.204.188
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 14 Sep 2022 21:52:13 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7699311; includeSubDomains
content-length: 5199
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   5199
Md5:    8a2cc43860537affd5c0a21c0f111f32
Sha1:   ccf94df7487d8132a3c5ce7657810d52ce7fbd8c
Sha256: b4ff0e55e735bcecbe65b3d851306ed458d3ef865d108b74dbc107ead609a17a

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /online/Scripts/FrontFunctions.min15cc.js?v=637945410726950000 HTTP/1.1 
Host: gloomyunfinisheddivisor.juanperez109.repl.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloomyunfinisheddivisor.juanperez109.repl.co/online/login24b8.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         34.149.204.188
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 14 Sep 2022 21:52:13 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7699311; includeSubDomains
content-length: 28367
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (28360), with no line terminators
Size:   28367
Md5:    5bc5d136b360c62c02758fe9d962c6d9
Sha1:   df943c76f1da2e164f98d6d538d32ef5b767d9a0
Sha256: 3f961962dc4471c881dd809308411177f1201cc7cb7691b24c9bd66bcfde5722

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /online/Content/bootstrap.min1750.css?v=637945410727690000 HTTP/1.1 
Host: gloomyunfinisheddivisor.juanperez109.repl.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloomyunfinisheddivisor.juanperez109.repl.co/online/login24b8.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         34.149.204.188
HTTP/2 200 OK
content-type: text/css; charset=UTF-8
                                        
date: Wed, 14 Sep 2022 21:52:13 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7699311; includeSubDomains
content-length: 123759
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65371)
Size:   123759
Md5:    ee5a93e25028dd60f2f771e22dcedd36
Sha1:   68035921b542ffa082397f664a316401e6cd3b14
Sha256: 842ecd7fb6b4d5c497f50da917974a93eeb82406868507fb185d3de51add9288

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /online/Scripts/Keyboard/keyboard.js HTTP/1.1 
Host: gloomyunfinisheddivisor.juanperez109.repl.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloomyunfinisheddivisor.juanperez109.repl.co/online/login24b8.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         34.149.204.188
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 14 Sep 2022 21:52:13 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7699311; includeSubDomains
content-length: 6027
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   6027
Md5:    61a390c5be9c10894a2e048cd4921f89
Sha1:   b2e7cf642f37bfedc110e7710a802cec65666f80
Sha256: 1c58f92f9596b6dd2a8c87f36410923e9c496f4dd5ecd597e637f4bdc0802aae

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /online/Scripts/Keyboard/polyfill.js HTTP/1.1 
Host: gloomyunfinisheddivisor.juanperez109.repl.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloomyunfinisheddivisor.juanperez109.repl.co/online/login24b8.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         34.149.204.188
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 14 Sep 2022 21:52:13 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7699311; includeSubDomains
content-length: 1730
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   1730
Md5:    af084dc0816f1bafc0e08b0eba1e6f0c
Sha1:   b0bf7cd46e0ef578d6a1a0414e0f139b5150f023
Sha256: fcfddb3e6fe7aea078fdb1ca5a04a69d5bc5f592d5918266079b35f15eda3ddf

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /assets.adobedtm.com/87fc8b53a8b1/118d2b304f55/launch-121f57795303.min.js HTTP/1.1 
Host: gloomyunfinisheddivisor.juanperez109.repl.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloomyunfinisheddivisor.juanperez109.repl.co/online/login24b8.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         34.149.204.188
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 14 Sep 2022 21:52:13 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7699311; includeSubDomains
content-length: 276746
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32771)
Size:   276746
Md5:    4748fa5d887666660b9996d329962da6
Sha1:   135659f5adabde9c9d03805a9bca80388d69ef96
Sha256: bae68ef70c156567ddee0ef567911e2add35f5a1cbac345f08602767447ad5dc

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /online/Scripts/Keyboard/simple-keyboard.min.js HTTP/1.1 
Host: gloomyunfinisheddivisor.juanperez109.repl.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloomyunfinisheddivisor.juanperez109.repl.co/online/login24b8.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         34.149.204.188
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 14 Sep 2022 21:52:13 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7699311; includeSubDomains
content-length: 20207
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (19664)
Size:   20207
Md5:    2fff5b9cd34cce9b9c854a0235bade78
Sha1:   69d930b472f4866648e3d387bdd58311920eea19
Sha256: d4c188569ffbc2be5b08bb39ac400654b41bce116782a6a598ae932ed4340a6d

