Overview

URL vlidainfobanc.winuserfonbanco.repl.co/
IP34.149.204.188
ASNGOOGLE
Location United States
Report completed2022-09-26 09:08:03 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish
Scan Date Severity Indicator Comment
2022-09-25 2 vlidainfobanc.winuserfonbanco.repl.co/ Bancolombia
2022-09-25 2 vlidainfobanc.winuserfonbanco.repl.co/ Bancolombia
2022-09-25 2 vlidainfobanc.winuserfonbanco.repl.co/ Bancolombia
2022-09-25 2 vlidainfobanc.winuserfonbanco.repl.co/ Bancolombia
2022-09-25 2 vlidainfobanc.winuserfonbanco.repl.co/ Bancolombia
2022-09-25 2 vlidainfobanc.winuserfonbanco.repl.co/ Bancolombia
2022-09-25 2 vlidainfobanc.winuserfonbanco.repl.co/ Bancolombia
2022-09-25 2 vlidainfobanc.winuserfonbanco.repl.co/ Bancolombia
2022-09-25 2 vlidainfobanc.winuserfonbanco.repl.co/ Bancolombia
2022-09-25 2 vlidainfobanc.winuserfonbanco.repl.co/ Bancolombia
2022-09-25 2 vlidainfobanc.winuserfonbanco.repl.co/ Bancolombia
2022-09-25 2 vlidainfobanc.winuserfonbanco.repl.co/ Bancolombia
2022-09-25 2 vlidainfobanc.winuserfonbanco.repl.co/ Bancolombia
2022-09-25 2 vlidainfobanc.winuserfonbanco.repl.co/ Bancolombia
2022-09-25 2 vlidainfobanc.winuserfonbanco.repl.co/ Bancolombia
2022-09-25 2 vlidainfobanc.winuserfonbanco.repl.co/ Bancolombia
2022-09-25 2 vlidainfobanc.winuserfonbanco.repl.co/ Bancolombia
2022-09-25 2 vlidainfobanc.winuserfonbanco.repl.co/ Bancolombia
2022-09-25 2 vlidainfobanc.winuserfonbanco.repl.co/ Bancolombia
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-26 2 vlidainfobanc.winuserfonbanco.repl.co/ Phishing
2022-09-26 2 vlidainfobanc.winuserfonbanco.repl.co/js/jquery-1.10.1.js.descarga Phishing
2022-09-26 2 vlidainfobanc.winuserfonbanco.repl.co/js/sax.js Phishing
2022-09-26 2 vlidainfobanc.winuserfonbanco.repl.co/js/jquery.validate-1.11.1.js.descarga Phishing
2022-09-26 2 vlidainfobanc.winuserfonbanco.repl.co/js/bootstrap.js.descarga Phishing
2022-09-26 2 vlidainfobanc.winuserfonbanco.repl.co/js/bluebird.min.js.descarga Phishing
2022-09-26 2 vlidainfobanc.winuserfonbanco.repl.co/js/jquery-ui.js.descarga Phishing
2022-09-26 2 vlidainfobanc.winuserfonbanco.repl.co/login_SVP_BC_zonaA.html Phishing
2022-09-26 2 vlidainfobanc.winuserfonbanco.repl.co/img/logo.svg Phishing
2022-09-26 2 vlidainfobanc.winuserfonbanco.repl.co/css/OpenSans-Regular.ttf Phishing
2022-09-26 2 vlidainfobanc.winuserfonbanco.repl.co/css/CIBFontSans-Light.ttf Phishing
2022-09-26 2 vlidainfobanc.winuserfonbanco.repl.co/css/icon_font_bc.ttf?61jkgi Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (13)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-26 04:51:20 UTC 143.204.55.35
mnemonic passive DNS r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-09-26 04:35:11 UTC 23.36.76.226
mnemonic passive DNS vlidainfobanc.winuserfonbanco.repl.co (19) 0 2022-09-25 18:21:19 UTC 2022-09-26 03:35:14 UTC 34.149.204.188 Unknown ranking
mnemonic passive DNS ocsp.pki.goog (4) 175 2017-06-14 07:23:31 UTC 2022-09-26 04:12:35 UTC 142.250.74.3
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-09-26 04:12:21 UTC 93.184.220.29
mnemonic passive DNS ipinfo.io (1) 8136 2015-02-06 06:58:53 UTC 2022-09-26 01:55:29 UTC 34.117.59.81
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-26 04:11:51 UTC 34.120.237.76
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-26 04:26:56 UTC 143.204.55.49
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-26 04:28:07 UTC 34.117.237.239
mnemonic passive DNS ajax.googleapis.com (1) 12905 2014-10-18 20:16:48 UTC 2022-09-26 06:39:49 UTC 142.250.74.42
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-26 05:45:55 UTC 52.38.146.2
mnemonic passive DNS ocsp.sectigo.com (1) 487 2018-12-17 11:31:55 UTC 2022-09-26 04:57:46 UTC 172.64.155.188
mnemonic passive DNS api.ipify.org (1) 3267 2014-10-27 13:09:35 UTC 2022-09-25 05:28:22 UTC 54.91.59.199


