firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 10 Sep 2022 22:07:02 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: sgA29TAMYkF4MQ0CkGOGfNRPplRkbmkYz2E4uNxJD3GUwtrWKvqcvw==
Age: 1527
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 76d5eb597558e3dee0d99719d17e71e0
f3a0f3932fa8059f27dc9422d523b938fa9a7d09
d16de6cc9eb0e1297f53dc1137bb764bf5c21a7727be32ad05afebd1fe9501ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5951
Expires: Sun, 11 Sep 2022 00:11:40 GMT
Date: Sat, 10 Sep 2022 22:32:29 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 10 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wicmntvU3bHquEoL81WH3KlkOdRtSqrucUi8aYEicO-EfY-8R0egHQ==
age: 54917
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d088acf324a8e4f039ff07cb4e60954b
b7f1093dab2b404f54046ec8c4e13cc36c6ede4c
12ae0990235687c8bbf2a3b4db5f5378cc0e5e8b97f4272a37e95341622ca07c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12AE0990235687C8BBF2A3B4DB5F5378CC0E5E8B97F4272A37E95341622CA07C"
Last-Modified: Fri, 09 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21520
Expires: Sun, 11 Sep 2022 04:31:09 GMT
Date: Sat, 10 Sep 2022 22:32:29 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 22:32:29 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
sadgssefeseses343262.safsasae.repl.co/index3.html
34.149.204.188200 OK 11 kB URL HTTP/2 sadgssefeseses343262.safsasae.repl.co/index3.html
IP 34.149.204.188:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5250)
Hash d9fd7d3c0dfbc970df89b29f7d233209
409138f15e5e8db6cbd398120752e6efc60cdea1
4471407e25a68c4e269e793be06604986fa2b4d593ec38081c552f578cfb2720
Analyzer Verdict Alert openphish Banco Ciudad
fortinet Phishing
GET /index3.html HTTP/1.1
Host: sadgssefeseses343262.safsasae.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Sat, 10 Sep 2022 22:32:29 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7673857; includeSubDomains
content-length: 11429
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 57b75ea93de540716c45f1397781431a
431cc2c684385c4e46facd7210b5ac49b9dd09cc
4581d7dd422dc110fa7cfe667297cdb75d92a02ce7226db6db89448befa5b780
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 22:32:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-5QM5P4Q
142.250.74.72200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-5QM5P4Q
IP 142.250.74.72:0
File type ASCII text, with very long lines (1615)
Hash 9f6b03e34d042351ae5b8ab519dafd42
8f9a21591a88588e28b51d08470ba1383dc285bd
d3c7736ac27305a47241c9d0488ff9f6cc31da6bd7d6c30a4f05fce997ba27b8
GET /gtm.js?id=GTM-5QM5P4Q HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadgssefeseses343262.safsasae.repl.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 10 Sep 2022 22:32:30 GMT
expires: Sat, 10 Sep 2022 22:32:30 GMT
cache-control: private, max-age=900
last-modified: Sat, 10 Sep 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43480
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 57b75ea93de540716c45f1397781431a
431cc2c684385c4e46facd7210b5ac49b9dd09cc
4581d7dd422dc110fa7cfe667297cdb75d92a02ce7226db6db89448befa5b780
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 22:32:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sat, 10 Sep 2022 21:56:07 GMT
Expires: Sat, 10 Sep 2022 22:12:09 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: GlGCojPj6-HSpAM32Vipd0cmT3V_LF6NqfkzU49NeIVMO-UqUkmGeQ==
Age: 2183
sadgssefeseses343262.safsasae.repl.co/index_files/analytics.js.descarga
34.149.204.188200 OK 50 kB URL HTTP/2 sadgssefeseses343262.safsasae.repl.co/index_files/analytics.js.descarga
IP 34.149.204.188:0
File type ASCII text, with very long lines (1325)
Hash d40531c5e99a6f84e42535859476fe35
a901817d77b2fe5259c298c91bc65c54d7f8a1a9
