r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7af19a5145a4ee99bdf18831bad04bfd
7bdd2a4785b999ef54a2644211d2b2b7190fb8e1
3237bf0111ecdec3615c4d2d49a602f48f800335d0194f52b600bdaefbd63ed0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3237BF0111ECDEC3615C4D2D49A602F48F800335D0194F52B600BDAEFBD63ED0"
Last-Modified: Thu, 30 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5558
Expires: Thu, 30 Mar 2023 14:58:52 GMT
Date: Thu, 30 Mar 2023 13:26:14 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cca063332ba9a89eadd62a8dd7f81a9b
d473b2a7a32c964599ff3bac8f98fa578f03d1d1
02fb74c7c695ad99f7f2fd7c02ae2b88e2da1c5db339f883333d9090291931dc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02FB74C7C695AD99F7F2FD7C02AE2B88E2DA1C5DB339F883333D9090291931DC"
Last-Modified: Wed, 29 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6413
Expires: Thu, 30 Mar 2023 15:13:07 GMT
Date: Thu, 30 Mar 2023 13:26:14 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 76218c893040d958ae1c4231cdd2133c
6a7b336dee91d4aec26ace0a5883ecdfac52e68f
d35492b04d16ed00e9e195e7c84c99aa6a2b8a93abeb656baae0918986f0a7e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D35492B04D16ED00E9E195E7C84C99AA6A2B8A93ABEB656BAAE0918986F0A7E4"
Last-Modified: Wed, 29 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17572
Expires: Thu, 30 Mar 2023 18:19:06 GMT
Date: Thu, 30 Mar 2023 13:26:14 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 7f03faaba3392caae6dae54467bfdf6d
57ea1f14e8bfbcca8190c706d708c9fda12442c1
02ac551ba61fcbc6b04f244df065948b181a8a258db5c2e197aae66fdfcea8ee
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Type, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 30 Mar 2023 13:16:04 GMT
content-type: application/json
age: 610
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: qdX1Zkg0Cl7z8wtWq88/njo57PGYYrfBm25f7aHjE/g+RdkyIm2bZg5J2UpyqUPiq6pYZKSwpOazHSN9pg3vZA==
x-amz-request-id: 3X9Y361V96KAVZB7
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 30 Mar 2023 12:33:40 GMT
age: 3154
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
www.oxi50.com.co/xtl/bas3-x.php
200 OK 2.6 kB URL HTTP/1.1 www.oxi50.com.co/xtl/bas3-x.php
IP
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4356), with CRLF line terminators
Hash 814b8bf39d24849378b3260b8c03105e
f132874f9f660a9862757e49ae57f45a35c80c40
f4bd09c936e742303ebcb9edee0d691ea1027661e916cd5123d1063eaed03c7a
Analyzer Verdict Alert openphish Microsoft OneDrive
fortinet Phishing
NIDS Severity Alert suricata low ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1
suricata low ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1
suricata low ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1
GET /xtl/bas3-x.php HTTP/1.1
Host: www.oxi50.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 13:26:14 GMT
Server: Apache/2.4.29 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2566
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 30 Mar 2023 13:26:14 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.oxi50.com.co/xtl/js/query-3.1.1.min.js
404 Not Found 278 B URL HTTP/1.1 www.oxi50.com.co/xtl/js/query-3.1.1.min.js
IP
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 5a846c6e070b9d5929ba91f8d8e30225
273d5c6e83e2b71c2b8257e945dd17fed0267c5c
59e603cb8fa9854cc624344f8a5f4a8f47f012ca28dcd1bbb330410d1e52d8ff
Analyzer Verdict Alert fortinet Phishing
GET /xtl/js/query-3.1.1.min.js HTTP/1.1
Host: www.oxi50.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.oxi50.com.co/xtl/bas3-x.php
HTTP/1.1 404 Not Found
Date: Thu, 30 Mar 2023 13:26:14 GMT
Server: Apache/2.4.29 (Ubuntu)
Content-Length: 278
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.oxi50.com.co/xtl/js/umd/popper.min.js
404 Not Found 278 B URL HTTP/1.1 www.oxi50.com.co/xtl/js/umd/popper.min.js
IP
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 5a846c6e070b9d5929ba91f8d8e30225
273d5c6e83e2b71c2b8257e945dd17fed0267c5c