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 34.149.204.188

Date UQ / IDS / BL URL IP
2022-12-09 13:23:33 +0000
0 - 0 - 3 infoseguridad.nacion1.repl.co/xzlaveco/login.php 34.149.204.188
2022-12-09 13:23:15 +0000
0 - 0 - 3 infoseguridad.nacion1.repl.co/ 34.149.204.188
2022-12-09 12:45:18 +0000
0 - 0 - 6 pyinthehouse.staccato22.repl.co/ 34.149.204.188
2022-12-09 12:16:52 +0000
0 - 0 - 32 cuentasegura002.movilseguro.repl.co/ 34.149.204.188
2022-12-09 08:31:46 +0000
0 - 0 - 5 contestoweb.com/ 34.149.204.188

Last 5 reports on ASN: GOOGLE

Date UQ / IDS / BL URL IP
2022-12-09 19:12:14 +0000
0 - 0 - 3 yspics.blogspot.nl/2012/08/blog-post_6163.html 172.217.21.161
2022-12-09 19:10:31 +0000
0 - 0 - 2 frentecomuncubano.blogspot.com/search/label/P (...) 172.217.21.161
2022-12-09 18:58:59 +0000
0 - 0 - 3 35.227.234.222/2/PU_BE_SB_DT_KINDRED_DUTCH_2 35.227.234.222
2022-12-09 18:58:39 +0000
0 - 0 - 4 slimauto-blhonbkub.blogspot.com/ 142.250.74.33
2022-12-09 18:56:17 +0000
0 - 0 - 0 ibx2.net/ibx/rd2/ce9nmchds03pfi46vr10/?x2=wwo (...) 34.111.8.32

Last 1 reports on domain: winuserfonbanco.repl.co

Date UQ / IDS / BL URL IP
2022-09-26 09:08:03 +0000
0 - 0 - 31 vlidainfobanc.winuserfonbanco.repl.co/ 34.149.204.188

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-11-22 02:23:30 +0000
19 - 0 - 0 officialburlywoodlifecycle.agdf262asdfas.repl.co/ 34.149.204.188
2022-11-20 00:43:00 +0000
17 - 0 - 0 seashellpleasantbacktick.alehuofb.repl.co/ 34.149.204.188
2022-11-16 14:54:58 +0000
20 - 0 - 31 sucursalvirtualban.bancolombia928.repl.co/ 34.149.204.188
2022-11-16 14:16:18 +0000
21 - 0 - 31 bancolombiasucursalvirtualpersona.bancolombia (...) 34.149.204.188
2022-11-15 20:47:49 +0000
21 - 0 - 31 sucursalvirtualpersonas.bancolombia2227.repl.co/ 34.149.204.188