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Analyzer Verdict Alert openphish Banco Ciudad
fortinet Phishing
GET /index_files/analytics.js.descarga HTTP/1.1
Host: sadgssefeseses343262.safsasae.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadgssefeseses343262.safsasae.repl.co/index3.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 22:32:30 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7673856; includeSubDomains
content-type: text/plain; charset=utf-8
content-length: 50205
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j96&a=1280546839&t=pageview&_s=1&dl=https%3A%2F%2Fsadgssefeseses343262.safsasae.repl.co%2Findex3.html&ul=en-us&de=UTF-8&dt=Banco%20Ciudad&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAEABAAAAAC~&jid=1712675574&gjid=1036720328&cid=461780171.1662849140&tid=UA-160231695-1&_gid=669074430.1662849140&_r=1>m=2wg9705QM5P4Q&z=1463012697
142.250.74.174200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j96&a=1280546839&t=pageview&_s=1&dl=https%3A%2F%2Fsadgssefeseses343262.safsasae.repl.co%2Findex3.html&ul=en-us&de=UTF-8&dt=Banco%20Ciudad&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAEABAAAAAC~&jid=1712675574&gjid=1036720328&cid=461780171.1662849140&tid=UA-160231695-1&_gid=669074430.1662849140&_r=1>m=2wg9705QM5P4Q&z=1463012697
IP 142.250.74.174:0
File type ASCII text, with no line terminators
Hash cc7a1e792bca8ccb1946b7a07f6dbc03
11a2757082428311f587b7664fa9840376137f80
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
POST /j/collect?v=1&_v=j96&a=1280546839&t=pageview&_s=1&dl=https%3A%2F%2Fsadgssefeseses343262.safsasae.repl.co%2Findex3.html&ul=en-us&de=UTF-8&dt=Banco%20Ciudad&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAEABAAAAAC~&jid=1712675574&gjid=1036720328&cid=461780171.1662849140&tid=UA-160231695-1&_gid=669074430.1662849140&_r=1>m=2wg9705QM5P4Q&z=1463012697 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://sadgssefeseses343262.safsasae.repl.co
Connection: keep-alive
Referer: https://sadgssefeseses343262.safsasae.repl.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://sadgssefeseses343262.safsasae.repl.co
date: Sat, 10 Sep 2022 22:32:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 55d14c90ec16748861894ce8f82eafcd
f3ebe8972971c1201c1ec7c533f019f79c36cde5
fa0dc0f0a76f3407dad8dae59a4817ef6b1371fcaa930448373d64720a036698
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 22:32:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-160231695-1&cid=461780171.1662849140&jid=1712675574&gjid=1036720328&_gid=669074430.1662849140&_u=YEBAAEAAAAAAAC~&z=1537911592
142.251.1.157200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-160231695-1&cid=461780171.1662849140&jid=1712675574&gjid=1036720328&_gid=669074430.1662849140&_u=YEBAAEAAAAAAAC~&z=1537911592
IP 142.251.1.157:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-160231695-1&cid=461780171.1662849140&jid=1712675574&gjid=1036720328&_gid=669074430.1662849140&_u=YEBAAEAAAAAAAC~&z=1537911592 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://sadgssefeseses343262.safsasae.repl.co
Connection: keep-alive
Referer: https://sadgssefeseses343262.safsasae.repl.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://sadgssefeseses343262.safsasae.repl.co
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 10 Sep 2022 22:32:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 36fe04277220227ba5ecfe7d2ff1d9d9
2eb9f6560336248cc45c1cd66d87505b5ebdf5d4
94f8f2f8f3b67db18825ea48740ff0ce218d7156fe851d6b023ef43b6bee4f7f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6459
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 22:32:30 GMT
Last-Modified: Sat, 10 Sep 2022 20:44:51 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
sadgssefeseses343262.safsasae.repl.co/index_files/gtm.js.descarga