59e603cb8fa9854cc624344f8a5f4a8f47f012ca28dcd1bbb330410d1e52d8ff
Analyzer Verdict Alert fortinet Phishing
GET /xtl/js/umd/popper.min.js HTTP/1.1
Host: www.oxi50.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.oxi50.com.co/xtl/bas3-x.php
HTTP/1.1 404 Not Found
Date: Thu, 30 Mar 2023 13:26:15 GMT
Server: Apache/2.4.29 (Ubuntu)
Content-Length: 278
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.oxi50.com.co/xtl/js/bootstrap.min.js
200 OK 13 kB URL HTTP/1.1 www.oxi50.com.co/xtl/js/bootstrap.min.js
IP
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (48664)
Hash d98cccfb9b89091fe42a0fa94083b07c
0d9a5dd0d65305186508b41ccd0075b2f6880389
9db75ee7822d0f0bea3137e023ed756f6f47922700ebfae6dc8707471380526b
Analyzer Verdict Alert fortinet Phishing
GET /xtl/js/bootstrap.min.js HTTP/1.1
Host: www.oxi50.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.oxi50.com.co/xtl/bas3-x.php
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 13:26:15 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sun, 12 Mar 2023 21:27:06 GMT
ETag: "bf30-5f6baa7f8be80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 13105
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ab61862f016dea85f8aa55e59369d905
a5e81f13052b9e9184caf05a9740c345a40d1f22
e0d580c313088d524a5338e63e4acf9f3f3cb45a54f2528c5d1c4915d71b255b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E0D580C313088D524A5338E63E4ACF9F3F3CB45A54F2528C5D1C4915D71B255B"
Last-Modified: Thu, 30 Mar 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3002
Expires: Thu, 30 Mar 2023 14:16:17 GMT
Date: Thu, 30 Mar 2023 13:26:15 GMT
Connection: keep-alive
www.oxi50.com.co/xtl/js/jquery-3.2.1.slim.min.js
200 OK 24 kB URL HTTP/1.1 www.oxi50.com.co/xtl/js/jquery-3.2.1.slim.min.js
IP
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (32012)
Hash dc0bf00aeb1a779f32f19afff9b4cf3d
7c8e4975083d5c441cfb378e8b0dc06f225ec40e
266c0d20858896958f814f393ec8c8a032d02db4cdeb601c68566dc7f3bd1366
Analyzer Verdict Alert fortinet Phishing
GET /xtl/js/jquery-3.2.1.slim.min.js HTTP/1.1
Host: www.oxi50.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.oxi50.com.co/xtl/bas3-x.php
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 13:26:15 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sun, 12 Mar 2023 21:27:38 GMT
ETag: "10fdd-5f6baa9e10680-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 23898
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
www.oxi50.com.co/xtl/js/jquery.min.js
200 OK 30 kB URL HTTP/1.1 www.oxi50.com.co/xtl/js/jquery.min.js
IP
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (32065)
Hash 6dbec7b4e518958353337d8d21b5fda3
e9f54533f95314c6e30d659fc970051eb15451f5
03878c0bca35ec2a9f240eb0bcad7596f9d4549bc4efc5e18436ea4fb14acad3
Analyzer Verdict Alert fortinet Phishing
GET /xtl/js/jquery.min.js HTTP/1.1
Host: www.oxi50.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.oxi50.com.co/xtl/bas3-x.php
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 13:26:14 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sun, 12 Mar 2023 21:28:26 GMT
ETag: "14e4a-5f6baacbd7280-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 29822
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
www.oxi50.com.co/xtl/js/585b051251.js
200 OK 4.0 kB URL HTTP/1.1 www.oxi50.com.co/xtl/js/585b051251.js
IP
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (10598)
Hash d9132561d4743c45cab7051950cd90b5
3f8f1c37f075018d2f83975be7522e362bda44a1
3dfab2270f88923535cf2a61e225a43564a9a92a7585ae044f9de6aea8a8aa00
Analyzer Verdict Alert fortinet Phishing
GET /xtl/js/585b051251.js HTTP/1.1
Host: www.oxi50.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.oxi50.com.co/xtl/bas3-x.php
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 13:26:15 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Tue, 21 Mar 2023 13:41:10 GMT
ETag: "2b16-5f769323c6980-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4019