JavaScript

Executed Scripts (15)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (45)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 26 Sep 2022 08:15:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1WRRhs-EysKc-GKuzTy5Ba6tuw-kMp7OetxVvXxmqysinkjMXM9eEg==
Age: 3154


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.49
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Sep 2022 04:35:16 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 5IXBZ5aZVfqd4MPh_V-uHnW0ZrpjZPoTxo5hDDfJ_HtvHiOXDwsy8g==
age: 16358
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9561
Expires: Mon, 26 Sep 2022 11:47:14 GMT
Date: Mon, 26 Sep 2022 09:07:53 GMT
Connection: keep-alive

                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Mon, 26 Sep 2022 09:07:53 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D1B6624C1D5BEF8203C16673DFDE9E5E451E4782D11F22990636C6BC5E8FF00A"
Last-Modified: Sun, 25 Sep 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20008
Expires: Mon, 26 Sep 2022 14:41:21 GMT
Date: Mon, 26 Sep 2022 09:07:53 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: vlidainfobanc.winuserfonbanco.repl.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         34.149.204.188
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Mon, 26 Sep 2022 09:07:53 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7709386; includeSubDomains
content-length: 15198
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (412)
Size:   15198
Md5:    9ce673485f88a7c5aa8557f9befa0a5b
Sha1:   033a8abc728623ba05f3bbe09eb911f201d7d5c7
Sha256: ba2aa33b55767eb30254012bc128baaa6e46b6b82441d4fce26b9563175c7a3f

Alerts:
  Blocklists:
    - openphish: Bancolombia
    - fortinet: Phishing
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Mon, 26 Sep 2022 08:10:46 GMT
Expires: Mon, 26 Sep 2022 08:18:04 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _BGr4J5074RYzVktxrBE3MqqUrb9kYx7i61i3jpvNV_AneKfBxDiRA==
Age: 3427


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 09:07:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vlidainfobanc.winuserfonbanco.repl.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.42
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 13:30:59 GMT
expires: Fri, 22 Sep 2023 13:30:59 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 329814
last-modified: Fri, 08 May 2020 07:05:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   31021
Md5:    903bc7a7e510f87aa5d0201eb59a0832
Sha1:   ac9aa4dd94cde1bcba9037e94087138b127e41fc
Sha256: 41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 09:07:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1176
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 09:07:53 GMT
Last-Modified: Mon, 26 Sep 2022 08:48:17 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /css/styles.css HTTP/1.1 
Host: vlidainfobanc.winuserfonbanco.repl.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vlidainfobanc.winuserfonbanco.repl.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         34.149.204.188
HTTP/2 200 OK
content-type: text/css; charset=UTF-8
                                        
date: Mon, 26 Sep 2022 09:07:53 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7709386; includeSubDomains
content-length: 107183
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (360)
Size:   107183
Md5:    6294f17112e15fd32e7de5b41c38d820
Sha1:   395091333aa8b811e38558065dffe38c8ae89455
Sha256: e7d6f96db1d2dc802487291efac1742134517cdf56a7121ab0dd38dbe3a2195d

Alerts:
  Blocklists:
    - openphish: Bancolombia
                                        
                                            GET /js/jquery-1.10.1.js.descarga HTTP/1.1 
Host: vlidainfobanc.winuserfonbanco.repl.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vlidainfobanc.winuserfonbanco.repl.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         34.149.204.188
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
date: Mon, 26 Sep 2022 09:07:53 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7709386; includeSubDomains
content-length: 145858
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1618)
Size:   145858
Md5:    43ab7751f1e8455471908c97a5977a6a
Sha1:   84ac89e3f5529b2a8f45032bd421d192b6b466ed
Sha256: 751bcbcd434089a9b12e9339a1891607ee99659ae3a674a6709e9a74dab21cd1