34.149.204.188200 OK 112 kB URL HTTP/2 sadgssefeseses343262.safsasae.repl.co/index_files/gtm.js.descarga
IP 34.149.204.188:0
File type ASCII text, with very long lines (1615)
Size 112 kB (112339 bytes)
Hash a62703f02b9e358ea0ebf5f14b768411
6c9fc592a82fa258015aa72eb2c36594fe51cb96
69e68184ffe4bcbb1643904ffa7edf803bec7cd57d578968b69515a789a72a95
Analyzer Verdict Alert openphish Banco Ciudad
fortinet Phishing
GET /index_files/gtm.js.descarga HTTP/1.1
Host: sadgssefeseses343262.safsasae.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadgssefeseses343262.safsasae.repl.co/index3.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 22:32:30 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7673856; includeSubDomains
content-type: text/plain; charset=utf-8
content-length: 112339
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 55d14c90ec16748861894ce8f82eafcd
f3ebe8972971c1201c1ec7c533f019f79c36cde5
fa0dc0f0a76f3407dad8dae59a4817ef6b1371fcaa930448373d64720a036698
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 22:32:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sadgssefeseses343262.safsasae.repl.co/index_files/runtime.ec2944dd8b20ec099bf3.js.descarga
34.149.204.188200 OK 1.5 kB URL HTTP/2 sadgssefeseses343262.safsasae.repl.co/index_files/runtime.ec2944dd8b20ec099bf3.js.descarga
IP 34.149.204.188:0
File type ASCII text, with very long lines (1451), with no line terminators
Hash d68ae1d68307abe5cbce649d966e97f1
21109b3561b5a6c3ed51bc3015962f05da8e57b3
f6d14a5c40a406c335c7aea3f6983070bb59111b470bdf39bd7e1c3f4618b9f4
Analyzer Verdict Alert openphish Banco Ciudad
fortinet Phishing
GET /index_files/runtime.ec2944dd8b20ec099bf3.js.descarga HTTP/1.1
Host: sadgssefeseses343262.safsasae.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadgssefeseses343262.safsasae.repl.co/index3.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 22:32:30 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7673856; includeSubDomains
content-type: text/plain; charset=utf-8
content-length: 1451
X-Firefox-Spdy: h2
sadgssefeseses343262.safsasae.repl.co/index_files/serviceworker.js.descarga
34.149.204.188200 OK 139 B URL HTTP/2 sadgssefeseses343262.safsasae.repl.co/index_files/serviceworker.js.descarga
IP 34.149.204.188:0
Hash ec431e4821c417259968c9433c173d7a
e20a8ea582c50a6ecd98e38967b6206f3f5464cf
bf15ddcaa9d1e8dcc42d385983c30efdec4b85650c6d2452df31979b404e3160
Analyzer Verdict Alert openphish Banco Ciudad
fortinet Phishing
GET /index_files/serviceworker.js.descarga HTTP/1.1
Host: sadgssefeseses343262.safsasae.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadgssefeseses343262.safsasae.repl.co/index3.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 22:32:30 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7673856; includeSubDomains
content-type: text/plain; charset=utf-8
content-length: 139
X-Firefox-Spdy: h2
sadgssefeseses343262.safsasae.repl.co/index_files/colors.js.descarga
34.149.204.188200 OK 755 B URL HTTP/2 sadgssefeseses343262.safsasae.repl.co/index_files/colors.js.descarga
IP 34.149.204.188:0
File type ASCII text, with very long lines (755), with no line terminators
Hash 8a0ccd362c3f22c9cf239d05b210a994
5865d553986f59538f56eed1a27c490a9f6bb0b1
830c8c46ae7149f8c395c44b9089d0a12ccca34449d2a8b1992186b059c43fd9
Analyzer Verdict Alert openphish Banco Ciudad
fortinet Phishing
GET /index_files/colors.js.descarga HTTP/1.1
Host: sadgssefeseses343262.safsasae.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadgssefeseses343262.safsasae.repl.co/index3.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 22:32:30 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7673856; includeSubDomains
content-type: text/plain; charset=utf-8
content-length: 755
X-Firefox-Spdy: h2
sadgssefeseses343262.safsasae.repl.co/index_files/popper.min.js.descarga