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Backoff, Last-Modified, Alert, Content-Length, Pragma, Cache-Control, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 30 Mar 2023 13:17:26 GMT
age: 529
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.oxi50.com.co/xtl/css/bootstrap.min.css
200 OK 21 kB URL HTTP/1.1 www.oxi50.com.co/xtl/css/bootstrap.min.css
IP
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (65325)
Hash ba8944a1bc1f34593e69ebc891c12426
a30a994228bf594d1dda6754fff0e9a69efe8026
9340ba11edb902965c4418b16c657856bae3308705da60a5db551a16dee552f0
GET /xtl/css/bootstrap.min.css HTTP/1.1
Host: www.oxi50.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.oxi50.com.co/xtl/bas3-x.php
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 13:26:15 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sun, 12 Mar 2023 21:27:20 GMT
ETag: "235ed-5f6baa8ce5e00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 20560
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.oxi50.com.co/xtl/js/jquery-3.3.1.js
200 OK 81 kB URL HTTP/1.1 www.oxi50.com.co/xtl/js/jquery-3.3.1.js
IP
ASN #14061 DIGITALOCEAN-ASN
Hash d83f7ae2a4c7a54c51f0c8115be3693c
20ce0dc0fd5ad1e8d7e63fe2e82f768d114d6d28
f46031fa942d4bca7817bd272c34f183105972324aecf6e749d9b2c21755261e
Analyzer Verdict Alert fortinet Phishing
GET /xtl/js/jquery-3.3.1.js HTTP/1.1
Host: www.oxi50.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.oxi50.com.co/xtl/bas3-x.php
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 13:26:15 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sun, 12 Mar 2023 21:27:30 GMT
ETag: "42587-5f6baa966f480-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FdmD7BlQ8ZIX5D6iTfcOHg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Jp9fSwILf52cSWGZRabNOQyzZNQ=
Date: Thu, 30 Mar 2023 13:26:15 GMT
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.oxi50.com.co/xtl/js/query-3.1.1.min.js
404 Not Found 278 B URL HTTP/1.1 www.oxi50.com.co/xtl/js/query-3.1.1.min.js
IP
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 5a846c6e070b9d5929ba91f8d8e30225
273d5c6e83e2b71c2b8257e945dd17fed0267c5c
59e603cb8fa9854cc624344f8a5f4a8f47f012ca28dcd1bbb330410d1e52d8ff
Analyzer Verdict Alert fortinet Phishing
GET /xtl/js/query-3.1.1.min.js HTTP/1.1
Host: www.oxi50.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.oxi50.com.co/xtl/bas3-x.php
HTTP/1.1 404 Not Found
Date: Thu, 30 Mar 2023 13:26:15 GMT
Server: Apache/2.4.29 (Ubuntu)
Content-Length: 278
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.oxi50.com.co/xtl/bas3-x.php
200 OK 2.6 kB URL HTTP/1.1 www.oxi50.com.co/xtl/bas3-x.php
IP
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4356), with CRLF line terminators
Hash 814b8bf39d24849378b3260b8c03105e
f132874f9f660a9862757e49ae57f45a35c80c40
f4bd09c936e742303ebcb9edee0d691ea1027661e916cd5123d1063eaed03c7a
Analyzer Verdict Alert openphish Microsoft OneDrive
fortinet Phishing
NIDS Severity Alert suricata low ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1
suricata low ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1
suricata low ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1
GET /xtl/bas3-x.php HTTP/1.1
Host: www.oxi50.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.oxi50.com.co/xtl/bas3-x.php
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 13:26:15 GMT
Server: Apache/2.4.29 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2566
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
www.oxi50.com.co/xtl/img/onedrivei.jpg
200 OK 15 kB URL HTTP/1.1 www.oxi50.com.co/xtl/img/onedrivei.jpg
IP
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 300 x 189, 8-bit/color RGBA, non-interlaced\012- data
Hash 038183a1bc5dc6bffad412edfe09c2e4
06594be36a2070c11bd57b8d8fee478d893b660d
047cd04c0bf47796870a485d672f90f6b4ec54203957cd520022b46130102a46
GET /xtl/img/onedrivei.jpg HTTP/1.1