Alerts:
  Blocklists:
    - openphish: Bancolombia
    - fortinet: Phishing
                                        
                                            GET /js/sax.js HTTP/1.1 
Host: vlidainfobanc.winuserfonbanco.repl.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vlidainfobanc.winuserfonbanco.repl.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         34.149.204.188
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Mon, 26 Sep 2022 09:07:53 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7709386; includeSubDomains
content-length: 1056
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   1056
Md5:    768c49e5ed143bfd1a962623cfd7f996
Sha1:   4a883ca5e681801db7064a53d9391d0b348fd0d9
Sha256: 6f8f1c90c2a46da51875f3ab89194adfbe441281b2c5af2570d9c9ca6f3804d7

Alerts:
  Blocklists:
    - openphish: Bancolombia
    - fortinet: Phishing
                                        
                                            GET /css/ui.css HTTP/1.1 
Host: vlidainfobanc.winuserfonbanco.repl.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vlidainfobanc.winuserfonbanco.repl.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         34.149.204.188
HTTP/2 200 OK
content-type: text/css; charset=UTF-8
                                        
date: Mon, 26 Sep 2022 09:07:53 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7709386; includeSubDomains
content-length: 13483
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   13483
Md5:    fc4114c8fc5f70052eb79403116ba4c1
Sha1:   803d15f0eeb878417048c8fc28db4c53bec0f2ed
Sha256: 0265a31c7bea01a32328e09245aad8cf38ba3316a13e93080697b35e338f35b4

Alerts:
  Blocklists:
    - openphish: Bancolombia
                                        
                                            GET /css/bootstrap.css HTTP/1.1 
Host: vlidainfobanc.winuserfonbanco.repl.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vlidainfobanc.winuserfonbanco.repl.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         34.149.204.188
HTTP/2 200 OK
content-type: text/css; charset=UTF-8
                                        
date: Mon, 26 Sep 2022 09:07:53 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7709386; includeSubDomains
content-length: 121294
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  assembler source, ASCII text, with very long lines (540)
Size:   121294
Md5:    7fd1c4d3b601350f212dfa209134f45c
Sha1:   06a81c158674832ff7b0a377f83d48360a6c3dcf
Sha256: 40bbcf961798bbca588379db5479b0f1ca48f252e37c7b1c255736849859eb9a

Alerts:
  Blocklists:
    - openphish: Bancolombia
                                        
                                            GET /js/jquery.validate-1.11.1.js.descarga HTTP/1.1 
Host: vlidainfobanc.winuserfonbanco.repl.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vlidainfobanc.winuserfonbanco.repl.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         34.149.204.188
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
date: Mon, 26 Sep 2022 09:07:53 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7709386; includeSubDomains
content-length: 26459
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2795)
Size:   26459
Md5:    ea15990a79091cfec6b371194c3d26dc
Sha1:   a5790e56d3ea1fb17ccc4d069dbba0781b35f055
Sha256: 23df149b107329b3e406b0f70b5e1bdf2455f7f4ee4e90b00e0dbfcf773e98a1

Alerts:
  Blocklists:
    - openphish: Bancolombia
    - fortinet: Phishing
                                        
                                            GET /css/jquery-ui.css HTTP/1.1 
Host: vlidainfobanc.winuserfonbanco.repl.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vlidainfobanc.winuserfonbanco.repl.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         34.149.204.188
HTTP/2 200 OK
content-type: text/css; charset=UTF-8
                                        
date: Mon, 26 Sep 2022 09:07:53 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7709386; includeSubDomains
content-length: 31880
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1363)
Size:   31880
Md5:    2b936d08a6d742e862a089716f02d90d
Sha1:   6afd4058ec593fbca3c56a423c24a3c47eb87171
Sha256: c9eeb55f7cf16683b871600ce998b61b1031629097be96069d5741f33adaf6d1

Alerts:
  Blocklists:
    - openphish: Bancolombia
                                        
                                            GET /js/bootstrap.js.descarga HTTP/1.1 
Host: vlidainfobanc.winuserfonbanco.repl.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vlidainfobanc.winuserfonbanco.repl.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         34.149.204.188
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
date: Mon, 26 Sep 2022 09:07:53 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7709386; includeSubDomains
content-length: 36250
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (415)
Size:   36250
Md5:    ac685232d37fd9ea8e5adec8ea2964e0
Sha1:   4a60cb8af1fc731ef2f578773ae67aaaac959a7f
Sha256: a678fbd5d6c7dbad7ec89b486ad1baf3323296c8dde801141955969fe5026a73