34.149.204.188200 OK 19 kB URL HTTP/2 sadgssefeseses343262.safsasae.repl.co/index_files/popper.min.js.descarga
IP 34.149.204.188:0
File type ASCII text, with very long lines (19063)
Hash 6cd956453e307bfd2ce4bfb0648b9f7d
a43367193adc1258902e5b68ad0cda6cf0f9ff8f
625b022a42ed5d9c39911e42050f4fd9834ea039af978b7716f7800ade95eb55
Analyzer Verdict Alert openphish Banco Ciudad
fortinet Phishing
GET /index_files/popper.min.js.descarga HTTP/1.1
Host: sadgssefeseses343262.safsasae.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadgssefeseses343262.safsasae.repl.co/index3.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 22:32:30 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7673856; includeSubDomains
content-type: text/plain; charset=utf-8
content-length: 19197
X-Firefox-Spdy: h2
sadgssefeseses343262.safsasae.repl.co/index_files/ciudad.svg
34.149.204.188200 OK 4.5 kB URL HTTP/2 sadgssefeseses343262.safsasae.repl.co/index_files/ciudad.svg
IP 34.149.204.188:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (3283)
Hash c73e5d18223746a44d6d2fc666e9e804
4e0e21ce77d00569449cb264229b347300038783
69c24732e6b7afebfc32b64f5dc465aed7c1e5ae2083d8a4327931618f323f17
Analyzer Verdict Alert openphish Banco Ciudad
fortinet Phishing
GET /index_files/ciudad.svg HTTP/1.1
Host: sadgssefeseses343262.safsasae.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadgssefeseses343262.safsasae.repl.co/index3.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Sat, 10 Sep 2022 22:32:30 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7673856; includeSubDomains
content-length: 4511
X-Firefox-Spdy: h2
sadgssefeseses343262.safsasae.repl.co/index_files/bootstrap.min.js.descarga
34.149.204.188200 OK 51 kB URL HTTP/2 sadgssefeseses343262.safsasae.repl.co/index_files/bootstrap.min.js.descarga
IP 34.149.204.188:0
File type ASCII text, with very long lines (50277)
Hash 46b549bdc90920f18a911f186b9dd75c
3c639c4af5c036a6ee364215bd12c0b12937827d
1886bc561dec7c44a7541d82377ad81a40ff32496f32ad259884f0790c44d6a5
Analyzer Verdict Alert openphish Banco Ciudad
fortinet Phishing
GET /index_files/bootstrap.min.js.descarga HTTP/1.1
Host: sadgssefeseses343262.safsasae.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadgssefeseses343262.safsasae.repl.co/index3.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 22:32:30 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7673856; includeSubDomains
content-type: text/plain; charset=utf-8
content-length: 50564
X-Firefox-Spdy: h2
sadgssefeseses343262.safsasae.repl.co/index_files/jquery-3.5.1.slim.min.js.descarga
34.149.204.188200 OK 72 kB URL HTTP/2 sadgssefeseses343262.safsasae.repl.co/index_files/jquery-3.5.1.slim.min.js.descarga
IP 34.149.204.188:0
File type ASCII text, with very long lines (65245)
Hash 767a77430d12bd654d8f0c92cc21298c
75c2ff61e87f9ae41f55f4e845812aad189ab9af
c46dc051ce81c4af2b2096abbf885ae4ba7467ff5db0f0106ceee928cf3658a3
Analyzer Verdict Alert openphish Banco Ciudad
fortinet Phishing
GET /index_files/jquery-3.5.1.slim.min.js.descarga HTTP/1.1
Host: sadgssefeseses343262.safsasae.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadgssefeseses343262.safsasae.repl.co/index3.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 22:32:30 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7673856; includeSubDomains
content-type: text/plain; charset=utf-8
content-length: 72379
X-Firefox-Spdy: h2
sadgssefeseses343262.safsasae.repl.co/index_files/polyfills.78e7bb2b516c2ee870f0.js.descarga
34.149.204.188200 OK 143 kB URL HTTP/2 sadgssefeseses343262.safsasae.repl.co/index_files/polyfills.78e7bb2b516c2ee870f0.js.descarga
IP 34.149.204.188:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 143 kB (142683 bytes)
Hash 050f5593a795beffaae3aa1af2f42c6d
