Report - webmail.centralmedicard.com.br/

Report Overview

Submitted URL
webmail.centralmedicard.com.br/
IP
172.67.161.83
ASN
#13335 CLOUDFLARENET
Submitted
2022-11-18 05:33:16
Access
Website Title
Final URL
Tags
None
urlquery detections
Phishing - Webmail

Detections

urlquery
1
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-10T05:09:10Z	2.4 kB	6.2 kB	23.36.76.226
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-10T13:49:44Z	682 B	1.5 kB	93.184.220.29
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-10T05:10:00Z	782 B	2.4 kB	34.102.187.140
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-10T05:12:35Z	413 B	5.9 kB	34.160.144.191
webmail.centralmedicard.com.br	unknown	2019-07-08T05:57:11Z	2022-11-18T06:33:05Z	5.8 kB	388 kB	172.67.161.83
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-10T05:10:00Z	333 B	229 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-10T05:10:02Z	606 B	127 B	35.162.142.194
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-10T05:10:04Z	3.2 kB	56 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (9)

	URL	Size	First Seen	Last Seen
	webmail.centralmedicard.com.br/program/js/jquery.min.js?s=1612812585	90 kB	2023-03-07	2024-04-16
Pretty URL webmail.centralmedicard.com.br/program/js/jquery.min.js?s=1612812585 IP 172.67.161.83 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:32 Last Seen2024-04-16 17:37:19 Times Seen481 Hash 80d6b39faaf27486264ff13531191401 03e255f1f19107a46b09da332347baa25231fc22 542ac2738d21d5ea4a39cd05efc447c3b5ca553f212f1bff44215d3f5f007a6f Loading...

	webmail.centralmedicard.com.br/program/js/jstz.min.js?s=1612812585	14 kB	2023-03-07	2024-04-16
Pretty URL webmail.centralmedicard.com.br/program/js/jstz.min.js?s=1612812585 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:32 Last Seen2024-04-16 17:37:19 Times Seen574 Hash b5ee3ce2023c717fff34cfe5d3b82599 36f532887c2bf6bc7bdd06e68e96eafe2051a5f7 716ece8deb8412f7ec95ab395c92f6515bb8d8b792fd7480c014cdc6f063452a Loading...

	webmail.centralmedicard.com.br/	2.1 kB	2023-03-11	2023-03-11
Pretty URL webmail.centralmedicard.com.br/ IP 172.67.161.83 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 13:49:23 Last Seen2023-03-11 13:49:23 Times Seen1 Hash abf4e5642c75a770e80c75387a1f7a2f ca68e04cbd50cb02df4f39107b9863102649f7f6 d4e74102ae189bcc70072be3d8f15f32b0de16d643e34c7007774a1dc1073fb3 Loading...

	webmail.centralmedicard.com.br/skins/elastic/deps/bootstrap.bundle.min.js?s=1612812589	79 kB	2023-03-07	2024-04-16
Pretty URL webmail.centralmedicard.com.br/skins/elastic/deps/bootstrap.bundle.min.js?s=1612812589 IP 172.67.161.83 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:42:50 Last Seen2024-04-16 17:37:19 Times Seen443 Hash a187431872552aacc1d4df6a65638f6a b61a4dc554a133bc455c09713a464ffea357643f 3e735a9880bf0bf27c32641063cccc60d93c53a7a77306dd6221f3db3c57ea20 Loading...

	webmail.centralmedicard.com.br/	35 B	2023-03-07	2024-03-16
Pretty URL webmail.centralmedicard.com.br/ IP 172.67.161.83 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:00 Last Seen2024-03-16 05:33:41 Times Seen80 Hash d0c5b963f8165f56493874746adedf97 e09c78d91814eebbd23a7080b6e90e06f4c84de1 1a1f1580c0b8e2a2101cf9e01c596bcee15c2e38657b69ec8bd9ee4a526fd168 Loading...

	webmail.centralmedicard.com.br/program/js/common.min.js?s=1612812581	13 kB	2023-03-07	2024-04-16
Pretty URL webmail.centralmedicard.com.br/program/js/common.min.js?s=1612812581 IP 172.67.161.83 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:32 Last Seen2024-04-16 17:37:19 Times Seen188 Hash a2fcf18b8b93b2acca79230ccf53c80c a5efb30a6cd0cce7f94d0a73f3a5d2b558e34e61 6001e5503f42285de39e5ef3e276eec34a9fe1e71d3160a5aacb7b6516bee642 Loading...

	unknown	0 B	2023-03-07	2024-04-18
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-18 06:02:59 Times Seen36928389 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	webmail.centralmedicard.com.br/skins/elastic/ui.min.js?s=1612812581	60 kB	2023-03-07	2024-02-29
Pretty URL webmail.centralmedicard.com.br/skins/elastic/ui.min.js?s=1612812581 IP 172.67.161.83 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:32 Last Seen2024-02-29 16:55:38 Times Seen127 Hash ed8f1b2feecfe213230d84f5415cde21 99359abc4e7d9ae6c755d496b0278e5b20a08335 946b68ba501a99378a0f240b3fbd5e8eb78346fc2013981ca26e51e80f90700f Loading...

	webmail.centralmedicard.com.br/plugins/jqueryui/js/jquery-ui.min.js?s=1612812580	260 kB	2023-03-07	2024-04-16
Pretty URL webmail.centralmedicard.com.br/plugins/jqueryui/js/jquery-ui.min.js?s=1612812580 IP 172.67.161.83 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:41:24 Last Seen2024-04-16 17:45:13 Times Seen915 Hash fb752c6ba6b88ffa885f1d2a6492ef58 e20616dd323e0313e75de00ac055b7d249cb9056 59a4c9a75c48cf979e66c5641230bda0e15dfff292666e56ffb52a5a96d78834 Loading...