Alerts:
  Blocklists:
    - openphish: Bancolombia
    - fortinet: Phishing
                                        
                                            GET /js/bluebird.min.js.descarga HTTP/1.1 
Host: vlidainfobanc.winuserfonbanco.repl.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vlidainfobanc.winuserfonbanco.repl.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         34.149.204.188
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
date: Mon, 26 Sep 2022 09:07:53 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7709386; includeSubDomains
content-length: 79546
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32137), with escape sequences
Size:   79546
Md5:    5f381fc63d93a438adaca9c43041efb6
Sha1:   3d186ac6d244691754303d3153839bf42b57f7d1
Sha256: fe5edd66777d896e48c3d3f6427ff48210727850ca9c870f7780d3a6d0da2b6d

Alerts:
  Blocklists:
    - openphish: Bancolombia
    - fortinet: Phishing
                                        
                                            GET /js/jquery-ui.js.descarga HTTP/1.1 
Host: vlidainfobanc.winuserfonbanco.repl.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vlidainfobanc.winuserfonbanco.repl.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         34.149.204.188
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
date: Mon, 26 Sep 2022 09:07:53 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7709386; includeSubDomains
content-length: 228478
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32555)
Size:   228478
Md5:    12a65fcb49c314e8dbbcf8d090d26b8a
Sha1:   679dc5cc110ee2c7b083cf52541544c01efea018
Sha256: 8072615124c5bc2634fdecc09485c8b645c78ea27c212c3d61b80c26112bdcb8

Alerts:
  Blocklists:
    - openphish: Bancolombia
    - fortinet: Phishing
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: JajDKnuoudQhEAggdlV7iA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.38.146.2
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 4HIvtah2fnnuinIsgydp/CAlQuo=

                                        
                                            GET /login_SVP_BC_zonaA.html HTTP/1.1 
Host: vlidainfobanc.winuserfonbanco.repl.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vlidainfobanc.winuserfonbanco.repl.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         34.149.204.188
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Mon, 26 Sep 2022 09:07:54 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7709385; includeSubDomains
content-length: 249
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   249
Md5:    d0a1f34c3f8293fad9b7e17979426429
Sha1:   a5103466544c36f3afea8c76d10a332f54c9d217
Sha256: 9e9d9a915dbcbc56387a8cccd4e33a8b52ab110d1d3c5e91b194aadaff9b88e8

Alerts:
  Blocklists:
    - openphish: Bancolombia
    - fortinet: Phishing
                                        
                                            GET /img/logo.svg HTTP/1.1 
Host: vlidainfobanc.winuserfonbanco.repl.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vlidainfobanc.winuserfonbanco.repl.co/css/styles.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         34.149.204.188
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Mon, 26 Sep 2022 09:07:54 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7709385; includeSubDomains
content-length: 7020
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (667)
Size:   7020
Md5:    c049dccd21049cb237daabdb645ec648
Sha1:   e29af3f65a8312efd3ea4c3b66d4bd86657dde1b
Sha256: 2c7a6ea74a49a6adc3fad622078895e9b2589448214913d8c035764148aca7d0

Alerts:
  Blocklists:
    - openphish: Bancolombia
    - fortinet: Phishing
                                        
                                            GET /img/icon-user.png HTTP/1.1 
Host: vlidainfobanc.winuserfonbanco.repl.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vlidainfobanc.winuserfonbanco.repl.co/css/styles.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         34.149.204.188
HTTP/2 200 OK
content-type: image/png
                                        
date: Mon, 26 Sep 2022 09:07:54 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7709385; includeSubDomains
content-length: 447
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced\012- data
Size:   447
Md5:    0e3457ed5ea858d1e9287ef66dcbbfe4
Sha1:   006c99b62e141ebbc69f6e06cab757995d3f7417
Sha256: 75d5b455151a3b1a0a5b100041fee37de2daa0b41d1d177deaa863177c5b5b83

