urlquery - report: 000000web.repl.co/

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
ocsp.pki.goog (3)	175	2018-07-01 06:43:07 UTC	2020-05-02 20:58:16 UTC	142.250.74.35
ipinfo.io (1)	8136	2016-08-10 14:14:24 UTC	2022-11-17 17:07:05 UTC	34.117.59.81
ocsp.sectigo.com (1)	487	2019-11-29 11:50:24 UTC	2021-09-17 20:05:40 UTC	172.64.155.188
img-getpocket.cdn.mozilla.net (7)	1631	2018-06-21 23:36:00 UTC	2020-02-19 04:43:25 UTC	34.120.237.76
api.ipify.org (1)	3267	2015-05-03 03:57:18 UTC	2020-03-11 13:27:58 UTC	3.220.57.224
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2022-11-17 05:55:20 UTC	34.117.237.239
ajax.googleapis.com (1)	12905	2013-08-16 09:51:31 UTC	2022-11-17 17:36:15 UTC	142.250.74.170
push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2020-05-03 10:09:39 UTC	54.70.239.215
r3.o.lencr.org (7)	344	No data	No data	23.36.76.226
ocsp.digicert.com (2)	86	2012-05-21 07:02:23 UTC	2020-05-02 20:58:10 UTC	93.184.220.29
000000web.repl.co (15)	0	2022-08-10 14:36:06 UTC	2022-11-17 19:18:17 UTC	34.149.204.188	Unknown ranking
content-signature-2.cdn.mozilla.net (1)	1152	No data	No data	34.160.144.191
firefox.settings.services.mozilla.com (2)	867	2020-06-04 20:08:41 UTC	2022-11-17 05:55:30 UTC	34.102.187.140

Scan Date	Severity	Indicator	Comment
2022-11-10	2	000000web.repl.co/	Banco Galicia
2022-11-10	2	000000web.repl.co/	Banco Galicia
2022-11-10	2	000000web.repl.co/	Banco Galicia
2022-11-10	2	000000web.repl.co/	Banco Galicia
2022-11-10	2	000000web.repl.co/	Banco Galicia
2022-11-10	2	000000web.repl.co/	Banco Galicia
2022-11-10	2	000000web.repl.co/	Banco Galicia
2022-11-10	2	000000web.repl.co/	Banco Galicia
2022-11-10	2	000000web.repl.co/	Banco Galicia
2022-11-10	2	000000web.repl.co/	Banco Galicia
2022-11-10	2	000000web.repl.co/	Banco Galicia
2022-11-10	2	000000web.repl.co/	Banco Galicia
2022-11-10	2	000000web.repl.co/	Banco Galicia
2022-11-10	2	000000web.repl.co/	Banco Galicia
2022-11-10	2	000000web.repl.co/	Banco Galicia

Scan Date	Severity	Indicator	Comment
2022-11-17	2	000000web.repl.co/	Phishing
2022-11-17	2	000000web.repl.co/	Phishing
2022-11-17	2	000000web.repl.co/js/FrontFunctions.min.js	Phishing
2022-11-17	2	000000web.repl.co/js/sax.js	Phishing
2022-11-17	2	000000web.repl.co/js/sharedout	Phishing
2022-11-17	2	000000web.repl.co/css/Inter-Regular.woff2	Phishing
2022-11-17	2	000000web.repl.co/img/logo.svg	Phishing
2022-11-17	2	000000web.repl.co/css/fontawesome-webfont.woff2	Phishing

Date	UQ / IDS / BL	URL	IP
2023-02-08 18:55:57 +0000	0 - 2 - 0	pixelwood.maddoxmoss1.repl.co/	34.149.204.188
2023-02-08 15:38:09 +0000	0 - 0 - 3	deviceverifgenerialscotiak.gustavonavarro7.re (...)	34.149.204.188
2023-02-08 14:26:44 +0000	0 - 0 - 2	bankslipe-paymentsnotificationssecured.babylo (...)	34.149.204.188
2023-02-08 05:24:44 +0000	0 - 0 - 24	bancavirtual34.repl.co/formsecurity.php	34.149.204.188
2023-02-08 05:24:37 +0000	0 - 0 - 24	bancavirtual34.bancavirtual34.repl.co/formsec (...)	34.149.204.188

Date	UQ / IDS / BL	URL	IP
2023-02-08 20:33:48 +0000	0 - 0 - 2	zyd20027.submittrk2.com/	34.78.252.25
2023-02-08 20:23:07 +0000	0 - 2 - 5	sitimerlo.blogspot.com/	216.58.207.193
2023-02-08 20:22:56 +0000	0 - 2 - 0	r17---sn-axq7sn7e.gvt1.com/edgedl/android/stu (...)	74.125.163.35
2023-02-08 20:15:07 +0000	0 - 20 - 56	www.newsandpromotions.com/tracking/8279	35.227.209.77
2023-02-08 20:01:50 +0000	0 - 0 - 1	email.mail.usbfund.com/c/eJxNkNGKwyAQRb8mvrXo (...)	34.127.83.42