Host: www.oxi50.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.oxi50.com.co/xtl/bas3-x.php
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 13:26:15 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sun, 12 Mar 2023 21:39:12 GMT
ETag: "39b9-5f6bad33ea000"
Accept-Ranges: bytes
Content-Length: 14777
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
www.oxi50.com.co/xtl/img/X088l0D.png
200 OK 6.7 kB URL HTTP/1.1 www.oxi50.com.co/xtl/img/X088l0D.png
IP
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 190 x 187, 8-bit/color RGBA, non-interlaced\012- data
Hash c27ae9aa732191f42fbc6400aadaad64
47e0c8f1db3c9f392605fae4736029b59242c69f
8e20009cccb8d6669b5a182a8c4bd12041308470aee71e6a340f28434acc6842
GET /xtl/img/X088l0D.png HTTP/1.1
Host: www.oxi50.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.oxi50.com.co/xtl/bas3-x.php
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 13:26:15 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sun, 12 Mar 2023 21:26:30 GMT
ETag: "1a3e-5f6baa5d36d80"
Accept-Ranges: bytes
Content-Length: 6718
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
www.oxi50.com.co/xtl/img/nGnvFyB.png
200 OK 771 B URL HTTP/1.1 www.oxi50.com.co/xtl/img/nGnvFyB.png
IP
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 26 x 26, 8-bit/color RGBA, non-interlaced\012- data
Hash c3fc46c5799c76f9107504028f39190f
519096ad3f03410cf9ce3c9b9fcca6b439d97b23
57898461712a639d119bdf88b7145919dcc8956c7a271d2e4a1084b29eae6785
GET /xtl/img/nGnvFyB.png HTTP/1.1
Host: www.oxi50.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.oxi50.com.co/xtl/bas3-x.php
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 13:26:15 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sun, 12 Mar 2023 21:26:16 GMT
ETag: "303-5f6baa4fdce00"
Accept-Ranges: bytes
Content-Length: 771
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
www.oxi50.com.co/xtl/img/S8OpPkm.png
200 OK 2.5 kB URL HTTP/1.1 www.oxi50.com.co/xtl/img/S8OpPkm.png
IP
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 187 x 188, 8-bit/color RGBA, non-interlaced\012- data
Hash aa7424f2d196945c16dff98b944dff49
eba125e94eab917d7a96c8709784bb0aee9a4111
79d91df9b3aa71e68a430047436f9cbf33e3effd51e16fb569ee61e6a7036ea4
GET /xtl/img/S8OpPkm.png HTTP/1.1
Host: www.oxi50.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.oxi50.com.co/xtl/bas3-x.php
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 13:26:15 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sun, 12 Mar 2023 21:26:04 GMT
ETag: "9e3-5f6baa446b300"
Accept-Ranges: bytes
Content-Length: 2531
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
www.oxi50.com.co/xtl/js/umd/popper.min.js
404 Not Found 278 B URL HTTP/1.1 www.oxi50.com.co/xtl/js/umd/popper.min.js
IP
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 5a846c6e070b9d5929ba91f8d8e30225
273d5c6e83e2b71c2b8257e945dd17fed0267c5c
59e603cb8fa9854cc624344f8a5f4a8f47f012ca28dcd1bbb330410d1e52d8ff
Analyzer Verdict Alert fortinet Phishing
GET /xtl/js/umd/popper.min.js HTTP/1.1
Host: www.oxi50.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.oxi50.com.co/xtl/bas3-x.php
HTTP/1.1 404 Not Found
Date: Thu, 30 Mar 2023 13:26:15 GMT
Server: Apache/2.4.29 (Ubuntu)
Content-Length: 278
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.oxi50.com.co/xtl/bas3-x.php
200 OK 2.6 kB URL HTTP/1.1 www.oxi50.com.co/xtl/bas3-x.php
IP
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4356), with CRLF line terminators
Hash 814b8bf39d24849378b3260b8c03105e
f132874f9f660a9862757e49ae57f45a35c80c40
f4bd09c936e742303ebcb9edee0d691ea1027661e916cd5123d1063eaed03c7a
Analyzer Verdict Alert openphish Microsoft OneDrive
fortinet Phishing
NIDS Severity Alert suricata low ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1
suricata low ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1
suricata low ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1