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /online/bundles/sharedout3c32?v=yUVXBWmo0YLvqtcuMIP0Y22eKqXQ2dPOQceK5neEn3Q1 HTTP/1.1 
Host: gloomyunfinisheddivisor.juanperez109.repl.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloomyunfinisheddivisor.juanperez109.repl.co/online/login24b8.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         34.149.204.188
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
date: Wed, 14 Sep 2022 21:52:13 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7699311; includeSubDomains
content-length: 386613
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65435), with no line terminators
Size:   386613
Md5:    9861fa51e74a108f05a388c4bc7547ec
Sha1:   6227ce8903aafc40485e4adda69f945bcd25ed4e
Sha256: c4145a9e8ffd7f6e600cb97e9d5b54488499fec84e99b147ee7c48d171314395

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /online/Content/default.min2cc7.css?v=637945410953580000 HTTP/1.1 
Host: gloomyunfinisheddivisor.juanperez109.repl.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloomyunfinisheddivisor.juanperez109.repl.co/online/login24b8.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         34.149.204.188
HTTP/2 200 OK
content-type: text/css; charset=UTF-8
                                        
date: Wed, 14 Sep 2022 21:52:13 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7699311; includeSubDomains
content-length: 1241767
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   1241767
Md5:    5e5aab1ac6b4a0d9bf72bc0c184cfb16
Sha1:   812fbabf9ce33dd65858ac1aad51eda87c9328ad
Sha256: 1434d011d8437ad6e922c6c12383a4059c91bef18eb20eae48711d890ca96cdd

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /online/101-African-Woman-Sofia-Freixas.png HTTP/1.1 
Host: gloomyunfinisheddivisor.juanperez109.repl.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloomyunfinisheddivisor.juanperez109.repl.co/online/login24b8.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         34.149.204.188
HTTP/2 200 OK
content-type: image/png
                                        
date: Wed, 14 Sep 2022 21:52:13 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7699311; includeSubDomains
content-length: 1157365
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 4167 x 5455, 8-bit/color RGBA, non-interlaced\012- data
Size:   1157365
Md5:    0e9f02566b19b413097e779999efdfd8
Sha1:   13c8b1a0b6ae46326eb5be06afc04507f961333b
Sha256: 68fb68b2c2db579fa00e3f65d5280af2eadc0be016279216fd3cd848548b9495
                                        
                                            GET /www.googletagmanager.com/gtm5445.html?id=GTM-M6B9RZQ&gtm_auth=TiByp1Z92r_vHHqYjmr5yQ&gtm_preview=env-6&gtm_cookies_win=x HTTP/1.1 
Host: gloomyunfinisheddivisor.juanperez109.repl.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloomyunfinisheddivisor.juanperez109.repl.co/online/login24b8.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         34.149.204.188
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
date: Wed, 14 Sep 2022 21:52:14 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7699310; includeSubDomains
content-length: 665
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   665
Md5:    3c79be4d907f8bbf877160eb0097da5a
Sha1:   219d715eaa62bc478f727f5ca26f30f1a3193a70
Sha256: a3eb2edd9d711d8ef99faeadfd70c4327ce73976a6bb72a20fa650d525dc9d7e
                                        
                                            GET /online/Content/logo.svg HTTP/1.1 
Host: gloomyunfinisheddivisor.juanperez109.repl.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloomyunfinisheddivisor.juanperez109.repl.co/online/Content/default.min2cc7.css?v=637945410953580000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         34.149.204.188
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
date: Wed, 14 Sep 2022 21:52:14 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7699310; includeSubDomains
content-length: 556
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   556
Md5:    bdfbadd225383b28d235463b3ef41204
Sha1:   9cab9fcbcd036cbebc5ee3b04bd5b8782ed04019
Sha256: 20f34eb3faddc72bab31973a0f53f06b7146a34f2af6ac95fbe909807ab3c6c5