Alerts:
  Blocklists:
    - openphish: Bancolombia
                                        
                                            GET /css/OpenSans-Regular.ttf HTTP/1.1 
Host: vlidainfobanc.winuserfonbanco.repl.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vlidainfobanc.winuserfonbanco.repl.co/css/styles.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         34.149.204.188
HTTP/2 200 OK
content-type: font/ttf
                                        
date: Mon, 26 Sep 2022 09:07:54 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7709385; includeSubDomains
content-length: 217276
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  TrueType Font data, digitally signed, 19 tables, 1st "DSIG", 26 names, Macintosh, Digitized data copyright \251 2010-2011, Google Corporation.Open SansRegular1.10;1ASC;OpenSans-R\012- data
Size:   217276
Md5:    d7d5d4588a9f50c99264bc12e4892a7c
Sha1:   513966e260bb7610d47b2329dba194143831893e
Sha256: 13c03e22a633919beb2847c58c8285fb8a735ee97097d7c48fd403f8294b05f8

Alerts:
  Blocklists:
    - openphish: Bancolombia
    - fortinet: Phishing
                                        
                                            GET /css/CIBFontSans-Light.ttf HTTP/1.1 
Host: vlidainfobanc.winuserfonbanco.repl.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vlidainfobanc.winuserfonbanco.repl.co/css/styles.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         34.149.204.188
HTTP/2 200 OK
content-type: font/ttf
                                        
date: Mon, 26 Sep 2022 09:07:54 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7709385; includeSubDomains
content-length: 110612
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  TrueType Font data, digitally signed, 18 tables, 1st "DSIG", 33 names, Macintosh, Copyright (c) 2019 by Vasava Studio. All rights reserved.\011CIBFont SansLight1.300;UKWN;CIBFont\012- data
Size:   110612
Md5:    69096387df83ff65381f8ee25006b0aa
Sha1:   89689ed7f7547a3815d9fa2d0a2c11513480086e
Sha256: decf1c3cb09b3e38d867e0d5cf648220584404c9cf8d18a6c51bdfa2af5047cc

Alerts:
  Blocklists:
    - openphish: Bancolombia
    - fortinet: Phishing
                                        
                                            GET /css/icon_font_bc.ttf?61jkgi HTTP/1.1 
Host: vlidainfobanc.winuserfonbanco.repl.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vlidainfobanc.winuserfonbanco.repl.co/css/styles.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         34.149.204.188
HTTP/2 200 OK
content-type: font/ttf
                                        
date: Mon, 26 Sep 2022 09:07:54 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7709385; includeSubDomains
content-length: 31976
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icon_font_bc\012- data
Size:   31976
Md5:    8c9559a3d94688605d1d5e1cf68d5ae0
Sha1:   5c2b8fb865aefcc42f119542faa12bcaeaefbb3a
Sha256: ad0f43b7fd52d2f1574ba930c85ce401f95d69e21ad997ffe8e7ad98fec2ffda

Alerts:
  Blocklists:
    - openphish: Bancolombia
    - fortinet: Phishing
                                        
                                            POST /s/gts1d4/5QlTZKzjgCw HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 09:07:54 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /img/imgPublicidad.png HTTP/1.1 
Host: vlidainfobanc.winuserfonbanco.repl.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vlidainfobanc.winuserfonbanco.repl.co/login_SVP_BC_zonaA.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         34.149.204.188
HTTP/2 200 OK
content-type: image/png
                                        
date: Mon, 26 Sep 2022 09:07:54 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7709385; includeSubDomains
content-length: 48266
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 627 x 327, 8-bit colormap, non-interlaced\012- data
Size:   48266
Md5:    855d465dd78b97b629cb716e2249b0af
Sha1:   32839205ed2ec2901b5a0ebcc6560774ad10114d
Sha256: d02b76ee6198664bc9217a1bd9e08541a05ff4ce35509c1b15130c84bd391edd