HTTP Transactions (34)

	URL	IP	Response	Size
	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash d27590a1d3cbe1e9632b8ae92aaae3f4 202b34e8a0c3b88c8826fd56c6227b34f2cd6f46 6bcfa518476658128c1fb4ea2435c4e58531454cf97138dce7ece9def589aead HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "6BCFA518476658128C1FB4EA2435C4E58531454CF97138DCE7ECE9DEF589AEAD" Last-Modified: Wed, 16 Nov 2022 18:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2602 Expires: Fri, 18 Nov 2022 06:16:27 GMT Date: Fri, 18 Nov 2022 05:33:05 GMT Connection: keep-alive`

	ocsp.digicert.com/	93.184.220.29	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash be1be806b5dca7facbb45a6c3db44652 7ae9380a2f3eca959fe6ff6b3832a17cffd12cf4 1f3338058f8e9cae5c9fdd733c74564312726b01c6efdcd628d851d0c99876b0 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 2888 Cache-Control: 'max-age=158059' Content-Type: application/ocsp-response Date: Fri, 18 Nov 2022 05:33:05 GMT Last-Modified: Fri, 18 Nov 2022 04:44:57 GMT Server: ECS (ska/F70F) X-Cache: HIT Content-Length: 471`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 3a38b6dd8a4cc335c026aebf2ed348b6 8a386e0ccb0ca4dc502746c45b2ebc3aa3f83cf8 8b4040a645cec1841a00a22765eb3a74978559daf15c54bd4b41b6b48aab7f95 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "8B4040A645CEC1841A00A22765EB3A74978559DAF15C54BD4B41B6B48AAB7F95" Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2236 Expires: Fri, 18 Nov 2022 06:10:21 GMT Date: Fri, 18 Nov 2022 05:33:05 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	34.102.187.140	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 34.102.187.140:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash d130218d0e2841f39c99610fe1a2ab90 29fbe1e177ee55c7a61ae0a206afff271cf5f945 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152 HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Fri, 18 Nov 2022 04:45:00 GMT cache-control: public,max-age=3600 content-type: application/json age: 2885 alt-svc: clear X-Firefox-Spdy: h2`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash 67d5a988edcda47bc3b3b3f65d32b4b6 d4f0e0da8b3690cc7da925026d3414b68c7d954f 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78 HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK x-amz-id-2: WmmVFVvIQLifRCSdLCUKKdxeemefhTLOja/IkHaRzRYRe8vhLJ8OoQiNkdIgFwB7u65g8SmUxDVFzR72AETs2w== x-amz-request-id: TX62HB409TZHRSWW content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Fri, 18 Nov 2022 04:52:45 GMT age: 2420 last-modified: Fri, 30 Sep 2022 18:50:55 GMT etag: "67d5a988edcda47bc3b3b3f65d32b4b6" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2`

	webmail.centralmedicard.com.br/	172.67.161.83	200 OK	2.1 kB
URL HTTP/1.1 webmail.centralmedicard.com.br/ IP 172.67.161.83:0 ASN #13335 CLOUDFLARENET File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (730) Size 2.1 kB (2110 bytes) Hash 68a5b3400c7c5e0a5c8908097ab6c80b d3122a8a7c72d51f5eb26f44cce6aee2adf86664 fa14a71c08f5f8703923d7d79b65402d48979dabcbf23a65ff883bc80a0353f6 HTTP Headers `GET / HTTP/1.1 Host: webmail.centralmedicard.com.br User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` HTTP/1.1 200 OK Date: Fri, 18 Nov 2022 05:33:05 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding Set-Cookie: roundcube_sessid=8cbsoh96bnfdmt3le5fe2p2b0f; path=/; HttpOnly Expires: Fri, 18 Nov 2022 05:33:11 GMT Last-Modified: Fri, 18 Nov 2022 05:33:11 GMT Cache-Control: private, no-cache, no-store, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache X-Frame-Options: sameorigin Content-Language: en CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mySdQVHNiyMPLaZoMXhUkKN2G0lbCxShEtD4d2whtL7hkruM3V%2FyQkjtL1dfU%2BQd%2FNoWZ4dZ7rV7NnA03KQeaGlBVW74IM4xwMXNzwOZW0RzloUa3xpHwVBw0Ij6XGms9oxhqXHJYk2oZHYZYK%2BUQao%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 76be544c3d13b500-OSL Content-Encoding: gzip alt-svc: h2=":443"; ma=60