6f09825e9255091665f31ae93fa12c47dae4a4c2
e428b9c4a2a312c519cb59eef4b605756f125ed3a53fa975058b737748fb2b47
Analyzer Verdict Alert openphish Banco Ciudad
fortinet Phishing
GET /index_files/polyfills.78e7bb2b516c2ee870f0.js.descarga HTTP/1.1
Host: sadgssefeseses343262.safsasae.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadgssefeseses343262.safsasae.repl.co/index3.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 22:32:30 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7673856; includeSubDomains
content-type: text/plain; charset=utf-8
content-length: 142683
X-Firefox-Spdy: h2
sadgssefeseses343262.safsasae.repl.co/index_files/styles.542f8738520c301b6503.css
34.149.204.188200 OK 240 kB URL HTTP/2 sadgssefeseses343262.safsasae.repl.co/index_files/styles.542f8738520c301b6503.css
IP 34.149.204.188:0
File type ASCII text, with very long lines (65307)
Size 240 kB (240530 bytes)
Hash 4ae1cffec0d12672e18b3c21a920eeb9
2b93cd16134d27a0893171d8410a120c8d1efdcc
12ec9ce079aefbcd306de6ec2859927dc4aed3e6053b79078ca1b06ffac04fb5
Analyzer Verdict Alert openphish Banco Ciudad
GET /index_files/styles.542f8738520c301b6503.css HTTP/1.1
Host: sadgssefeseses343262.safsasae.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadgssefeseses343262.safsasae.repl.co/index3.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=UTF-8
date: Sat, 10 Sep 2022 22:32:30 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7673856; includeSubDomains
content-length: 240530
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.148.77.40101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.77.40:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: rud+MeOPcYF7LU+J6wmUBQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 7xaYVckVCBX4hNDfbB9J47tie1g=
sadgssefeseses343262.safsasae.repl.co/index_files/GuardianTextSans-Regular-App.2648b97ab884e20f4b2b.ttf
34.149.204.188404 Not Found 598 B URL HTTP/2 sadgssefeseses343262.safsasae.repl.co/index_files/GuardianTextSans-Regular-App.2648b97ab884e20f4b2b.ttf
IP 34.149.204.188:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b3b99ae27b0f9d1595377caf7662ba60
6f94700d1525a5856ea877e56071c899c04b2bd9
8657ea34a641da845906401f5f319f1439e128b61009c634c278512ede6242f9
Analyzer Verdict Alert openphish Banco Ciudad
fortinet Phishing
GET /index_files/GuardianTextSans-Regular-App.2648b97ab884e20f4b2b.ttf HTTP/1.1
Host: sadgssefeseses343262.safsasae.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadgssefeseses343262.safsasae.repl.co/index_files/styles.542f8738520c301b6503.css
Cookie: _ga=GA1.3.461780171.1662849140; _gid=GA1.3.669074430.1662849140; _gat_UA-160231695-1=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Sat, 10 Sep 2022 22:32:30 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7673856; includeSubDomains
content-length: 598
X-Firefox-Spdy: h2
sadgssefeseses343262.safsasae.repl.co/index_files/Roboto-Regular.73f0a88bbca1bec19fb1.woff2
34.149.204.188200 OK 65 kB URL HTTP/2 sadgssefeseses343262.safsasae.repl.co/index_files/Roboto-Regular.73f0a88bbca1bec19fb1.woff2
IP 34.149.204.188:0
File type Web Open Font Format (Version 2), TrueType, length 64632, version 1.0\012- data
Hash 73f0a88bbca1bec19fb1303c689d04c6
463a07f5c66bf14e6d9d6e0f6d5e3fd3cb11f4ec
47107401d0adb375ab9aa167f9d62489a849d510e740a307b5a4db60e5db3562
Analyzer Verdict Alert openphish Banco Ciudad
fortinet Phishing
GET /index_files/Roboto-Regular.73f0a88bbca1bec19fb1.woff2 HTTP/1.1
Host: sadgssefeseses343262.safsasae.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://sadgssefeseses343262.safsasae.repl.co/index_files/styles.542f8738520c301b6503.css
Cookie: _ga=GA1.3.461780171.1662849140; _gid=GA1.3.669074430.1662849140; _gat_UA-160231695-1=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