Alerts:
  Blocklists:
    - openphish: Bancolombia
                                        
                                            GET /img/favicon.ico HTTP/1.1 
Host: vlidainfobanc.winuserfonbanco.repl.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vlidainfobanc.winuserfonbanco.repl.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         34.149.204.188
HTTP/2 200 OK
content-type: image/x-icon
                                        
date: Mon, 26 Sep 2022 09:07:54 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=7709385; includeSubDomains
content-length: 4286
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Size:   4286
Md5:    ffa4717e6a1e77411c637682fafb79d2
Sha1:   05bdd644d747fedee3bf37fe38facd6a66263468
Sha256: a7e42a9339ffbd5cad9f2d63bbd050fc3c518219117b7852153c165e246eb406

Alerts:
  Blocklists:
    - openphish: Bancolombia
                                        
                                            POST /s/gts1d4/5QlTZKzjgCw HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 09:07:54 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 09:07:55 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 25 Sep 2022 09:46:09 GMT
Expires: Sun, 02 Oct 2022 09:46:08 GMT
Etag: "defbd633a54f929ea0ab343e754904a8c126f544"
Cache-Control: max-age=520092,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750ada198e920b3d-OSL

                                        
                                            GET /?format=json HTTP/1.1 
Host: api.ipify.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vlidainfobanc.winuserfonbanco.repl.co
Connection: keep-alive
Referer: https://vlidainfobanc.winuserfonbanco.repl.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.91.59.199
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Server: Cowboy
Connection: keep-alive
Access-Control-Allow-Origin: https://vlidainfobanc.winuserfonbanco.repl.co
Vary: Origin
Date: Mon, 26 Sep 2022 09:07:55 GMT
Content-Length: 21
Via: 1.1 vegur