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Fri, 18 Nov 2022 05:33:05 GMT content-type: application/json content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	webmail.centralmedicard.com.br/skins/elastic/styles/styles.css?s=1612812581	172.67.161.83	200 OK	20 kB
URL HTTP/1.1 webmail.centralmedicard.com.br/skins/elastic/styles/styles.css?s=1612812581 IP 172.67.161.83:0 ASN #13335 CLOUDFLARENET File type ASCII text, with very long lines (65536), with no line terminators Size 20 kB (19669 bytes) Hash 0929e305d883db6c2e7599c4473048b2 0afd715ad146c70da737664f1894aa3ed799893c 39dab33d622afe8cbfc608c933f4fca254eb1c71acb3a59a872b4ec0780f9cab HTTP Headers `GET /skins/elastic/styles/styles.css?s=1612812581 HTTP/1.1 Host: webmail.centralmedicard.com.br User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://webmail.centralmedicard.com.br/ Cookie: roundcube_sessid=8cbsoh96bnfdmt3le5fe2p2b0f` HTTP/1.1 200 OK Date: Fri, 18 Nov 2022 05:33:06 GMT Content-Type: text/css Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding Last-Modified: Mon, 08 Feb 2021 19:29:41 GMT ETag: W/"60219125-194ab" Content-Encoding: gzip Cache-Control: max-age=14400 CF-Cache-Status: MISS Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g1NxacZ%2ByKhfffeqbhBsqrSDoNorldpE8hGVlUzkDPOGsLz%2Fq8tBSR5vz8GGmOnMfvmWv9uE1nX76DXF8lHdGpll%2BAGZ%2FLVWv0cox3Tp088f4kEVCpodX6e9qZqiDfrwSU5GQGcjl1A6AoCh%2BPtRNSw%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 76be544f8e40b517-OSL alt-svc: h2=":443"; ma=60

	webmail.centralmedicard.com.br/program/js/common.min.js?s=1612812581	172.67.161.83	200 OK	4.9 kB
URL HTTP/1.1 webmail.centralmedicard.com.br/program/js/common.min.js?s=1612812581 IP 172.67.161.83:0 ASN #13335 CLOUDFLARENET File type ASCII text, with very long lines (1379) Size 4.9 kB (4901 bytes) Hash 8f5d362a3e4ea105dca2d80a5070985f 793be6dac85b1626b7f70b57e589b7f619da2fc2 aa8e630c2af6600421825fbf2fdc5e5175016af2ccc04d43422b64240bc08c65 HTTP Headers `GET /program/js/common.min.js?s=1612812581 HTTP/1.1 Host: webmail.centralmedicard.com.br User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://webmail.centralmedicard.com.br/ Cookie: roundcube_sessid=8cbsoh96bnfdmt3le5fe2p2b0f` HTTP/1.1 200 OK Date: Fri, 18 Nov 2022 05:33:06 GMT Content-Type: application/javascript Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding Last-Modified: Mon, 08 Feb 2021 19:29:41 GMT ETag: W/"60219125-3382" Content-Encoding: gzip Cache-Control: max-age=14400 CF-Cache-Status: MISS Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lYnZUx15%2BULuxC%2Blbs1u2WojNMKtvMG7%2F4n4Ze%2F9MXh929%2F%2Bd4KndIc6z%2B%2BVmYuRMMwJ4VEST1C1vSYkhelDURxzuUFoav0tBmhsjtr7hSl0Hu7K5dR8un%2BoJcqbhIjilbCPhHJptW%2Bf%2FGT8XwtJRX4%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 76be544f88f21c16-OSL alt-svc: h2=":443"; ma=60

	webmail.centralmedicard.com.br/plugins/jqueryui/themes/elastic/jquery-ui.css?s=1612812580	172.67.161.83	200 OK	8.2 kB
URL HTTP/1.1 webmail.centralmedicard.com.br/plugins/jqueryui/themes/elastic/jquery-ui.css?s=1612812580 IP 172.67.161.83:0 ASN #13335 CLOUDFLARENET File type ASCII text, with very long lines (2515) Size 8.2 kB (8167 bytes) Hash 9ce00d4d50732af6f4e2be15e8490bcd 8fc9892e415a8b56610acf16d93d0c8dbee1ad08 706393d0ed90d7557a83a0613999fb4811b7f1a67d861363791f43dff9ff8c0a HTTP Headers `GET /plugins/jqueryui/themes/elastic/jquery-ui.css?s=1612812580 HTTP/1.1 Host: webmail.centralmedicard.com.br User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://webmail.centralmedicard.com.br/ Cookie: roundcube_sessid=8cbsoh96bnfdmt3le5fe2p2b0f` HTTP/1.1 200 OK Date: Fri, 18 Nov 2022 05:33:06 GMT Content-Type: text/css Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding Last-Modified: Mon, 08 Feb 2021 19:29:40 GMT ETag: W/"60219124-858e" Content-Encoding: gzip Cache-Control: max-age=14400 CF-Cache-Status: MISS Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x4dePSU1rpjy6Ep2da8omwjR3jHr%2BlEJOCJ6ftFTy3ILNjbAXPTd%2BdWnCViWYK1FuilW4rKMmM1hq0Je5nEljLk6pIZuzeznNdVg%2Ff89uE8DNyGbgtO2uzgxdYWpYvVmp63h8CNI%2BZ%2FJ1b15%2FUr6GGE%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 76be544f8897b4fd-OSL alt-svc: h2=":443"; ma=60