GET /xtl/bas3-x.php HTTP/1.1
Host: www.oxi50.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.oxi50.com.co/xtl/bas3-x.php
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 13:26:15 GMT
Server: Apache/2.4.29 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2566
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
www.oxi50.com.co/xtl/img/FOmubyh.png
200 OK 403 kB URL HTTP/1.1 www.oxi50.com.co/xtl/img/FOmubyh.png
IP
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 1608 x 974, 8-bit/color RGBA, non-interlaced\012- data
Size 403 kB (403397 bytes)
Hash d5a6fe32cd3c481b564cb5c146f06a2b
2105a2607a5c89bcd554bace9fb1dc41bced22ce
8c2a0bafc34c3331ffd56ddfc759c7f7d98184f836a94942b7af461cff6e0afe
GET /xtl/img/FOmubyh.png HTTP/1.1
Host: www.oxi50.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.oxi50.com.co/xtl/bas3-x.php
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 13:26:15 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sun, 12 Mar 2023 21:24:40 GMT
ETag: "627c5-5f6ba9f44f600"
Accept-Ranges: bytes
Content-Length: 403397
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
www.oxi50.com.co/favicon.ico
302 Found 0 B URL HTTP/1.1 www.oxi50.com.co/favicon.ico
IP
ASN #14061 DIGITALOCEAN-ASN
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www.oxi50.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.oxi50.com.co/xtl/bas3-x.php
HTTP/1.1 302 Found
Date: Thu, 30 Mar 2023 13:26:15 GMT
Server: Apache/2.4.29 (Ubuntu)
Link: <https://oxi50.com.co/wp-json/>; rel="https://api.w.org/"
X-Redirect-By: WordPress
Location: https://oxi50.com.co/wp-content/uploads/2021/05/cropped-oxi50-2-32x32.png
Content-Length: 0
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4bfd6e8a619cfae391735d01cc120e25
00a82e978f5465a9bbb7ea7da812b98bb14f6a29
699b3d1e1846aee16def6c898344ee27378caecf61421a5a698a7cd83f6ce8ff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "699B3D1E1846AEE16DEF6C898344EE27378CAECF61421A5A698A7CD83F6CE8FF"
Last-Modified: Thu, 30 Mar 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7981
Expires: Thu, 30 Mar 2023 15:39:17 GMT
Date: Thu, 30 Mar 2023 13:26:16 GMT
Connection: keep-alive
oxi50.com.co/wp-content/uploads/2021/05/cropped-oxi50-2-32x32.png
200 OK 1.7 kB URL HTTP/1.1 oxi50.com.co/wp-content/uploads/2021/05/cropped-oxi50-2-32x32.png
IP
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 131a4bc1c8009721faddeac8bf55b01c
95501adea5dffeca5bbd002db1e8fb5dfde8206e
9ed06e5b6d49e6cc34c7ea75bb75f7aafb8f1ad47722689e3dddb1fcce0f9e2d
GET /wp-content/uploads/2021/05/cropped-oxi50-2-32x32.png HTTP/1.1
Host: oxi50.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.oxi50.com.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 13:26:16 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Thu, 27 May 2021 13:38:31 GMT
ETag: "694-5c34fdff96857"
Accept-Ranges: bytes
Content-Length: 1684
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7643
Expires: Thu, 30 Mar 2023 15:33:39 GMT
Date: Thu, 30 Mar 2023 13:26:16 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7643
Expires: Thu, 30 Mar 2023 15:33:39 GMT
Date: Thu, 30 Mar 2023 13:26:16 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7643
Expires: Thu, 30 Mar 2023 15:33:39 GMT
Date: Thu, 30 Mar 2023 13:26:16 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7643
Expires: Thu, 30 Mar 2023 15:33:39 GMT
Date: Thu, 30 Mar 2023 13:26:16 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7643
Expires: Thu, 30 Mar 2023 15:33:39 GMT
Date: Thu, 30 Mar 2023 13:26:16 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ed4a5c5-fe11-4f30-864e-2116aae51642.jpeg
200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ed4a5c5-fe11-4f30-864e-2116aae51642.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 76c71571a378e261334e5acb723634ab
f1234c280364b6fe1dcf9c6c64edadc235108c4b
97544d600ab1ae204b169c3b7ba2a74df689b6c711a003d72f0934165d8a3e25