Date	UQ / IDS / BL	URL	IP
2022-11-18 23:01:25 +0000	17 - 0 - 23	000000web.repl.co/	34.149.204.188
2022-11-18 23:01:21 +0000	17 - 0 - 23	000000web.repl.co/	34.149.204.188
2022-11-17 22:40:49 +0000	17 - 0 - 23	000000web.repl.co/	34.149.204.188
2022-11-11 07:52:43 +0000	8 - 0 - 23	000000web.repl.co/	34.149.204.188
2022-11-10 14:42:45 +0000	8 - 0 - 8	000000web.repl.co/	34.149.204.188

Date	UQ / IDS / BL	URL	IP
2023-01-16 07:01:31 +0000	28 - 1 - 14	bienvenidoshome2.rockbros.repl.co/	34.149.204.188
2023-01-16 07:01:14 +0000	28 - 1 - 9	b914a98d-ff15-47c8-8861-87c3495c8510.id.repl.co/	34.149.204.188
2023-01-16 07:00:55 +0000	28 - 1 - 14	bienvenidoshome2--rockbros.repl.co/	34.149.204.188
2023-01-15 22:53:11 +0000	28 - 1 - 9	bienvenidoshome2--rockbros.repl.co/	34.149.204.188
2023-01-15 22:40:24 +0000	28 - 1 - 0	bienvenidoshome2.rockbros.repl.co/	34.149.204.188

HTTP Transactions (43)