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   21
Md5:    7d69c71af0f191e9a72db6153f8018d1
Sha1:   f67c5f2887bc05654b47f76e9621e53a4091aed1
Sha256: 5bac6e06cf0e1ad38c55f9f9d12122272bf4b8157877629fe68cd33fe2133c65
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12837
Expires: Mon, 26 Sep 2022 12:41:52 GMT
Date: Mon, 26 Sep 2022 09:07:55 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12837
Expires: Mon, 26 Sep 2022 12:41:52 GMT
Date: Mon, 26 Sep 2022 09:07:55 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: ipinfo.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vlidainfobanc.winuserfonbanco.repl.co
Connection: keep-alive
Referer: https://vlidainfobanc.winuserfonbanco.repl.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.59.81
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
date: Mon, 26 Sep 2022 09:07:54 GMT
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12837
Expires: Mon, 26 Sep 2022 12:41:52 GMT
Date: Mon, 26 Sep 2022 09:07:55 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12837
Expires: Mon, 26 Sep 2022 12:41:52 GMT
Date: Mon, 26 Sep 2022 09:07:55 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12826
x-amzn-requestid: f075cf62-acfc-4bc1-be14-7c3dafb7aaed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRNFP-oAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf3a-184b678042d64ac9266b1128;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rN_8rm10Pxb0AUKW6ECfNulcYxBaS7FgGD15gT14dX-FlsGJfqahxA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:37:35 GMT
age: 41420
etag: "b6d56333d7f1ea7ddc8838d84de498ff913c5464"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 3-257, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 241253891388563521536.000000\012- data
Size:   12826
Md5:    b3a72e81317074689a71dac7059e4b6a
Sha1:   b6d56333d7f1ea7ddc8838d84de498ff913c5464
Sha256: e665a8821b5e7b2e78787647a08d629bf70cbf4cbfee2057c8601cf0565154a1
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3689ec8-63b4-42ae-b7d5-a9b4b63af788.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5980
x-amzn-requestid: fbf0c390-da24-49e2-8492-43e29e5d4bb3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCTHCGJVoAMFgxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cbc6-1f9b1b7d63467c58702e6d7e;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:44:38 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Iy0oyFx_T6CEuOQckEzvUQOUo307Jm_OgJzomWlMz9BhgD3eOaysdA==
via: 1.1 ec2a2c75c16156e4d43504606c118b90.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:48:52 GMT
age: 40743
etag: "12aac1bd22e675f09a220de08b4656e801c2e647"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5980
Md5:    ef17205adb2b478d3bff54b048208d22
Sha1:   12aac1bd22e675f09a220de08b4656e801c2e647
Sha256: 620fe39cf421ed3a21e968570f7e863d69224113be867ec2457ed3850ea113f6
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8703b7f0-bb10-4a43-a50f-a8a5c8857499.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10045
x-amzn-requestid: a01e6cef-fe8f-498c-aa68-2603a66b1121
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSvwHPwoAMF7pw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cb31-1a4405e54c54eccb4f0846a2;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:42:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: wSP8BShuQVtS8IAsX0iih-Du6JSFbzSFB3gQZwpugD51A6xWTD3PpA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:48:52 GMT
age: 40743
etag: "c529507a70247c7e03c849c3ff45f93eada6f0c4"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10045
Md5:    38f828e3aa86057cc3b686ca9d4accc5
Sha1:   c529507a70247c7e03c849c3ff45f93eada6f0c4
Sha256: 76016d51352ff6a8372b92206119d88747600874ecee5315573ca4e539e03c6f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20fede81-e065-476d-b8c9-466c4d80f419.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7998
x-amzn-requestid: beedf4d8-29c0-43c6-92d0-40af6b9ee9f9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCTibE5LoAMFXLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cc75-1be97f2a525b9a5e3146d4be;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:47:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: i8BwIohBNqfEavPXBqSWshg7G-WF9UkBBScnDcyH4qEYV9TzreLXWA==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:03:29 GMT
age: 39866
etag: "5c4ee294c98e8fc9312a7d481b6ec165494cf852"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7998
Md5:    27d324b1fb661c318aced98468501b3c
Sha1:   5c4ee294c98e8fc9312a7d481b6ec165494cf852
Sha256: 937296b5da48df0495ebd0cb3509b7c00059725c00c5b97f475ba2382a0e5437
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4e46522-27ca-4a21-a138-a7bdaf6c55b5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6443
x-amzn-requestid: b6f3be01-6086-4fc1-8bec-c4caa1fe806c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSKMG04IAMFRxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330ca41-5452d1805d3f4d71303142c9;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:38:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: tx-lL61dT3iakJd8VZw31hzMklubUDBQxE6LBhxsJUqyMM0bqCk73g==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:28:23 GMT
age: 38372
etag: "36310320605833289e78cd248c45915363a0a0c3"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6443
Md5:    3a75be68e82e6a0ba74932fbe74c7b30
Sha1:   36310320605833289e78cd248c45915363a0a0c3
Sha256: 56d709b77802037254b7922e3f85d1b1652b70dfc4b6c65b03e4149d3b1f22ca
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2719e8b8-4e41-4309-8ca2-8780fbed9e48.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 15624
x-amzn-requestid: 966db920-27f5-496f-8aea-4e0628e6dc7e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSlhF3xIAMFzaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330caef-1f62801d573715e14518564c;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:41:04 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: LH8Nx22zSbIDy8OoiC6xx7Mxfz6je1pmA2u9tqsLTtCiAyvjyVnq0g==
via: 1.1 e124ba8d7ba1d81e2fdc59ac89f11b70.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:07:18 GMT
age: 39637
etag: "5df91bc07da358644dc16e12f509ee364ec17bcb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   15624
Md5:    1823d1bb11ceec44419af17b32275cb5
Sha1:   5df91bc07da358644dc16e12f509ee364ec17bcb
Sha256: f7aa5f13f0d469d4ffe569b2c21cb599a9c70c490caa31e0e83c36fe2dd49a8b