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ed4a5c5-fe11-4f30-864e-2116aae51642.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5395
x-amzn-requestid: ff3218dc-8754-4568-8e42-0885cb7e5d06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkA0BFYNoAMF80w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424ae7f-127129cf3776a60c333d205c;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Wed, 29 Mar 2023 21:32:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: fuA8SDAQ_x_o-yVDQ8_j62FOzcHxGxc6su8QmqMl-sJFc9SImy7ucA==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 29 Mar 2023 21:55:44 GMT
age: 55832
etag: "f1234c280364b6fe1dcf9c6c64edadc235108c4b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe04d24af-eb00-4c93-ab34-7efa5a5df311.png
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe04d24af-eb00-4c93-ab34-7efa5a5df311.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2eee1403498bff1763a8bc833dfeeb41
bff603c1941f0bc9dfcd4ae51af3334ff7529be4
2dab005f05aa5142ad2d132f40a5fb2b3cad7e1c82c936808c30f060eea3846e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe04d24af-eb00-4c93-ab34-7efa5a5df311.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11548
x-amzn-requestid: 7695d327-93ba-4079-a512-6adfc7e3a2d6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkAymEfnoAMFwYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424ae76-66e22a7d1d7cad675b9cdf27;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Wed, 29 Mar 2023 21:32:38 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: YDfuRMv16MCODBqpZY9Fh1sW7r0oIuwhIID1gdjVZeyJnlHHZM4ASQ==
via: 1.1 3698a5f586d9ecca74d570e41f4c8516.cloudfront.net (CloudFront), 1.1 c9b161639a9353c2354b895548ea9fca.cloudfront.net (CloudFront), 1.1 google
date: Wed, 29 Mar 2023 21:52:21 GMT
age: 56035
etag: "bff603c1941f0bc9dfcd4ae51af3334ff7529be4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f7d2537-a0a5-4a19-9229-144648b886b8.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f7d2537-a0a5-4a19-9229-144648b886b8.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash db24198518d1a093c5c03e92e53925a2
288898a60e0a029946e7d770d2b0c64b6f3bf51d
4a15da439fa1a3ccdd3d329f250bacaab581287183293c4e367b05c2a83eb66d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f7d2537-a0a5-4a19-9229-144648b886b8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12233
x-amzn-requestid: 781fd422-c720-49d7-bc90-6f8b18751caf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkAynHgNoAMFvCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424ae76-5327bf334c985816289507b9;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Wed, 29 Mar 2023 21:32:38 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: nwdrJGU7u4C_ZtSQkSASfZ2qj8a31rIr87g_K8YvrrsoVN5yeN8CRQ==
via: 1.1 185f4b03b711932fc7e735c08fdc5abe.cloudfront.net (CloudFront), 1.1 fec77e486350d1bd33f526a760d8b5a4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 29 Mar 2023 21:52:11 GMT
age: 56045
etag: "288898a60e0a029946e7d770d2b0c64b6f3bf51d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b95f765-7590-4263-b0a3-4db9c87a60df.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b95f765-7590-4263-b0a3-4db9c87a60df.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 424b55535e5fd622b2fc96aac1246324
cf7cf08aa8969a86bf03695af2129686fd62fe86
c4bb26a7b2c431282b53b4df9999b9cc8e61369a79c606688a76499b31a65127
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b95f765-7590-4263-b0a3-4db9c87a60df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10271
x-amzn-requestid: db0d1fe4-060a-4e61-90f3-ec9befee1295
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkBoXGh5oAMFfzw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424afce-2e9251552b4acdcb19e02dfc;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Wed, 29 Mar 2023 21:38:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: 1cXec9_e-KpzyTwiHaNAaf0y5i12tw7BkZTXnduS5ek7yAAZ0LXTWw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 29 Mar 2023 21:48:07 GMT