date: Sat, 10 Sep 2022 22:32:30 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7673856; includeSubDomains
content-length: 64632
X-Firefox-Spdy: h2
sadgssefeseses343262.safsasae.repl.co/sw.js
34.149.204.188404 Not Found 538 B URL HTTP/2 sadgssefeseses343262.safsasae.repl.co/sw.js
IP 34.149.204.188:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 0d4305f941d59b8c89aa19467d9e9b0e
6bc54fc89c8975bd42219584d98754b65d8fd895
2d002435be4a8b4235e5c1e717ea2552a9b170fe1640652b08d44b5a870b96cb
Analyzer Verdict Alert openphish Banco Ciudad
fortinet Phishing
GET /sw.js HTTP/1.1
Host: sadgssefeseses343262.safsasae.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: _ga=GA1.3.461780171.1662849140; _gid=GA1.3.669074430.1662849140; _gat_UA-160231695-1=1
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Sat, 10 Sep 2022 22:32:31 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7673855; includeSubDomains
content-length: 538
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 045a93da6b2907ab9f68c0deb6939fd5
4c845f9d29a0864712af67a81fdcd730b3b9e8e7
017d42ee99ce9890fa6283a82236cfc88112ccac1abdf8130eb51361bb421f5e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 22:32:31 GMT
Server: ECS (amb/6BC3)
Content-Length: 471
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5563
Expires: Sun, 11 Sep 2022 00:05:14 GMT
Date: Sat, 10 Sep 2022 22:32:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5563
Expires: Sun, 11 Sep 2022 00:05:14 GMT
Date: Sat, 10 Sep 2022 22:32:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5563
Expires: Sun, 11 Sep 2022 00:05:14 GMT
Date: Sat, 10 Sep 2022 22:32:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5563
Expires: Sun, 11 Sep 2022 00:05:14 GMT
Date: Sat, 10 Sep 2022 22:32:31 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F811981ca-4b3f-4f29-af80-fe3d2cd10dcc.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F811981ca-4b3f-4f29-af80-fe3d2cd10dcc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2d7f23ba6ae7c64ba15b344a073722bc
7e0ea8123a7fc1629ef72534112905cc635b0e25
060b7282494cbccf9ab058ef9996f823445f3edaddaec36df1a710330c2cd2f6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F811981ca-4b3f-4f29-af80-fe3d2cd10dcc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6843
x-amzn-requestid: 1ebc1cef-617c-4673-9b3f-e09ea2da82d6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ1k-HeYIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d02ec-4a62b8435cd69f0329a3ba2d;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:34:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: HTRFsmiL_0OOz2z3cP9ZL7aK2XYEAxxfysmZT0mYs3GreMfbOb9_Cw==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:54:59 GMT
age: 2252
etag: "7e0ea8123a7fc1629ef72534112905cc635b0e25"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dd9e47f-6214-4e20-b9ff-3e738ad551e3.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dd9e47f-6214-4e20-b9ff-3e738ad551e3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 47ae5cf125ce99bad80c283de8a85cec
0c0c1f84d8693d0c150c97faed21204622d48132
95f5b8cddbfcdb2b6105ed5a0d5ff0dd86390839e5df7416d4f879d69fcf20c1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dd9e47f-6214-4e20-b9ff-3e738ad551e3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6269
x-amzn-requestid: 8f3cabdd-78c3-47d2-841b-02b674a79123
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ1k_FSCoAMFywQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d02ec-4b44c935456026ba700a5759;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:34:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3lrbjYxWvd1Cm5rO-XAy1tCULAXdaeVZJAPCImd9GqQC7uZ3r3TxeA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:46:28 GMT
age: 2763