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	34.102.187.140	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 34.102.187.140:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Fri, 18 Nov 2022 04:44:49 GMT cache-control: public,max-age=3600 age: 2897 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json alt-svc: clear X-Firefox-Spdy: h2

	webmail.centralmedicard.com.br/skins/elastic/deps/bootstrap.min.css?s=1612812589	172.67.161.83	200 OK	23 kB
URL HTTP/1.1 webmail.centralmedicard.com.br/skins/elastic/deps/bootstrap.min.css?s=1612812589 IP 172.67.161.83:0 ASN #13335 CLOUDFLARENET File type ASCII text, with very long lines (65324) Size 23 kB (23053 bytes) Hash 23b8f9a2e65f834ebbd981dfb65919a8 2326779e90de75eaaebd7d3d3248bfc5957a7bba 5a4f237ae5be3fc9ead2a5218f376a25fcc455f5c2d69b1e77d0c0e48acbf94f HTTP Headers `GET /skins/elastic/deps/bootstrap.min.css?s=1612812589 HTTP/1.1 Host: webmail.centralmedicard.com.br User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://webmail.centralmedicard.com.br/ Cookie: roundcube_sessid=8cbsoh96bnfdmt3le5fe2p2b0f` HTTP/1.1 200 OK Date: Fri, 18 Nov 2022 05:33:06 GMT Content-Type: text/css Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding Last-Modified: Mon, 08 Feb 2021 19:29:49 GMT ETag: W/"6021912d-26041" Content-Encoding: gzip Cache-Control: max-age=14400 CF-Cache-Status: MISS Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lz2DTpXQ%2BGpBm2Q63gqF3qqIrt%2FqM%2Fj0QeXbjqtoFuRPG0gwEccOsu8B8GZm4pHpWa03pg7%2BNoPb%2BLE1xG7CjIkYTk35mEGtYvJ6RAQ6GQU18xRGGGIAmzv0ouNyb6fiwLOB1nd4hbdX6Kt8IoSNU%2BI%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 76be544f7f73b500-OSL alt-svc: h2=":443"; ma=60

	webmail.centralmedicard.com.br/program/js/jquery.min.js?s=1612812585	172.67.161.83	200 OK	32 kB
URL HTTP/1.1 webmail.centralmedicard.com.br/program/js/jquery.min.js?s=1612812585 IP 172.67.161.83:0 ASN #13335 CLOUDFLARENET File type ASCII text, with very long lines (64001) Size 32 kB (31521 bytes) Hash 9c3984aa9d77110279cb7e496f56ea56 86f8fa438d31930d54bc9933652bbac6e78332eb 6452217e9119f4a280d5d039dde87b32f7f997381f046447ee5096d853a84ceb HTTP Headers `GET /program/js/jquery.min.js?s=1612812585 HTTP/1.1 Host: webmail.centralmedicard.com.br User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://webmail.centralmedicard.com.br/ Cookie: roundcube_sessid=8cbsoh96bnfdmt3le5fe2p2b0f` HTTP/1.1 200 OK Date: Fri, 18 Nov 2022 05:33:06 GMT Content-Type: application/javascript Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding Last-Modified: Mon, 08 Feb 2021 19:29:45 GMT ETag: W/"60219129-15dfb" Content-Encoding: gzip Cache-Control: max-age=14400 CF-Cache-Status: MISS Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gsa0wei8hmNA%2BWoeHGkTGcKupWOeN7p1B0jvTzFixYqnk5jspGhP1LpFLOCCp4%2BJHzrMYsFjoaPEN0%2BE0znAc2Qc2EodCy498Jt2jPAXcY1QoB%2BQDUrWS9T7v575ii2Lkm0IaMjDZkr4UjRIt0cj1ds%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 76be544f8e44b517-OSL alt-svc: h2=":443"; ma=60

	webmail.centralmedicard.com.br/program/js/app.min.js?s=1612812581	172.67.161.83	200 OK	49 kB
URL HTTP/1.1 webmail.centralmedicard.com.br/program/js/app.min.js?s=1612812581 IP 172.67.161.83:0 ASN #13335 CLOUDFLARENET File type ASCII text, with very long lines (690) Size 49 kB (49295 bytes) Hash c0103c1489ddef5f7486f403d7745e9c 35d1bcbe04f0a8aa2d46f39697c82f9412a1071d ac531efb51f078d6f7533baec8a7a20ba94df043f62ed1185cf3bd2d2d820c95 HTTP Headers `GET /program/js/app.min.js?s=1612812581 HTTP/1.1 Host: webmail.centralmedicard.com.br User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://webmail.centralmedicard.com.br/ Cookie: roundcube_sessid=8cbsoh96bnfdmt3le5fe2p2b0f` HTTP/1.1 200 OK Date: Fri, 18 Nov 2022 05:33:06 GMT Content-Type: application/javascript Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding Last-Modified: Mon, 08 Feb 2021 19:29:41 GMT ETag: W/"60219125-2a0f9" Content-Encoding: gzip Cache-Control: max-age=14400 CF-Cache-Status: MISS Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gduzHCAJnp6Uv9SbVlmSqhcjtFSnodpVC1g2a4GfFTjEFTyzC32P1p75GiwX48GRCSi21VgOE8rIh1ogJBhBaLMCyK0LA058XxZe2j%2Ff%2B3wM3dSmkpcGomP3C6JelewaCrS0hmCfRwDacxzW3yZgjok%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 76be544f89160afa-OSL alt-svc: h2=":443"; ma=60

	ocsp.digicert.com/	93.184.220.29	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash c10055ce87434f700ff8b20e3be1f919 477b3c9f1da0c464282bb54572737e76b6e346da 4d78eb296876122e5ff40fcd7667adf1bf8a4b1ee4c8203c88a63ce8d7910a57 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 6040 Cache-Control: max-age=105269 Content-Type: application/ocsp-response Date: Fri, 18 Nov 2022 05:33:06 GMT Etag: "6375f9af-1d7" Expires: Sat, 19 Nov 2022 10:47:35 GMT Last-Modified: Thu, 17 Nov 2022 09:06:55 GMT Server: ECS (ska/F70F) X-Cache: HIT Content-Length: 471`