Request	Response
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 6bcfa518476658128c1fb4ea2435c4e58531454cf97138dce7ece9def589aead 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "6BCFA518476658128C1FB4EA2435C4E58531454CF97138DCE7ECE9DEF589AEAD" Last-Modified: Wed, 16 Nov 2022 18:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5137 Expires: Fri, 18 Nov 2022 00:06:14 GMT Date: Thu, 17 Nov 2022 22:40:37 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: d27590a1d3cbe1e9632b8ae92aaae3f4 Sha1: 202b34e8a0c3b88c8826fd56c6227b34f2cd6f46 Sha256: 6bcfa518476658128c1fb4ea2435c4e58531454cf97138dce7ece9def589aead
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 1f3338058f8e9cae5c9fdd733c74564312726b01c6efdcd628d851d0c99876b0 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4493 Cache-Control: max-age=133539 Date: Thu, 17 Nov 2022 22:40:37 GMT Etag: "63760d7b-1d7" Expires: Sat, 19 Nov 2022 11:46:16 GMT Last-Modified: Thu, 17 Nov 2022 10:31:23 GMT Server: ECS (ska/F70D) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: be1be806b5dca7facbb45a6c3db44652 Sha1: 7ae9380a2f3eca959fe6ff6b3832a17cffd12cf4 Sha256: 1f3338058f8e9cae5c9fdd733c74564312726b01c6efdcd628d851d0c99876b0
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 8b4040a645cec1841a00a22765eb3a74978559daf15c54bd4b41b6b48aab7f95 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "8B4040A645CEC1841A00A22765EB3A74978559DAF15C54BD4B41B6B48AAB7F95" Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6654 Expires: Fri, 18 Nov 2022 00:31:31 GMT Date: Thu, 17 Nov 2022 22:40:37 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 3a38b6dd8a4cc335c026aebf2ed348b6 Sha1: 8a386e0ccb0ca4dc502746c45b2ebc3aa3f83cf8 Sha256: 8b4040a645cec1841a00a22765eb3a74978559daf15c54bd4b41b6b48aab7f95
GET / HTTP/1.1 Host: 000000web.repl.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: 000000web.repl.co/ FQDN: 000000web.repl.co IP: 34.149.204.188 HASH: 9979dbd51b7af160f959184f40319f034f20de4e8333a9a1b78d68eb04d19158 34.149.204.188 HTTP/1.1 308 Permanent Redirect Content-Type: text/html; charset=utf-8 Location: https://000000web.repl.co/ Replit-Cluster: global Date: Thu, 17 Nov 2022 22:40:37 GMT Content-Length: 62 Via: 1.1 google --- Additional Info --- Magic: HTML document, ASCII text Size: 62 Md5: 65fe05ca95494ff692bed4e5f4367c5f Sha1: 3aaf2fd6914962c72ca5611c3e5f4a924ed08ce1 Sha256: 9979dbd51b7af160f959184f40319f034f20de4e8333a9a1b78d68eb04d19158 Alerts: urlquery: - Phishing - Galicia Blocklists: - openphish: Banco Galicia - fortinet: Phishing
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: U1gPDKE/5PKWBG5suvnhHyKNokqGJ/5HNoBScZvg1lNMympizux6RDJ++8Srm4wC3x0xbmqV8cE= x-amz-request-id: CF0HNYXQXSE8NBMQ content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Thu, 17 Nov 2022 22:15:19 GMT age: 1518 last-modified: Fri, 30 Sep 2022 18:50:55 GMT etag: "67d5a988edcda47bc3b3b3f65d32b4b6" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 67d5a988edcda47bc3b3b3f65d32b4b6 Sha1: d4f0e0da8b3690cc7da925026d3414b68c7d954f Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Thu, 17 Nov 2022 21:44:57 GMT cache-control: public,max-age=3600 age: 3340 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: d130218d0e2841f39c99610fe1a2ab90 Sha1: 29fbe1e177ee55c7a61ae0a206afff271cf5f945 Sha256: 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Thu, 17 Nov 2022 22:40:37 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 8e00b0a1568374a44af7696a0c311e1bcf15e1b042bdd8c1f2daa68d060428ed 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "8E00B0A1568374A44AF7696A0C311E1BCF15E1B042BDD8C1F2DAA68D060428ED" Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15481 Expires: Fri, 18 Nov 2022 02:58:38 GMT Date: Thu, 17 Nov 2022 22:40:37 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 43b7a62eceeac2d7338b571c803d2a39 Sha1: 321408ad01aac2945a9c822576e69fc755b4faee Sha256: 8e00b0a1568374a44af7696a0c311e1bcf15e1b042bdd8c1f2daa68d060428ed
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Thu, 17 Nov 2022 21:44:49 GMT cache-control: public,max-age=3600 age: 3348 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET / HTTP/1.1 Host: 000000web.repl.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	URL: 000000web.repl.co/ FQDN: 000000web.repl.co IP: 34.149.204.188 HASH: 3fd614996a7c916323bed855b465d05c14783dfc2ad0e5ec3339ed42e07ade9d 34.149.204.188 HTTP/2 200 OK content-type: text/html; charset=UTF-8 date: Thu, 17 Nov 2022 22:40:37 GMT expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791" replit-cluster: global strict-transport-security: max-age=5785366; includeSubDomains content-length: 18900 X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1162) Size: 18900 Md5: 45ea9f82c6d01c82488ff0f136f81c7c Sha1: 657a7bc937081167ec1f63658c68ae40eb948182 Sha256: 3fd614996a7c916323bed855b465d05c14783dfc2ad0e5ec3339ed42e07ade9d Alerts: urlquery: - Phishing - Galicia Blocklists: - openphish: Banco Galicia - fortinet: Phishing
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 17cae43cd454fc69beff944925994d2810f859261cd40bfa58d573163a40b23c 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 17 Nov 2022 22:40:37 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 9e20a99f56d244cd43bd10781eb8e1d8 Sha1: 000f6ecfc6a9412d2e062028ee553801f573fd92 Sha256: 17cae43cd454fc69beff944925994d2810f859261cd40bfa58d573163a40b23c
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1 Host: ajax.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://000000web.repl.co/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js FQDN: ajax.googleapis.com IP: 142.250.74.170 HASH: 41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f 142.250.74.170 HTTP/2 200 OK content-type: text/javascript; charset=UTF-8 accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers" report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} timing-allow-origin: * content-length: 31021 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Fri, 11 Nov 2022 08:46:23 GMT expires: Sat, 11 Nov 2023 08:46:23 GMT cache-control: public, max-age=31536000, stale-while-revalidate=2592000 last-modified: Fri, 08 May 2020 07:05:03 GMT age: 568454 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (65451) Size: 31021 Md5: 903bc7a7e510f87aa5d0201eb59a0832 Sha1: ac9aa4dd94cde1bcba9037e94087138b127e41fc Sha256: 41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 4d78eb296876122e5ff40fcd7667adf1bf8a4b1ee4c8203c88a63ce8d7910a57 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4075 Cache-Control: max-age=128053 Date: Thu, 17 Nov 2022 22:40:37 GMT Etag: "6375f9af-1d7" Expires: Sat, 19 Nov 2022 10:14:50 GMT Last-Modified: Thu, 17 Nov 2022 09:06:55 GMT Server: ECS (ska/F70D) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: c10055ce87434f700ff8b20e3be1f919 Sha1: 477b3c9f1da0c464282bb54572737e76b6e346da Sha256: 4d78eb296876122e5ff40fcd7667adf1bf8a4b1ee4c8203c88a63ce8d7910a57
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 17cae43cd454fc69beff944925994d2810f859261cd40bfa58d573163a40b23c 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 17 Nov 2022 22:40:37 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 9e20a99f56d244cd43bd10781eb8e1d8 Sha1: 000f6ecfc6a9412d2e062028ee553801f573fd92 Sha256: 17cae43cd454fc69beff944925994d2810f859261cd40bfa58d573163a40b23c
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: Y8njsZHQdoFMvI+pw2/t0w== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 54.70.239.215 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 54.70.239.215 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: dNwKUwO5cBaLrCSaDfKm7S3OX0A= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /css/bootstrap.min.css HTTP/1.1 Host: 000000web.repl.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://000000web.repl.co/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 000000web.repl.co/css/bootstrap.min.css FQDN: 000000web.repl.co IP: 34.149.204.188 HASH: 38c2ceafd2e0319b0249ad97ab59932dd54971afd9422bb5bbff40ab7069d763 34.149.204.188 HTTP/2 200 OK content-type: text/css; charset=UTF-8 date: Thu, 17 Nov 2022 22:40:37 GMT expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791" replit-cluster: global strict-transport-security: max-age=5785366; includeSubDomains content-length: 123758 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (65371) Size: 123758 Md5: 65d518a9dc19eee2880f149ad8696734 Sha1: 473bab8d212a1f5f374dd5fcf66c9882ea0625d2 Sha256: 38c2ceafd2e0319b0249ad97ab59932dd54971afd9422bb5bbff40ab7069d763 Alerts: urlquery: - Phishing - Galicia Blocklists: - openphish: Banco Galicia
GET /css/keyboard.css HTTP/1.1 Host: 000000web.repl.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://000000web.repl.co/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 000000web.repl.co/css/keyboard.css FQDN: 000000web.repl.co IP: 34.149.204.188 HASH: 612a237e8ee113c28afb5b58bce39eed244dc31b6d2127b45da334edca204b85 34.149.204.188 HTTP/2 200 OK content-type: text/css; charset=UTF-8 date: Thu, 17 Nov 2022 22:40:37 GMT expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791" replit-cluster: global strict-transport-security: max-age=5785366; includeSubDomains content-length: 492 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text Size: 492 Md5: cde47bbdcc48b7a1883bfa6ff9461e1b Sha1: df0ffcc2e83ba3da25ffdb9e4dfe70165e1f34a8 Sha256: 612a237e8ee113c28afb5b58bce39eed244dc31b6d2127b45da334edca204b85 Alerts: urlquery: - Phishing - Galicia Blocklists: - openphish: Banco Galicia
GET /css/simple-keyboard.css HTTP/1.1 Host: 000000web.repl.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://000000web.repl.co/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 000000web.repl.co/css/simple-keyboard.css FQDN: 000000web.repl.co IP: 34.149.204.188 HASH: c46e9d5b86e7a9c0405f4edb56d1f7f8a4a463dca80ff9b99b916da39064a233 34.149.204.188 HTTP/2 200 OK content-type: text/css; charset=UTF-8 date: Thu, 17 Nov 2022 22:40:37 GMT expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791" replit-cluster: global strict-transport-security: max-age=5785366; includeSubDomains content-length: 2790 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text Size: 2790 Md5: 7ac8b1ce1d4560506b4ddaace5546637 Sha1: ec9cf772f643b3583aa07012f94715a4c55c22ed Sha256: c46e9d5b86e7a9c0405f4edb56d1f7f8a4a463dca80ff9b99b916da39064a233 Alerts: urlquery: - Phishing - Galicia Blocklists: - openphish: Banco Galicia
GET /css/customcarousel.min.css HTTP/1.1 Host: 000000web.repl.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://000000web.repl.co/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 000000web.repl.co/css/customcarousel.min.css FQDN: 000000web.repl.co IP: 34.149.204.188 HASH: f397778bb003ff2d647f5d7d90050f9b50f43622fb02637c8537f159f460bbad 34.149.204.188 HTTP/2 200 OK content-type: text/css; charset=UTF-8 date: Thu, 17 Nov 2022 22:40:37 GMT expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791" replit-cluster: global strict-transport-security: max-age=5785366; includeSubDomains content-length: 1949 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (1920) Size: 1949 Md5: 507cddc424365cfc443858856b1747fa Sha1: 74f55054e13021d5b5c6331778e42dc42c80d6d4 Sha256: f397778bb003ff2d647f5d7d90050f9b50f43622fb02637c8537f159f460bbad Alerts: urlquery: - Phishing - Galicia Blocklists: - openphish: Banco Galicia
GET /js/FrontFunctions.min.js HTTP/1.1 Host: 000000web.repl.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://000000web.repl.co/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 000000web.repl.co/js/FrontFunctions.min.js FQDN: 000000web.repl.co IP: 34.149.204.188 HASH: 3f961962dc4471c881dd809308411177f1201cc7cb7691b24c9bd66bcfde5722 34.149.204.188 HTTP/2 200 OK content-type: application/javascript date: Thu, 17 Nov 2022 22:40:37 GMT expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791" replit-cluster: global strict-transport-security: max-age=5785366; includeSubDomains content-length: 28367 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Unicode text, UTF-8 text, with very long lines (28360), with no line terminators Size: 28367 Md5: 5bc5d136b360c62c02758fe9d962c6d9 Sha1: df943c76f1da2e164f98d6d538d32ef5b767d9a0 Sha256: 3f961962dc4471c881dd809308411177f1201cc7cb7691b24c9bd66bcfde5722 Alerts: urlquery: - Phishing - Galicia Blocklists: - openphish: Banco Galicia - fortinet: Phishing
GET /js/sax.js HTTP/1.1 Host: 000000web.repl.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://000000web.repl.co/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 000000web.repl.co/js/sax.js FQDN: 000000web.repl.co IP: 34.149.204.188 HASH: 20361e123a8c6923957448d5eb0aa350e4bab384a4be0427354e813013a98261 34.149.204.188 HTTP/2 200 OK content-type: application/javascript date: Thu, 17 Nov 2022 22:40:37 GMT expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791" replit-cluster: global strict-transport-security: max-age=5785366; includeSubDomains content-length: 1197 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with CRLF line terminators Size: 1197 Md5: f574386444479518b2c629df208f90fc Sha1: 7c8f9e2ddda8adf28d41b9478dcc1590b83dea50 Sha256: 20361e123a8c6923957448d5eb0aa350e4bab384a4be0427354e813013a98261 Alerts: urlquery: - Phishing - Galicia Blocklists: - openphish: Banco Galicia - fortinet: Phishing
GET /js/sharedout HTTP/1.1 Host: 000000web.repl.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://000000web.repl.co/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 000000web.repl.co/js/sharedout FQDN: 000000web.repl.co IP: 34.149.204.188 HASH: c4145a9e8ffd7f6e600cb97e9d5b54488499fec84e99b147ee7c48d171314395 34.149.204.188 HTTP/2 200 OK content-type: text/plain; charset=utf-8 date: Thu, 17 Nov 2022 22:40:37 GMT expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791" replit-cluster: global strict-transport-security: max-age=5785366; includeSubDomains content-length: 386613 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Unicode text, UTF-8 text, with very long lines (65435), with no line terminators Size: 386613 Md5: 9861fa51e74a108f05a388c4bc7547ec Sha1: 6227ce8903aafc40485e4adda69f945bcd25ed4e Sha256: c4145a9e8ffd7f6e600cb97e9d5b54488499fec84e99b147ee7c48d171314395 Alerts: urlquery: - Phishing - Galicia Blocklists: - openphish: Banco Galicia - fortinet: Phishing
GET /css/default.min.css HTTP/1.1 Host: 000000web.repl.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://000000web.repl.co/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 000000web.repl.co/css/default.min.css FQDN: 000000web.repl.co IP: 34.149.204.188 HASH: 1812800491c1e3b4f00d80b9396bea9d435b2d45e27bd82794bc8bcac7e184f7 34.149.204.188 HTTP/2 200 OK content-type: text/css; charset=UTF-8 date: Thu, 17 Nov 2022 22:40:37 GMT expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791" replit-cluster: global strict-transport-security: max-age=5785366; includeSubDomains content-length: 1324122 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (414) Size: 1324122 Md5: 05adbbb97ae6353c3bae73c2d1deadfc Sha1: 7b79ef7154c636e20aa576e92be8289bdc154527 Sha256: 1812800491c1e3b4f00d80b9396bea9d435b2d45e27bd82794bc8bcac7e184f7 Alerts: urlquery: - Phishing - Galicia Blocklists: - openphish: Banco Galicia
GET /css/Inter-Regular.woff2 HTTP/1.1 Host: 000000web.repl.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: https://000000web.repl.co/css/default.min.css Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: 000000web.repl.co/css/Inter-Regular.woff2 FQDN: 000000web.repl.co IP: 34.149.204.188 HASH: 77ca56870309a85759fb7116aef2119a26e358145e808868543ca1fe16c27720 34.149.204.188 HTTP/2 200 OK content-type: font/woff2 date: Thu, 17 Nov 2022 22:40:38 GMT expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791" replit-cluster: global strict-transport-security: max-age=5785365; includeSubDomains content-length: 89212 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 89212, version 1.0\012- data Size: 89212 Md5: bffaed793493dc46bf0789e2275909ac Sha1: 21178040c070176c06653b76d42b1e19810c2df0 Sha256: 77ca56870309a85759fb7116aef2119a26e358145e808868543ca1fe16c27720 Alerts: urlquery: - Phishing - Galicia Blocklists: - openphish: Banco Galicia - fortinet: Phishing
GET /img/logo.svg HTTP/1.1 Host: 000000web.repl.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://000000web.repl.co/css/default.min.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 000000web.repl.co/img/logo.svg FQDN: 000000web.repl.co IP: 34.149.204.188 HASH: b4ff0e55e735bcecbe65b3d851306ed458d3ef865d108b74dbc107ead609a17a 34.149.204.188 HTTP/2 200 OK content-type: image/svg+xml date: Thu, 17 Nov 2022 22:40:38 GMT expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791" replit-cluster: global strict-transport-security: max-age=5785365; includeSubDomains content-length: 5199 X-Firefox-Spdy: h2 --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 5199 Md5: 8a2cc43860537affd5c0a21c0f111f32 Sha1: ccf94df7487d8132a3c5ce7657810d52ce7fbd8c Sha256: b4ff0e55e735bcecbe65b3d851306ed458d3ef865d108b74dbc107ead609a17a Alerts: urlquery: - Phishing - Galicia Blocklists: - openphish: Banco Galicia - fortinet: Phishing
POST /s/gts1d4/8zRofmzdPas HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/s/gts1d4/8zRofmzdPas FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 979f61e419f0aa2157056295c2731fe3a357f6ebb66036673b122d99c46d670c 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 17 Nov 2022 22:40:38 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: db8ede8c7a6e401e9a70d71bdbf7900c Sha1: 38fc5475cc52302140267768c417b1296f06432e Sha256: 979f61e419f0aa2157056295c2731fe3a357f6ebb66036673b122d99c46d670c
GET /img/102-sin-titulo-Victoria-Salvay.jpg HTTP/1.1 Host: 000000web.repl.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://000000web.repl.co/css/default.min.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 000000web.repl.co/img/102-sin-titulo-Victoria-Salvay.jpg FQDN: 000000web.repl.co IP: 34.149.204.188 HASH: e9b32b1507d91d5e4268e15e3f1618e6597e79cbe347eedd09dd919dc6e72b99 34.149.204.188 HTTP/2 200 OK content-type: image/jpeg date: Thu, 17 Nov 2022 22:40:38 GMT expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791" replit-cluster: global strict-transport-security: max-age=5785365; includeSubDomains content-length: 127504 X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, progressive, precision 8, 1000x1309, components 3\012- data Size: 127504 Md5: f05fb7e2a994d69e32213449546c417f Sha1: e0cf6c4a33cbbef420ceda8db3e28c3b654ddad2 Sha256: e9b32b1507d91d5e4268e15e3f1618e6597e79cbe347eedd09dd919dc6e72b99 Alerts: urlquery: - Phishing - Galicia Blocklists: - openphish: Banco Galicia
GET /css/fontawesome-webfont.woff2 HTTP/1.1 Host: 000000web.repl.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: https://000000web.repl.co/css/default.min.css Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: 000000web.repl.co/css/fontawesome-webfont.woff2 FQDN: 000000web.repl.co IP: 34.149.204.188 HASH: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe 34.149.204.188 HTTP/2 200 OK content-type: font/woff2 date: Thu, 17 Nov 2022 22:40:38 GMT expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791" replit-cluster: global strict-transport-security: max-age=5785365; includeSubDomains content-length: 77160 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data Size: 77160 Md5: af7ae505a9eed503f8b8e6982036873e Sha1: d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c Sha256: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Alerts: urlquery: - Phishing - Galicia Blocklists: - openphish: Banco Galicia - fortinet: Phishing
GET / HTTP/1.1 Host: ipinfo.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/javascript, /; q=0.01 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://000000web.repl.co Connection: keep-alive Referer: https://000000web.repl.co/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: ipinfo.io/ FQDN: ipinfo.io IP: 34.117.59.81 HASH: e505b5489c9ebd0b78af54e00f78972f37c8b39771c27db9127f1b3832476b9e 34.117.59.81 HTTP/2 200 OK content-type: application/json; charset=utf-8 access-control-allow-origin: * x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff referrer-policy: strict-origin-when-cross-origin date: Thu, 17 Nov 2022 22:40:39 GMT x-envoy-upstream-service-time: 2 strict-transport-security: max-age=2592000; includeSubDomains vary: Accept-Encoding content-encoding: gzip via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 685 Md5: db5a52a36934854fc24af96fcb9625d1 Sha1: e19e2aa259638b42b37b95cbfaa2e890a611f86e Sha256: e505b5489c9ebd0b78af54e00f78972f37c8b39771c27db9127f1b3832476b9e
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sectigo.com/ FQDN: ocsp.sectigo.com IP: 172.64.155.188 HASH: ffd0dccd3d676f0493e1d25a0cc2a1e6ab13709f4767a19f005977f5e3c4a9c4 172.64.155.188 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 17 Nov 2022 22:40:39 GMT Content-Length: 472 Connection: keep-alive Last-Modified: Wed, 16 Nov 2022 21:46:09 GMT Expires: Wed, 23 Nov 2022 21:46:08 GMT Etag: "6668bf41259656e89039002b6841b83dd6db7235" Cache-Control: max-age=514528,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb6 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 76bbf824686ffabc-OSL --- Additional Info --- Magic: data Size: 472 Md5: 2534a74beecacec78077a266e7869546 Sha1: 6668bf41259656e89039002b6841b83dd6db7235 Sha256: ffd0dccd3d676f0493e1d25a0cc2a1e6ab13709f4767a19f005977f5e3c4a9c4
GET /img/favicon.ico HTTP/1.1 Host: 000000web.repl.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://000000web.repl.co/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 000000web.repl.co/img/favicon.ico FQDN: 000000web.repl.co IP: 34.149.204.188 HASH: f20a33fd40173f122bec15a105374059fb3ec612d51146485ed84ef0001f2f03 34.149.204.188 HTTP/2 200 OK content-type: image/x-icon date: Thu, 17 Nov 2022 22:40:39 GMT expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791" replit-cluster: global strict-transport-security: max-age=5785364; includeSubDomains content-length: 1559 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data Size: 1559 Md5: b700b544f2fa87e37e6b728fef00fcb0 Sha1: c0735fa743392c2f3032c22d241854b88832cdb7 Sha256: f20a33fd40173f122bec15a105374059fb3ec612d51146485ed84ef0001f2f03 Alerts: urlquery: - Phishing - Galicia Blocklists: - openphish: Banco Galicia
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: aec801578f867078e0a82d90e78290f0a3ef4f1f4936eb763801b869e0fae747 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "AEC801578F867078E0A82D90E78290F0A3EF4F1F4936EB763801B869E0FAE747" Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9401 Expires: Fri, 18 Nov 2022 01:17:20 GMT Date: Thu, 17 Nov 2022 22:40:39 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 17af07b019100dc8adb529ce85f827bd Sha1: 602adaa722e9a3ee89600ebe40cea7033c435483 Sha256: aec801578f867078e0a82d90e78290f0a3ef4f1f4936eb763801b869e0fae747
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: aec801578f867078e0a82d90e78290f0a3ef4f1f4936eb763801b869e0fae747 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "AEC801578F867078E0A82D90E78290F0A3EF4F1F4936EB763801B869E0FAE747" Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9401 Expires: Fri, 18 Nov 2022 01:17:20 GMT Date: Thu, 17 Nov 2022 22:40:39 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 17af07b019100dc8adb529ce85f827bd Sha1: 602adaa722e9a3ee89600ebe40cea7033c435483 Sha256: aec801578f867078e0a82d90e78290f0a3ef4f1f4936eb763801b869e0fae747
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: aec801578f867078e0a82d90e78290f0a3ef4f1f4936eb763801b869e0fae747 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "AEC801578F867078E0A82D90E78290F0A3EF4F1F4936EB763801B869E0FAE747" Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9401 Expires: Fri, 18 Nov 2022 01:17:20 GMT Date: Thu, 17 Nov 2022 22:40:39 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 17af07b019100dc8adb529ce85f827bd Sha1: 602adaa722e9a3ee89600ebe40cea7033c435483 Sha256: aec801578f867078e0a82d90e78290f0a3ef4f1f4936eb763801b869e0fae747
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: aec801578f867078e0a82d90e78290f0a3ef4f1f4936eb763801b869e0fae747 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "AEC801578F867078E0A82D90E78290F0A3EF4F1F4936EB763801B869E0FAE747" Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9401 Expires: Fri, 18 Nov 2022 01:17:20 GMT Date: Thu, 17 Nov 2022 22:40:39 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 17af07b019100dc8adb529ce85f827bd Sha1: 602adaa722e9a3ee89600ebe40cea7033c435483 Sha256: aec801578f867078e0a82d90e78290f0a3ef4f1f4936eb763801b869e0fae747
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb30d05c7-3d7a-4a88-a222-4412f1b83897.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: f478959aeb876f93f784194e56a9e3964cdb02465b203c4640a2bbb386689e1b 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 6972 x-amzn-requestid: a51fcd41-d047-4aa6-b917-e8d1c1f846ef x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: bw9VvEnHoAMF3rg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6376a8f1-7cac67d1723387c40d1af743;Sampled=0 x-amzn-remapped-date: Thu, 17 Nov 2022 21:34:41 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: zThnBpkUmGgiJR-VL7RoAXg5P42LaLa5URs-4Fpt_sRwGtun82VOxQ== via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google date: Thu, 17 Nov 2022 22:18:12 GMT age: 1347 etag: "e0c4d9f0a3dd1fa6a9c4f43106b316e9154bebee" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6972 Md5: 3b0ef860a3b4eed3cf0fdca6e9a52b78 Sha1: e0c4d9f0a3dd1fa6a9c4f43106b316e9154bebee Sha256: f478959aeb876f93f784194e56a9e3964cdb02465b203c4640a2bbb386689e1b
GET /?format=json HTTP/1.1 Host: api.ipify.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/javascript, /; q=0.01 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://000000web.repl.co Connection: keep-alive Referer: https://000000web.repl.co/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: api.ipify.org/?format=json FQDN: api.ipify.org IP: 3.220.57.224 HASH: 5bac6e06cf0e1ad38c55f9f9d12122272bf4b8157877629fe68cd33fe2133c65 3.220.57.224 HTTP/1.1 200 OK Content-Type: application/json Server: Cowboy Connection: keep-alive Access-Control-Allow-Origin: https://000000web.repl.co Vary: Origin Date: Thu, 17 Nov 2022 22:40:39 GMT Content-Length: 21 Via: 1.1 vegur --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 21 Md5: 7d69c71af0f191e9a72db6153f8018d1 Sha1: f67c5f2887bc05654b47f76e9621e53a4091aed1 Sha256: 5bac6e06cf0e1ad38c55f9f9d12122272bf4b8157877629fe68cd33fe2133c65
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d44c091-52da-4eae-8a5b-f376d6b63e56.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: ff5dba7f1d84eccd80258c32d63c7898c675bda09de0d15b00c7d99c3878c8fc 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 7231 x-amzn-requestid: eeaebeae-e22f-4a56-9dcf-c358ca2f4417 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: bw9VlEHDoAMFVZA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6376a8f0-7d3531e827495676679b1c83;Sampled=0 x-amzn-remapped-date: Thu, 17 Nov 2022 21:34:40 GMT x-amz-cf-pop: SEA73-P2, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: pzqmjsJGnpPXoGyqNH92ncZunc-iuH9U62BlQWJZhig5rw5RBjgQvw== via: 1.1 3c974a460e97e56c6eb1e6a30797d9d6.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google date: Thu, 17 Nov 2022 22:08:13 GMT age: 1946 etag: "5f17669b66ddc31ab9e0f34a67c4fec78fc481d1" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7231 Md5: ce1e042758fce03f4a8397f95b1ce5db Sha1: 5f17669b66ddc31ab9e0f34a67c4fec78fc481d1 Sha256: ff5dba7f1d84eccd80258c32d63c7898c675bda09de0d15b00c7d99c3878c8fc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F484ffe7b-1073-4220-bf53-ccbfc7e9654e.webp HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 80f5d7573fd2bf4e6a6038ebf1335d159ad37c391ee539918455963d6ee88654 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8884 x-amzn-requestid: 3739b8f5-bb0c-4798-a931-e955dd6df81d x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: bw-MiGFxoAMFlxA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6376aa50-74c24a2f737634b655a5b47c;Sampled=0 x-amzn-remapped-date: Thu, 17 Nov 2022 21:40:32 GMT x-amz-cf-pop: SEA73-P2, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: d_bLYyZzi1phYwQ2e5uvUmzO0GuvNu9Ubi2PQ0ChilQJegKr3uUiRw== via: 1.1 79880188a81becf1687ba18c0e064230.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google date: Thu, 17 Nov 2022 22:08:13 GMT age: 1946 etag: "96c6cbfe31e7247c64dfa8c3759967627f8c6286" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8884 Md5: 14649d486602810c1b218b96b27b2cc4 Sha1: 96c6cbfe31e7247c64dfa8c3759967627f8c6286 Sha256: 80f5d7573fd2bf4e6a6038ebf1335d159ad37c391ee539918455963d6ee88654