etag: "0c0c1f84d8693d0c150c97faed21204622d48132"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9ba7347-38d8-40e3-9b29-41a380f99ed5.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9ba7347-38d8-40e3-9b29-41a380f99ed5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c35b7f5f8e1b0b24570a41b7d18533a
c5b82c9d77851820b8d206573d5c03cd36d27a20
bb2456b31c48e6ebc9595c2bb9972b74531e93dd02ec4571d5af614f2d116ec7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9ba7347-38d8-40e3-9b29-41a380f99ed5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6109
x-amzn-requestid: 271b006e-9d17-46ba-9eed-22fd638c4e9e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ2AhHZgIAMFlSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d039c-444e7d6b22f2a08f7215a986;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:37:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rnkjEbkwVPPR1stEuMkkuFcQ4WZMDjsuYKA46ZcxejvotwfCG6huhQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:43:03 GMT
age: 2968
etag: "c5b82c9d77851820b8d206573d5c03cd36d27a20"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F234d0658-5bd0-4cc9-a828-3300a0005951.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F234d0658-5bd0-4cc9-a828-3300a0005951.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash de6622cfd812509b317913e1a5e9cfc8
84e4a39c92ab111cc1072f898990cea6b05da6cf
6d41b564c2e15215d05ba74ba2ae08abf74f6aef9e58e808d31afc6d1ba123af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F234d0658-5bd0-4cc9-a828-3300a0005951.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9319
x-amzn-requestid: 44d731e9-1da0-4ad0-9fbb-1b170fac3bf0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XnTxaFtpIAMFWAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630c666f-2e155359546dae806f6dbfe2;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 07:10:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: cZslQ5Qc4PPIlpAtmGVbfr3NaPybUWZMJBz_pCrXkCSSq6hUztXVjA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:41:01 GMT
age: 3090
etag: "84e4a39c92ab111cc1072f898990cea6b05da6cf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66c0f84d-aba2-4ce6-9e03-ee51e1c347be.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66c0f84d-aba2-4ce6-9e03-ee51e1c347be.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 57d797a1c3f6589746a1135bdb19f54f
7aa14fcd982a5cee38d58fc3c89edc4a8daf4c97
ff8855ca951f53ed5f3886cc81a7f28384d41288edeca4fdc621250e4d01c6fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66c0f84d-aba2-4ce6-9e03-ee51e1c347be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6889
x-amzn-requestid: c82ac543-90cd-4aeb-a65b-7e1bbbacc407
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ2UEE-3IAMFYBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d0419-427a29067c9c92ec0db6567f;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:39:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BPWrjstB3xKeYzHK9eQoJL8ORgRFsqjmNxu0j10epBANBtZCRU-m2g==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:43:06 GMT
age: 2965
etag: "7aa14fcd982a5cee38d58fc3c89edc4a8daf4c97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3d502ae36e6befb4862e4f51e4402508
70dc535f21e0bad88a78f9fdccab78e876ec1e16
981ce7c841761fc436e949ef05a9f7ff985859d22ed92481aacc7407268fa9d7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4175
Cache-Control: max-age=134424
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 22:32:31 GMT
Etag: "631c6a48-1d7"
Expires: Mon, 12 Sep 2022 11:52:55 GMT
Last-Modified: Sat, 10 Sep 2022 10:43:20 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8092dc3d-1f2d-4e22-b40a-bf1c53ea42e6.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8092dc3d-1f2d-4e22-b40a-bf1c53ea42e6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 99bd16c51d8e4853d6ee542d2ec9fb22
a9f77626875d68e1aea2516f78d491eba9969e37