	webmail.centralmedicard.com.br/skins/elastic/deps/bootstrap.bundle.min.js?s=1612812589	172.67.161.83	200 OK	22 kB
URL HTTP/1.1 webmail.centralmedicard.com.br/skins/elastic/deps/bootstrap.bundle.min.js?s=1612812589 IP 172.67.161.83:0 ASN #13335 CLOUDFLARENET File type ASCII text, with very long lines (65297) Size 22 kB (22283 bytes) Hash 0edb076f4aaf834ac4862b49721e774e 2e6d147b7230a94cf3528ecd62f60901aa8f2e5d 22359c929b51cc3980c4933b91781fe08a1dd347694900c997372083eb57e5cf HTTP Headers `GET /skins/elastic/deps/bootstrap.bundle.min.js?s=1612812589 HTTP/1.1 Host: webmail.centralmedicard.com.br User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://webmail.centralmedicard.com.br/ Cookie: roundcube_sessid=8cbsoh96bnfdmt3le5fe2p2b0f` HTTP/1.1 200 OK Date: Fri, 18 Nov 2022 05:33:06 GMT Content-Type: application/javascript Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding Last-Modified: Mon, 08 Feb 2021 19:29:49 GMT ETag: W/"6021912d-132fb" Content-Encoding: gzip Cache-Control: max-age=14400 CF-Cache-Status: MISS Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z3aqUYhj26DB2z%2FOvdCukL2ILofp9GcCBJgseXsmN2XfeSvaCUIsY9EN%2BYLMpSa41JY%2B5ALO7uupb6bD0jXoEpZhxeeW4oUezzsB7i8FOdCw76pHEtQKEKqAdOg8emzo5oDHzSFckNPlrUOn5%2BGWKbI%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 76be545139b7b4fd-OSL alt-svc: h2=":443"; ma=60

	webmail.centralmedicard.com.br/skins/elastic/ui.min.js?s=1612812581	172.67.161.83	200 OK	19 kB
URL HTTP/1.1 webmail.centralmedicard.com.br/skins/elastic/ui.min.js?s=1612812581 IP 172.67.161.83:0 ASN #13335 CLOUDFLARENET File type ASCII text, with very long lines (629) Size 19 kB (19436 bytes) Hash dfdf198c4ec3d1187fce59dbb5b575e0 ff8728ea334de1ffef9e5a60a8456e1e22a0d1a8 84ac6940081668848b5f5c4a522bd436d712e924045d3e321c8c56ad575579a8 HTTP Headers `GET /skins/elastic/ui.min.js?s=1612812581 HTTP/1.1 Host: webmail.centralmedicard.com.br User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://webmail.centralmedicard.com.br/ Cookie: roundcube_sessid=8cbsoh96bnfdmt3le5fe2p2b0f` HTTP/1.1 200 OK Date: Fri, 18 Nov 2022 05:33:06 GMT Content-Type: application/javascript Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding Last-Modified: Mon, 08 Feb 2021 19:29:41 GMT ETag: W/"60219125-eb97" Content-Encoding: gzip Cache-Control: max-age=14400 CF-Cache-Status: MISS Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=owf0gqFI67NtIoT9UqRVhecy1ZP4gnAtSHk%2Flaf67FehemyRKoVoFyVZF6EUvqARpUA1S2heapbVTMgvPZxRozE%2B0FTYJVjOwwajskCVZDIgvoaPSbWG59WawSNWDZ39TbYyL2N0xpt7%2Bh5%2B%2BSdEWXk%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 76be5451f8cbb500-OSL alt-svc: h2=":443"; ma=60

	webmail.centralmedicard.com.br/plugins/jqueryui/js/jquery-ui.min.js?s=1612812580	172.67.161.83	200 OK	70 kB
URL HTTP/1.1 webmail.centralmedicard.com.br/plugins/jqueryui/js/jquery-ui.min.js?s=1612812580 IP 172.67.161.83:0 ASN #13335 CLOUDFLARENET File type ASCII text, with very long lines (33303) Size 70 kB (69723 bytes) Hash 256c1be2165d503895928d5143392a94 394ff4d29520456cf20481c0deb312c8b670ff97 ac9a951c4cff020939182d759d357fe61745ead9a9fba08d4dc56efce2b10c79 HTTP Headers `GET /plugins/jqueryui/js/jquery-ui.min.js?s=1612812580 HTTP/1.1 Host: webmail.centralmedicard.com.br User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://webmail.centralmedicard.com.br/ Cookie: roundcube_sessid=8cbsoh96bnfdmt3le5fe2p2b0f` HTTP/1.1 200 OK Date: Fri, 18 Nov 2022 05:33:06 GMT Content-Type: application/javascript Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding Last-Modified: Mon, 08 Feb 2021 19:29:40 GMT ETag: W/"60219124-3f6c0" Content-Encoding: gzip Cache-Control: max-age=14400 CF-Cache-Status: MISS Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NE71mF%2FOECUXXvuLhkl1Zrwq0LrN54%2FwCk%2BEVI2cqeP2LfRmFBRMIVdcc%2F7YiRXhwWpMlLpfU8958%2BX%2FfHndbrzFNpB%2B58WCs9ZgEC5%2Bvs8A%2BlS7iQMpPz4I%2BFoepm3ZKeB%2BlavRQd2iYB7WgnIprIs%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 76be545139d11c16-OSL alt-svc: h2=":443"; ma=60