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /online/Content/fonts/Inter-Regular.woff2 HTTP/1.1 
Host: gloomyunfinisheddivisor.juanperez109.repl.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://gloomyunfinisheddivisor.juanperez109.repl.co/online/Content/default.min2cc7.css?v=637945410953580000
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         34.149.204.188
HTTP/2 200 OK
content-type: font/woff2
                                        
date: Wed, 14 Sep 2022 21:52:14 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7699310; includeSubDomains
content-length: 89212
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 89212, version 1.0\012- data
Size:   89212
Md5:    bffaed793493dc46bf0789e2275909ac
Sha1:   21178040c070176c06653b76d42b1e19810c2df0
Sha256: 77ca56870309a85759fb7116aef2119a26e358145e808868543ca1fe16c27720

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Cache-Control: 'max-age=158059'
Date: Wed, 14 Sep 2022 21:52:14 GMT
Server: ECS (amb/6BC5)
Content-Length: 471

                                        
                                            GET /online/Content/fonts/fontawesome-webfont.woff2 HTTP/1.1 
Host: gloomyunfinisheddivisor.juanperez109.repl.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://gloomyunfinisheddivisor.juanperez109.repl.co/online/Content/default.min2cc7.css?v=637945410953580000
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         34.149.204.188
HTTP/2 200 OK
content-type: font/woff2
                                        
date: Wed, 14 Sep 2022 21:52:14 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7699310; includeSubDomains
content-length: 77160
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size:   77160
Md5:    af7ae505a9eed503f8b8e6982036873e
Sha1:   d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
Sha256: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3755
Cache-Control: 'max-age=158059'
Date: Wed, 14 Sep 2022 21:52:15 GMT
Last-Modified: Wed, 14 Sep 2022 20:49:41 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Cache-Control: 'max-age=158059'
Date: Wed, 14 Sep 2022 21:52:15 GMT
Server: ECS (amb/6B91)
Content-Length: 471

                                        
                                            GET /detectca/scripts/QjL8pgjJN3mpOxVuG7JxpI2OYsRMit/detect.js HTTP/1.1 
Host: detectca.easysol.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloomyunfinisheddivisor.juanperez109.repl.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         107.23.44.14
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Wed, 14 Sep 2022 21:52:15 GMT
Content-Length: 1644
Last-Modified: Tue, 24 Aug 2021 00:00:00 GMT
Connection: keep-alive
ETag: "61243680-66c"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (1644), with no line terminators
Size:   1644
Md5:    13e295586a7b0cdd3ed9f462ab05e955
Sha1:   ce2285a5ae57f033defcb01e9fe0613a7f41d468
Sha256: 207a3c20ebe9da7830c971ab74baf155b5b8802e596a5248094840ff03e7cd28
                                        
                                            GET /detectca/images/QjL8pgjJN3mpOxVuG7JxpI2OYsRMit/DetectCA.png?ua=Mozilla/5.0%20(X11;%20Linux%20x86_64;%20rv:96.0)%20Gecko/20100101%20Firefox/96.0&sr=1280%20x%201024&url=https://gloomyunfinisheddivisor.juanperez109.repl.co/online/login24b8.html&rf=&nc=0.3046340172127049 HTTP/1.1 
Host: detectca.easysol.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloomyunfinisheddivisor.juanperez109.repl.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         107.23.44.14
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Wed, 14 Sep 2022 21:52:15 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  PNG image data, 1 x 1, 8-bit/color RGB, non-interlaced\012- data
Size:   82
Md5:    ae11c9259e141875b33cbb6598aa1485
Sha1:   4d71dc1bd4621df68ee846fe3f9409606aabced4
Sha256: ca2613f315c93819ed7c4a14d44dcf8b041a71c5e032bd0aec9b399a6f4eb491
                                        
                                            GET /requestserver/script/v1/a6vf4k/login.js?clientId=4f610b72-bc0d-4cb6-9bca-9142006dfa61 HTTP/1.1 
Host: sifo.bancogalicia.com.ar
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloomyunfinisheddivisor.juanperez109.repl.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         52.44.182.201
HTTP/1.1 200
Content-Type: application/javascript
                                        
Date: Wed, 14 Sep 2022 21:52:15 GMT
Content-Length: 144850
Connection: keep-alive
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: no-referrer-when-downgrade
content-security-policy: script-src 'self'
permissions-policy: fullscreen=();microphone=();camera=();speaker=();
x-xss-protection: 1;mode=block
x-frame-options: DENY
x-content-type-options: nosniff