b360c3c9fa12dc4f57fdbfc88fe820ecee1c049f2d43f44cd38b740513d8e9f8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8092dc3d-1f2d-4e22-b40a-bf1c53ea42e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10298
x-amzn-requestid: f2e2d57b-1f6f-401a-bf0d-ca5c05dd5e59
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YE-nmHBKIAMFrZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63184496-52d1369463143fc94894e347;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 07:13:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: xW7Lli2tEVlm-nAL_JANbf0u4uZcPpslrE3rd2rWPoj_af_2WpiJ8Q==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:41:01 GMT
age: 3090
etag: "a9f77626875d68e1aea2516f78d491eba9969e37"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 65e1eceb9aec890186a6d4ef49061bfe
b8f77b945b35b5848b5dbc690889c1bbd85b4027
4343547f3142c56311738aef0e27fdf463dd27370324a2d1c670f127b9c5c2c8
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 38
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 22:32:31 GMT
Last-Modified: Sat, 10 Sep 2022 22:31:53 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
analytics.redlink.com.ar/hblogin/p1.htm?url=https://sadgssefeseses343262.safsasae.repl.co/index3.html
45.233.68.25302 Redirect 155 B URL HTTP/1.1 analytics.redlink.com.ar/hblogin/p1.htm?url=https://sadgssefeseses343262.safsasae.repl.co/index3.html
IP 45.233.68.25:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 96a3c98889299dc742cef1e3f837f6d7
5f279dcb9db73fb8b9aa6e4a96ed58559b095aef
de7b0fd139bd0be08cca4b3a25ec21f201959df8acfa555df1e01251276076fa
GET /hblogin/p1.htm?url=https://sadgssefeseses343262.safsasae.repl.co/index3.html HTTP/1.1
Host: analytics.redlink.com.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sadgssefeseses343262.safsasae.repl.co
Connection: keep-alive
Referer: https://sadgssefeseses343262.safsasae.repl.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Redirect
Content-Type: text/html; charset=UTF-8
Location: https://analytics.redlink.com.ar
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Date: Sat, 10 Sep 2022 22:32:31 GMT
Content-Length: 155
analytics.redlink.com.ar/
45.233.68.25200 OK 246 B URL HTTP/1.1 analytics.redlink.com.ar/
IP 45.233.68.25:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash aac68c3f2973ae6bcf1e154e6bb4ff98
0ca9c79f5f9aef9d79220f109f634c1bc50c05d0
774185757f47228d9b59ce512424a72614e1ffb88e4bc0a9a38141a318021cf1
GET / HTTP/1.1
Host: analytics.redlink.com.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sadgssefeseses343262.safsasae.repl.co
Referer: https://sadgssefeseses343262.safsasae.repl.co/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Fri, 09 Oct 2015 19:27:42 GMT
Accept-Ranges: bytes
ETag: "0b291c82d11:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Date: Sat, 10 Sep 2022 22:32:31 GMT
Content-Length: 246
hb.bancociudad.com.ar/assets/favicon.png
45.233.70.123200 OK 8.9 kB URL HTTP/1.1 hb.bancociudad.com.ar/assets/favicon.png
IP 45.233.70.123:0
File type PNG image data, 322 x 322, 8-bit/color RGBA, non-interlaced\012- data
Hash 25a9870ada58fd297d30493deb73dc07
5621be8ef54b0aa4e108ff9a43c2f51900e7c33d
2bdf4ac46b037d1abce919e168a390a071fd0c32542b116cf6826ea26e6eab1b
GET /assets/favicon.png HTTP/1.1
Host: hb.bancociudad.com.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadgssefeseses343262.safsasae.repl.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 22:32:32 GMT
Content-Type: image/png
Content-Length: 8925
Last-Modified: Thu, 08 Sep 2022 03:12:23 GMT
Connection: keep-alive
ETag: "63195d97-22dd"
Expires: Mon, 10 Oct 2022 22:32:32 GMT
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Set-Cookie: TS01fe601c=016e5a5cb00b92c897ba5ef39a14be62480d8bbe271028ed27853f968a7c29ac55a4f6bd82728763949c4c7b53f358014848f921c0; Path=/; Domain=.hb.bancociudad.com.ar