	push.services.mozilla.com/	35.162.142.194	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 35.162.142.194:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: vY1v/QQoYPWkZh6hGQ/ciA== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: gt6PXHly7l8JMejzN1OUSVw0PiA=`

	webmail.centralmedicard.com.br/skins/elastic/images/logo.svg?s=1612812581	172.67.161.83	200 OK	401 B
URL HTTP/1.1 webmail.centralmedicard.com.br/skins/elastic/images/logo.svg?s=1612812581 IP 172.67.161.83:0 ASN #13335 CLOUDFLARENET File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text Size 401 B (401 bytes) Hash 1a1f1facc67be1b5ed81a325902e7ee8 c8c16dfd068ff89f674a9e55472bd19774811f61 402ca16177d0b8e35180c46b82bb01a58638744b4bf102d0182c1d44f71b6416 HTTP Headers `GET /skins/elastic/images/logo.svg?s=1612812581 HTTP/1.1 Host: webmail.centralmedicard.com.br User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://webmail.centralmedicard.com.br/ Cookie: roundcube_sessid=8cbsoh96bnfdmt3le5fe2p2b0f` HTTP/1.1 200 OK Date: Fri, 18 Nov 2022 05:33:06 GMT Content-Type: image/svg+xml Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding Last-Modified: Mon, 08 Feb 2021 19:29:41 GMT ETag: W/"60219125-378" Content-Encoding: gzip Cache-Control: max-age=14400 CF-Cache-Status: HIT Age: 0 Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QWw0OuadpaYU16hUU663I0XrY9AXTlcqKXRdIExV3jTDUxyxQcOvoCtSPsK6TODsVKwyvXuMjsiXR0MiEmBOPk7Cz8UXCzOQ61%2FgAloadXa7dh3e9Q%2FZ244mn897kEnMuBQfCUnZDO%2FZe1%2B2rVgwYVg%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 76be5455ca18b517-OSL alt-svc: h2=":443"; ma=60

	webmail.centralmedicard.com.br/skins/elastic/fonts/roboto-v19-regular.woff2	172.67.161.83	200 OK	51 kB
URL HTTP/1.1 webmail.centralmedicard.com.br/skins/elastic/fonts/roboto-v19-regular.woff2 IP 172.67.161.83:0 ASN #13335 CLOUDFLARENET File type Web Open Font Format (Version 2), TrueType, length 51116, version 1.0\012- data Size 51 kB (51116 bytes) Hash 9549360090baf2eb8b25d3a9708fc19d 3229ae839d33696d39c89dc0d3e193fe985f1da4 a7bf1f115e60e0c8f3b335df66d4d77baaae4eb11d2cea2cf7c5b4693403a46f HTTP Headers `GET /skins/elastic/fonts/roboto-v19-regular.woff2 HTTP/1.1 Host: webmail.centralmedicard.com.br User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: http://webmail.centralmedicard.com.br/skins/elastic/styles/styles.css?s=1612812581 Cookie: roundcube_sessid=8cbsoh96bnfdmt3le5fe2p2b0f` HTTP/1.1 200 OK Date: Fri, 18 Nov 2022 05:33:07 GMT Content-Type: application/octet-stream Content-Length: 51116 Connection: keep-alive Last-Modified: Mon, 08 Feb 2021 19:29:41 GMT ETag: "60219125-c7ac" Cache-Control: max-age=14400 CF-Cache-Status: MISS Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=leRtFSeJiWknmfh5lPpcbpRkIDVchNi%2B6Xdpz0hECmWEU%2BR1wjCvYnmErm7VEK0YgMaqxAlXOw20%2FgFHiGvKxU5OvjtVygZYTl6cfUTGJP7AL0feA68A8CDLARxf4uVbWU%2BpmFNWRJcUgTMerN6pvek%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 76be54551b841c16-OSL alt-svc: h2=":443"; ma=60

	webmail.centralmedicard.com.br/skins/elastic/fonts/fa-solid-900.woff2	172.67.161.83	200 OK	75 kB
URL HTTP/1.1 webmail.centralmedicard.com.br/skins/elastic/fonts/fa-solid-900.woff2 IP 172.67.161.83:0 ASN #13335 CLOUDFLARENET File type Web Open Font Format (Version 2), TrueType, length 75440, version 329.-1049\012- data Size 75 kB (75440 bytes) Hash b5cf8ae26748570d8fb95a47f46b69e1 07bed153d47f9129a944ee54dd72952deed074c8 cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0 HTTP Headers `GET /skins/elastic/fonts/fa-solid-900.woff2 HTTP/1.1 Host: webmail.centralmedicard.com.br User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: http://webmail.centralmedicard.com.br/skins/elastic/styles/styles.css?s=1612812581 Cookie: roundcube_sessid=8cbsoh96bnfdmt3le5fe2p2b0f` HTTP/1.1 200 OK Date: Fri, 18 Nov 2022 05:33:07 GMT Content-Type: application/octet-stream Content-Length: 75440 Connection: keep-alive Last-Modified: Mon, 08 Feb 2021 19:29:41 GMT ETag: "60219125-126b0" Cache-Control: max-age=14400 CF-Cache-Status: MISS Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6dOSr1shjXhypYW4dPxrE7oTvT0JwZgE29SZDuUvuLxVL94hZLivA6R6cAiRW0xS%2BVmvnAyG1ZIfO1CgIiaffGf4IwKiVsWIDrT90BQs18zu2T8nwO1NaGDUpG2oZGMrWBr8RPB%2BVhBGauXnNPwoyu8%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 76be545539b7b517-OSL alt-svc: h2=":443"; ma=60