age: 56289
etag: "cf7cf08aa8969a86bf03695af2129686fd62fe86"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e919c2-25ed-4248-87bf-1a37b955c8fd.jpeg
200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e919c2-25ed-4248-87bf-1a37b955c8fd.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9c5fa6813496b7225a394a7b3f1beb49
3e48b96eb1cb0e57fb184810d0c4a46984b1c4f0
f47cca3d35642d45b802c7c37ce3743970a1f45da0c1e22a1fd812ccef739ab5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e919c2-25ed-4248-87bf-1a37b955c8fd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6617
x-amzn-requestid: 8f0b0658-5987-471d-807c-3d96c80af4c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkA50EXcIAMFfIw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424aea4-287d80435637d86b08dc8d2f;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Wed, 29 Mar 2023 21:33:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: n_1KTGqnUuxYTK_61aIHqCiMA4aJtr5ZWF7Xi9F9VK_stZnsUiEQFw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 google
date: Wed, 29 Mar 2023 21:53:17 GMT
age: 55979
etag: "3e48b96eb1cb0e57fb184810d0c4a46984b1c4f0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg
200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash da174e6ccc9451c5071ba10eeb97f6f6
c38827a9ac1218768839877263e1f2984fbdc454
76da406c8ae8cd6ca8471928f3aec3876aed2c21bc10edc0fbdaef5c100c1030
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9859
x-amzn-requestid: c00efe5b-7fdb-445a-a924-75ddd461b72b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: COQPtHizoAMF7-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641bfa64-3eb90ae703b78e8a06130540;Sampled=0
x-amzn-remapped-date: Thu, 23 Mar 2023 07:06:12 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: nZfXy-IsoHliuLodEocEZlH-IvmIV9G-noSmSEU1wmuMPfBx3rLJ9w==
via: 1.1 02f1a759e4ec9fab6fc17c080dd851dc.cloudfront.net (CloudFront), 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 11:37:45 GMT
age: 6511
etag: "c38827a9ac1218768839877263e1f2984fbdc454"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=585b051251
200 OK 0 B URL HTTP/2 ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=585b051251
IP
GET /releases/v5.15.4/css/free.min.css?token=585b051251 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.oxi50.com.co/
Origin: http://www.oxi50.com.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 30 Mar 2023 13:26:15 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 24639548230786af4bba1a9e26c6080e.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: V3duCzugqNVn_u-topFu0wvCDkGo0QpeqO8l1k5fR_aWMUtzCa6egg==
age: 8699
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MFF2NtyMGuU51t%2B203prxmaGSliXs0NvA5f%2F4yFTniyf%2BJTgegqJ6FshMK4fgj%2Be8UrIVZy%2Bdym%2F%2FDkO4nOZlt5sU79O15WYHWPK9veC6b55qHa63XpX4tXFNuqgwKo2TuB8WpkmlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b00aeeba9f723ed-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=585b051251
200 OK 0 B URL HTTP/2 ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=585b051251
IP
GET /releases/v5.15.4/css/free-v4-shims.min.css?token=585b051251 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.oxi50.com.co/
Origin: http://www.oxi50.com.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 30 Mar 2023 13:26:15 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6a1a17bbe377bf7c4423397c71959da.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: KS4NLAsMS_iJyF9_FZkG5Shu2bQPkLArJ1eukw9ah-Sb8hcIM4fSkw==
age: 885
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6fnx4kvCNfOIIazhz5EU8kLLkT0SqJv5Rmj70p4bO0BNiXP%2BQPMB%2Bn6fC3aqR%2FT6BdTfGaf5KdeAo%2Fdr0QHGpRRDnEtFC%2FIIP%2Bn7pwvk3dmdsDvicCaA1kyMlzRv4nTS07R8fn5Y3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b00aeeba9f923ed-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
142.93.205.209
95.101.11.115