--- Additional Info ---
Magic:  Algol 68 source text\012- Pascal source, ASCII text, with very long lines (938)
Size:   144850
Md5:    c7d935c5a41c38edd0317d71dae89211
Sha1:   1fb8567e7e9b05014d7215c537ef1d1ffb9f456e
Sha256: a4f039d55c017c2138fdef69172f4911c79875035e953c907a0f4a473d04e701
                                        
                                            GET /online/Images/favicon.ico HTTP/1.1 
Host: gloomyunfinisheddivisor.juanperez109.repl.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloomyunfinisheddivisor.juanperez109.repl.co/online/login24b8.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         34.149.204.188
HTTP/2 200 OK
content-type: image/x-icon
                                        
date: Wed, 14 Sep 2022 21:52:15 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7699309; includeSubDomains
content-length: 1559
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size:   1559
Md5:    b700b544f2fa87e37e6b728fef00fcb0
Sha1:   c0735fa743392c2f3032c22d241854b88832cdb7
Sha256: f20a33fd40173f122bec15a105374059fb3ec612d51146485ed84ef0001f2f03
                                        
                                            GET /online/images/assets/logo_ios_152x152.png HTTP/1.1 
Host: gloomyunfinisheddivisor.juanperez109.repl.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloomyunfinisheddivisor.juanperez109.repl.co/online/login24b8.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         34.149.204.188
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
date: Wed, 14 Sep 2022 21:52:15 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7699309; includeSubDomains
content-length: 574
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   574
Md5:    e79db5759649e22088454014c86c8b99
Sha1:   2068f9abbb21e94e988a34a955def69792ca2cae
Sha256: 4d8e42e2c15b80181bf8b4ff246cd2d0751ec5631196baed5c21a9a2d67e7922
                                        
                                            OPTIONS /requestserver/rest/v1/pageFeatures?sessionId=x&clientId=4f610b72-bc0d-4cb6-9bca-9142006dfa61 HTTP/1.1 
Host: sifo.bancogalicia.com.ar
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://gloomyunfinisheddivisor.juanperez109.repl.co/
Origin: https://gloomyunfinisheddivisor.juanperez109.repl.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         52.44.182.201
HTTP/1.1 200
                                        
Date: Wed, 14 Sep 2022 21:52:15 GMT
Content-Length: 0
Connection: keep-alive
access-control-allow-credentials: true
access-control-allow-origin: https://gloomyunfinisheddivisor.juanperez109.repl.co
access-control-allow-methods: POST, OPTIONS
access-control-max-age: 3600
access-control-allow-headers: x-requested-with, content-type
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: no-referrer-when-downgrade
content-security-policy: script-src 'self'
permissions-policy: fullscreen=();microphone=();camera=();speaker=();
x-xss-protection: 1;mode=block
x-frame-options: DENY
x-content-type-options: nosniff

                                        
                                            POST /requestserver/rest/v1/pageFeatures?sessionId=x&clientId=4f610b72-bc0d-4cb6-9bca-9142006dfa61 HTTP/1.1 
Host: sifo.bancogalicia.com.ar
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 9486
Origin: https://gloomyunfinisheddivisor.juanperez109.repl.co
Connection: keep-alive
Referer: https://gloomyunfinisheddivisor.juanperez109.repl.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         52.44.182.201
HTTP/1.1 200
Content-Type: application/json
                                        
Date: Wed, 14 Sep 2022 21:52:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
access-control-allow-credentials: true
access-control-allow-origin: https://gloomyunfinisheddivisor.juanperez109.repl.co
access-control-allow-methods: POST, OPTIONS
access-control-max-age: 3600
access-control-allow-headers: x-requested-with, content-type
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
set-cookie: herok=28868608042xIzE4hyG9y1VgkTQWrOFMeTS1AKb9; Expires=Wed, 14-Sep-2022 22:22:16 GMT; SameSite=None; Secure kirby=28868608042xIzE4hyG9y1VgkTQWrOFMeTS1AKb9; SameSite=None; Secure
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: no-referrer-when-downgrade
content-security-policy: script-src 'self'
permissions-policy: fullscreen=();microphone=();camera=();speaker=();
x-xss-protection: 1;mode=block
x-frame-options: DENY
x-content-type-options: nosniff


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   115
Md5:    83fb6ee99babbcd33c8dc23feef1af1d
Sha1:   afba3c10566dee89925f0339ba6ae4d97204f280
Sha256: f3f1d5dfb937c503e650a2919b43ab219e3bc22345f34a1d99b4725f5877d4f4