	webmail.centralmedicard.com.br/skins/elastic/images/favicon.ico?s=1612812581	172.67.161.83	200 OK	580 B
URL HTTP/1.1 webmail.centralmedicard.com.br/skins/elastic/images/favicon.ico?s=1612812581 IP 172.67.161.83:0 ASN #13335 CLOUDFLARENET File type MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 16x16, 32 bits/pixel\012- data Size 580 B (580 bytes) Hash a2f5eb1ca8fb5e35e9168597eacffd52 45d66269c6fdb8908cf9b2e054d3cbba0116164b 663a403f3cb9db936403e655a67f39f4b9b955794315622eeedd3be7d72a7af9 HTTP Headers `GET /skins/elastic/images/favicon.ico?s=1612812581 HTTP/1.1 Host: webmail.centralmedicard.com.br User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://webmail.centralmedicard.com.br/ Cookie: roundcube_sessid=8cbsoh96bnfdmt3le5fe2p2b0f` HTTP/1.1 200 OK Date: Fri, 18 Nov 2022 05:33:07 GMT Content-Type: image/x-icon Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding Last-Modified: Mon, 08 Feb 2021 19:29:41 GMT ETag: W/"60219125-8f6" Content-Encoding: gzip Cache-Control: max-age=14400 CF-Cache-Status: MISS Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uwrmMk71f%2Fedf0EdA1eV6pQwIlacXyGDFbuKLirM6dyQbxgrb2bL5cVS2cpUFD%2Fff9Tq%2FyBLBnTTUat6Yo8o%2F8kSEs0AW3BgCdlZlV6Q6HGEkaawdOWksgBQfzEgFz6SdTpy3hu2ZiOGIn0NHlxjWKE%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 76be54581b8ab517-OSL alt-svc: h2=":443"; ma=60