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 0e9f559a0aa7e114c5810a27ba243c0da7b44dc0bf7aec2b7ab32b8f0e2b536c 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 11667 x-amzn-requestid: 4778d1bd-28c3-4665-89da-046e356087f0 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: bjyD1HE-oAMF0QQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637163b1-53c7330c5fd36d3c4d9e6aed;Sampled=0 x-amzn-remapped-date: Sun, 13 Nov 2022 21:37:53 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: 5zDWKjYmvVLCemXw5Swm2qkhw1mQtD5c07Fl7Krydo_XR5FFyHDu4Q== via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google date: Thu, 17 Nov 2022 07:15:37 GMT age: 55502 etag: "dd4fd6c803a9b333bace9a541c6bd183d0c56bb9" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11667 Md5: 032386e5c9dffff1ba1ee5e8a322d438 Sha1: dd4fd6c803a9b333bace9a541c6bd183d0c56bb9 Sha256: 0e9f559a0aa7e114c5810a27ba243c0da7b44dc0bf7aec2b7ab32b8f0e2b536c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3007b4f3-f5db-4eb7-b71a-f9f854ae287e.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 8b524701df43bff56ac52a021ff0fbd964e06f00e84b4861aa557ec6ae6b4ffd 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 7631 x-amzn-requestid: b47e545d-1fb6-4a62-ab45-28cdb9d3f0b6 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: bw-vQE0XoAMFS3w= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6376ab2e-56365eed3d4c082c53b172b3;Sampled=0 x-amzn-remapped-date: Thu, 17 Nov 2022 21:44:14 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: qpoQa1Lhe-h27dGooXDCtujesSTg7Tb0Ov-PNLnUP0288ZofwHxkhQ== via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google date: Thu, 17 Nov 2022 22:24:12 GMT age: 987 etag: "e88c5832ff0c49bab181d948c3a510d88343bb6f" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7631 Md5: b2b393e36ee2c9649d90db136aa49542 Sha1: e88c5832ff0c49bab181d948c3a510d88343bb6f Sha256: 8b524701df43bff56ac52a021ff0fbd964e06f00e84b4861aa557ec6ae6b4ffd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44ba3263-9329-4559-836c-276171e025ed.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: b3f4c1825d35cae0c3a5f4de5ea26a9175a4ae03b16738e909353365acd3a73b 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 6637 x-amzn-requestid: b821413a-b325-40bb-9b89-30707f71e661 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: bw-7vETlIAMFTMQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6376ab7e-1f1856e545d5c6521385a4de;Sampled=0 x-amzn-remapped-date: Thu, 17 Nov 2022 21:45:34 GMT x-amz-cf-pop: SFO5-P2, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: xe8OcDgFv6akQwAdoXVtB6Dp288li05jmMJlshlERoQeENkABsmDRQ== via: 1.1 b04d82bf2bc15ab146955a862be263f0.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google date: Thu, 17 Nov 2022 22:24:12 GMT etag: "218a3019acb40a251de89c66b42cba265f4554e8" age: 987 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6637 Md5: 86031fc92c8180ae6e705b264f22a3db Sha1: 218a3019acb40a251de89c66b42cba265f4554e8 Sha256: b3f4c1825d35cae0c3a5f4de5ea26a9175a4ae03b16738e909353365acd3a73b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e567bc1-d4b1-4dd2-b17e-3595ad1753e5.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 816d1387a3a91a82f0bdaa2b703b45aa30be206d30d4dd1e8ac5deca13de57ad 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10281 x-amzn-requestid: 11dffc4e-71d7-4195-8890-62c8a2092728 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: bw-77EWaIAMF3WA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6376ab7f-3c0dc7e43023af827ac26958;Sampled=0 x-amzn-remapped-date: Thu, 17 Nov 2022 21:45:35 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: Xbau-BXu_W5Hu8QaCg3tvwfYMb_8L8F_muNp4gVukeNTmiDW4BAXhA== via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google date: Thu, 17 Nov 2022 22:24:03 GMT age: 1003 etag: "90a146aef85765630a5e09e46a0a8682e204bec1" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10281 Md5: 35da1192dcadc6e329a9e60c16904301 Sha1: 90a146aef85765630a5e09e46a0a8682e204bec1 Sha256: 816d1387a3a91a82f0bdaa2b703b45aa30be206d30d4dd1e8ac5deca13de57ad

URL	000000web.repl.co/
IP	34.149.204.188 (United States)
ASN	#15169 GOOGLE
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-11-17 22:40:49 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	23
urlquery alerts	17 Phishing - Galicia Phishing - Galicia
Tags	None

Overview

Domain Summary (13)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 34.149.204.188

Last 5 reports on ASN: GOOGLE

Last 5 reports on domain: 000000web.repl.co

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (8)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (43)

Overview

Domain Summary (13)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 34.149.204.188

Last 5 reports on ASN: GOOGLE

Last 5 reports on domain: 000000web.repl.co

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (8)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (43)

Network Intrusion Detection Systems