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 17af07b019100dc8adb529ce85f827bd 602adaa722e9a3ee89600ebe40cea7033c435483 aec801578f867078e0a82d90e78290f0a3ef4f1f4936eb763801b869e0fae747 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "AEC801578F867078E0A82D90E78290F0A3EF4F1F4936EB763801B869E0FAE747" Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4192 Expires: Fri, 18 Nov 2022 06:42:59 GMT Date: Fri, 18 Nov 2022 05:33:07 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 17af07b019100dc8adb529ce85f827bd 602adaa722e9a3ee89600ebe40cea7033c435483 aec801578f867078e0a82d90e78290f0a3ef4f1f4936eb763801b869e0fae747 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "AEC801578F867078E0A82D90E78290F0A3EF4F1F4936EB763801B869E0FAE747" Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4192 Expires: Fri, 18 Nov 2022 06:42:59 GMT Date: Fri, 18 Nov 2022 05:33:07 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 17af07b019100dc8adb529ce85f827bd 602adaa722e9a3ee89600ebe40cea7033c435483 aec801578f867078e0a82d90e78290f0a3ef4f1f4936eb763801b869e0fae747 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "AEC801578F867078E0A82D90E78290F0A3EF4F1F4936EB763801B869E0FAE747" Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4192 Expires: Fri, 18 Nov 2022 06:42:59 GMT Date: Fri, 18 Nov 2022 05:33:07 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 17af07b019100dc8adb529ce85f827bd 602adaa722e9a3ee89600ebe40cea7033c435483 aec801578f867078e0a82d90e78290f0a3ef4f1f4936eb763801b869e0fae747 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "AEC801578F867078E0A82D90E78290F0A3EF4F1F4936EB763801B869E0FAE747" Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4192 Expires: Fri, 18 Nov 2022 06:42:59 GMT Date: Fri, 18 Nov 2022 05:33:07 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 17af07b019100dc8adb529ce85f827bd 602adaa722e9a3ee89600ebe40cea7033c435483 aec801578f867078e0a82d90e78290f0a3ef4f1f4936eb763801b869e0fae747 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "AEC801578F867078E0A82D90E78290F0A3EF4F1F4936EB763801B869E0FAE747" Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4192 Expires: Fri, 18 Nov 2022 06:42:59 GMT Date: Fri, 18 Nov 2022 05:33:07 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg	34.120.237.76	200 OK	12 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 12 kB (11667 bytes) Hash 032386e5c9dffff1ba1ee5e8a322d438 dd4fd6c803a9b333bace9a541c6bd183d0c56bb9 0e9f559a0aa7e114c5810a27ba243c0da7b44dc0bf7aec2b7ab32b8f0e2b536c HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 11667 x-amzn-requestid: ae092a0a-1709-4497-9f07-0348a28d2491 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: bqZOIEN7oAMFlaA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637408c0-5ac595df302a8f1d3703ad8d;Sampled=0 x-amzn-remapped-date: Tue, 15 Nov 2022 21:46:40 GMT x-amz-cf-pop: SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: c_SJMaV3uYSUysTSOFV--jQqDUxw-fBp8cXWWUZw9vUjt0d6PsOpxA== via: 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google date: Thu, 17 Nov 2022 18:45:44 GMT age: 38843 etag: "dd4fd6c803a9b333bace9a541c6bd183d0c56bb9" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38915691-004a-4ae6-a5c6-fd071040ffba.jpeg	34.120.237.76	200 OK	6.3 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38915691-004a-4ae6-a5c6-fd071040ffba.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 6.3 kB (6339 bytes) Hash 4998f097d23ee5f19cae27d5b938e5fc 4369c8ebe61b9944e639bb2731feb51c5a758fe7 5691c66766c9578e9c4aa71240608653821162c668abc63ee40e553ede2450e0 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38915691-004a-4ae6-a5c6-fd071040ffba.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 6339 x-amzn-requestid: 0be5dee5-272d-4577-ba55-5cdb7935ea60 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: bw-MCExBoAMFz6Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6376aa4c-15fd613336aa6fcb165d0b26;Sampled=0 x-amzn-remapped-date: Thu, 17 Nov 2022 21:40:28 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: NYs-Nf0PzWqhXP5nkvanTjhJ6vfwRIU--YD06RFIGPEuwDCu6fvEPg== via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google date: Thu, 17 Nov 2022 21:52:40 GMT age: 27627 etag: "4369c8ebe61b9944e639bb2731feb51c5a758fe7" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e567bc1-d4b1-4dd2-b17e-3595ad1753e5.jpeg	34.120.237.76	200 OK	10 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e567bc1-d4b1-4dd2-b17e-3595ad1753e5.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 10 kB (10281 bytes) Hash 35da1192dcadc6e329a9e60c16904301 90a146aef85765630a5e09e46a0a8682e204bec1 816d1387a3a91a82f0bdaa2b703b45aa30be206d30d4dd1e8ac5deca13de57ad HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e567bc1-d4b1-4dd2-b17e-3595ad1753e5.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10281 x-amzn-requestid: 11dffc4e-71d7-4195-8890-62c8a2092728 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: bw-77EWaIAMF3WA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6376ab7f-3c0dc7e43023af827ac26958;Sampled=0 x-amzn-remapped-date: Thu, 17 Nov 2022 21:45:35 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: 48wUhxwMgsEj2J01EWOTCfWLNZPwFrjjXd6V_uSp8yae4YtGTTVlxA== via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google date: Thu, 17 Nov 2022 22:14:12 GMT age: 26335 etag: "90a146aef85765630a5e09e46a0a8682e204bec1" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20ddb38f-d459-45e6-9351-068a5306b3a1.jpeg	34.120.237.76	200 OK	10 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20ddb38f-d459-45e6-9351-068a5306b3a1.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 10 kB (10349 bytes) Hash 7d16e5ff718353c095d266b080fe547f fa7c5c9a1d16355859196271f3d13f3850931888 9a94d8eb20cc56d0898b1e2b80c0006ebbef75c15ad94e907050c5be4e19a960 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20ddb38f-d459-45e6-9351-068a5306b3a1.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10349 x-amzn-requestid: fc85e078-a81a-4fed-899e-15249961f59c x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: bw-7tHGLIAMF00Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6376ab7d-4224d193517794684fcdc0ad;Sampled=0 x-amzn-remapped-date: Thu, 17 Nov 2022 21:45:34 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: UK-XD_8EcfPwfLb-QVwfLr8aG-sqVBoUJcbPb5hKAlQS68eOxdgM5g== via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google date: Thu, 17 Nov 2022 22:03:27 GMT age: 26980 etag: "fa7c5c9a1d16355859196271f3d13f3850931888" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3007b4f3-f5db-4eb7-b71a-f9f854ae287e.jpeg	34.120.237.76	200 OK	7.6 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3007b4f3-f5db-4eb7-b71a-f9f854ae287e.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 7.6 kB (7631 bytes) Hash b2b393e36ee2c9649d90db136aa49542 e88c5832ff0c49bab181d948c3a510d88343bb6f 8b524701df43bff56ac52a021ff0fbd964e06f00e84b4861aa557ec6ae6b4ffd HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3007b4f3-f5db-4eb7-b71a-f9f854ae287e.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 7631 x-amzn-requestid: b47e545d-1fb6-4a62-ab45-28cdb9d3f0b6 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: bw-vQE0XoAMFS3w= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6376ab2e-56365eed3d4c082c53b172b3;Sampled=0 x-amzn-remapped-date: Thu, 17 Nov 2022 21:44:14 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: qpoQa1Lhe-h27dGooXDCtujesSTg7Tb0Ov-PNLnUP0288ZofwHxkhQ== via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google date: Thu, 17 Nov 2022 21:52:40 GMT age: 27627 etag: "e88c5832ff0c49bab181d948c3a510d88343bb6f" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e93b023-2729-4761-a4ea-05612c0917fb.jpeg	34.120.237.76	200 OK	3.8 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e93b023-2729-4761-a4ea-05612c0917fb.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 3.8 kB (3759 bytes) Hash 5d0b6106f00f9fd8b89c2d484a559a1a 399ac393209dcdac7d2188d7aa8d95f04570ef7c 5d8151c9eb558f4a2b8bd2952c6845606ddb0c27e36f6e49aca7e60908cd9fe4 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e93b023-2729-4761-a4ea-05612c0917fb.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 3759 x-amzn-requestid: 8c91ac59-89dc-4218-b69f-0cebb29f301b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: bw-wJHgxoAMF-hQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6376ab33-4dac305614a92bc52c038222;Sampled=0 x-amzn-remapped-date: Thu, 17 Nov 2022 21:44:19 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: Mb2-PTjNmt06Wd5jOjQ5WoLY-0NgI80CKPXtwgzBt4n5km8Pu_WN0Q== via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google date: Thu, 17 Nov 2022 21:50:49 GMT age: 27738 etag: "399ac393209dcdac7d2188d7aa8d95f04570ef7c" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP