urlquery - report: podocare.mx/

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
r3.o.lencr.org (8)	344	2020-12-02 08:52:13 UTC	2023-01-30 04:09:08 UTC	23.36.77.32
firefox.settings.services.mozilla.com (2)	867	2020-05-25 20:06:39 UTC	2023-01-30 04:09:03 UTC	35.241.9.150
aadcdn.msauth.net (2)	1421	2018-11-19 10:50:03 UTC	2023-01-30 04:22:35 UTC	13.107.237.53
push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2023-01-30 04:11:18 UTC	35.85.116.246
img-getpocket.cdn.mozilla.net (6)	1631	2017-09-01 03:40:57 UTC	2023-01-30 04:09:18 UTC	34.120.237.76
content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03 12:26:46 UTC	2023-01-30 04:10:11 UTC	34.160.144.191
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2023-01-30 04:10:15 UTC	34.117.237.239
podocare.mx (2)	0	2016-05-28 20:28:52 UTC	2023-01-30 13:09:48 UTC	192.185.161.100	Unknown ranking
code.jquery.com (1)	634	2012-05-21 17:28:02 UTC	2023-01-30 04:09:49 UTC	69.16.175.10
aadcdn.msftauth.net (3)	1455	2018-11-19 10:50:32 UTC	2023-01-30 09:39:23 UTC	152.199.23.37

Scan Date	Severity	Indicator	Comment
2023-01-30	2	podocare.mx/	Office365
2023-01-30	2	podocare.mx/	Office365

Scan Date	Severity	Indicator	Comment
2023-01-30	2	podocare.mx/	Phishing
2023-01-30	2	podocare.mx/office/closingpage/auth/office/index.php	Phishing

Date	UQ / IDS / BL	URL	IP
2023-03-02 17:16:53 +0000	0 - 0 - 6	www.podocare.mx/	192.185.161.100
2023-03-02 17:00:31 +0000	0 - 0 - 3	podocare.mx/office/closingpage/auth/office/in (...)	192.185.161.100
2023-02-14 15:06:47 +0000	0 - 0 - 2	podocare.mx/office/closingpage/auth/office/in (...)	192.185.161.100
2023-01-31 04:39:29 +0000	0 - 0 - 2	podocare.mx/office/closingpage/auth/office/in (...)	192.185.161.100
2023-01-30 15:47:36 +0000	0 - 0 - 4	podocare.mx/	192.185.161.100

Date	UQ / IDS / BL	URL	IP
2023-03-28 09:03:09 +0000	0 - 0 - 2	itfolkstechnology.com/upload/File_pass1234.7z	216.172.173.226
2023-03-28 09:02:18 +0000	0 - 1 - 0	egypttravelhub.com/1/1.exe	50.87.145.9
2023-03-28 08:46:03 +0000	0 - 0 - 1	upl-logistics.com/MyGov/login.php?online_id_8 (...)	192.185.78.187
2023-03-28 08:45:29 +0000	3 - 0 - 0	seveneventosrj.com.br/email/verification/nrns (...)	192.185.211.117
2023-03-28 08:45:17 +0000	3 - 0 - 0	seveneventosrj.com.br/email/verification/6ahg (...)	192.185.211.117

Date	UQ / IDS / BL	URL	IP
2023-03-02 17:16:53 +0000	0 - 0 - 6	www.podocare.mx/	192.185.161.100
2023-03-02 17:00:31 +0000	0 - 0 - 3	podocare.mx/office/closingpage/auth/office/in (...)	192.185.161.100
2023-02-14 15:06:47 +0000	0 - 0 - 2	podocare.mx/office/closingpage/auth/office/in (...)	192.185.161.100
2023-01-31 04:39:29 +0000	0 - 0 - 2	podocare.mx/office/closingpage/auth/office/in (...)	192.185.161.100
2023-01-30 15:47:36 +0000	0 - 0 - 4	podocare.mx/	192.185.161.100

Date	UQ / IDS / BL	URL	IP
2022-12-26 07:01:19 +0000	0 - 0 - 2	www.ckingtea.com/hometown/auth/auth/office/	199.79.62.190
2022-12-25 17:05:59 +0000	0 - 0 - 2	www.ckingtea.com/hometown/auth/auth/office/	199.79.62.190
2022-12-25 14:34:17 +0000	0 - 0 - 2	www.ckingtea.com/hometown/auth/auth/office/	199.79.62.190
2022-11-18 16:23:24 +0000	0 - 0 - 2	lawncarewest.com.au/auth/office/index.php	192.185.198.122
2022-11-18 13:36:37 +0000	0 - 0 - 2	lawncarewest.com.au/auth/office/index.php	192.185.198.122

Request	Response
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F" Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4584 Expires: Mon, 30 Jan 2023 17:03:50 GMT Date: Mon, 30 Jan 2023 15:47:26 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 5eb7c9bc996a0ff420e58af45526f053 Sha1: 8c2614832b8efe1c9da0bbd465d6f3f172d95a9e Sha256: c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E" Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9238 Expires: Mon, 30 Jan 2023 18:21:24 GMT Date: Mon, 30 Jan 2023 15:47:26 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 0c35c3ec659d3a26ea97e68d787bb043 Sha1: d97e3672244efec5b7814f2d8a734cd1a9387854 Sha256: 4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 35.241.9.150 HASH: 73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459 35.241.9.150 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Mon, 30 Jan 2023 15:43:12 GMT age: 254 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: dcd75ca6daca51c5e39d431468511793 Sha1: 07f76d3bf23d65c9110d810fa71a994e39e085d3 Sha256: 73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF" Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3707 Expires: Mon, 30 Jan 2023 16:49:13 GMT Date: Mon, 30 Jan 2023 15:47:26 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 09ee4b0fe6cf4ca5ed31b24452338d00 Sha1: 7e62b6e20f0d4737f4a8d94f9818a0883027839e Sha256: 56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: df2124daaa604627245c4981f4a34ecc3b1368657ad778326df980f3e2cc4c5e 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "DF2124DAAA604627245C4981F4A34ECC3B1368657AD778326DF980F3E2CC4C5E" Last-Modified: Sat, 28 Jan 2023 06:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=19016 Expires: Mon, 30 Jan 2023 21:04:22 GMT Date: Mon, 30 Jan 2023 15:47:26 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 4001df4824e1d57b42ca62ceab42a525 Sha1: 8bc7cfedbff344f0b84296d979348955aee6e764 Sha256: df2124daaa604627245c4981f4a34ecc3b1368657ad778326df980f3e2cc4c5e
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: kB58TRoc0mo3V+IBgGm43+uRW1uaD9JvhiFRk7U4QkivErwEBRoxoqUL17bmFFd3gkRkFTc/c3M= x-amz-request-id: MGFY7HP6C83EA7MQ content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Mon, 30 Jan 2023 14:50:46 GMT age: 3400 last-modified: Mon, 09 Jan 2023 18:04:21 GMT etag: "7b922915ebf1fa3639b333f994c74f24" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 7b922915ebf1fa3639b333f994c74f24 Sha1: 144a3f80b98fd0652d4614f24cf6cbbee40f8938 Sha256: adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Mon, 30 Jan 2023 15:47:26 GMT content-length: 12 access-control-expose-headers: content-type access-control-allow-credentials: true vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET / HTTP/1.1 Host: podocare.mx User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	URL: podocare.mx/ FQDN: podocare.mx IP: 192.185.161.100 HASH: e0322798af057970da79b1a703d632324505ff11b2fdb67f1b9a86e3e08068ec 192.185.161.100 HTTP/2 301 Moved Permanently content-type: text/html; charset=iso-8859-1 location: https://podocare.mx/office/closingpage/auth/office/index.php content-length: 268 date: Mon, 30 Jan 2023 15:47:26 GMT server: Apache X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 268 Md5: db5588b08c2826f89011ca7e058c5865 Sha1: dc12ceb1469a88eaec4471a8d279aa3ade596b27 Sha256: e0322798af057970da79b1a703d632324505ff11b2fdb67f1b9a86e3e08068ec Alerts: Blocklists: - openphish: Office365 - fortinet: Phishing
GET /office/closingpage/auth/office/index.php HTTP/1.1 Host: podocare.mx User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 TE: trailers	URL: podocare.mx/office/closingpage/auth/office/index.php FQDN: podocare.mx IP: 192.185.161.100 HASH: c0703faa53ed223d28434fec640ae94d74350c3a8ae780d6c05df0827d42bcbc 192.185.161.100 HTTP/2 200 OK content-type: text/html; charset=UTF-8 vary: Accept-Encoding content-encoding: gzip content-length: 5305 date: Mon, 30 Jan 2023 15:47:26 GMT server: Apache X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (728) Size: 5305 Md5: bb03e0aa59d1f5e7df75efd4dc18fb67 Sha1: d6f28418b4abb87687a728095e659525547cb51a Sha256: c0703faa53ed223d28434fec640ae94d74350c3a8ae780d6c05df0827d42bcbc Alerts: Blocklists: - openphish: Office365 - fortinet: Phishing
GET /jquery-1.12.4.min.js HTTP/1.1 Host: code.jquery.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://podocare.mx Connection: keep-alive Referer: https://podocare.mx/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: code.jquery.com/jquery-1.12.4.min.js FQDN: code.jquery.com IP: 69.16.175.10 HASH: 49c97d70ef48bfdc1d7b96271b5613bb099b2c040ebdf5624962aea92ff428ae 69.16.175.10 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 date: Mon, 30 Jan 2023 15:47:26 GMT content-encoding: gzip content-length: 33738 last-modified: Wed, 16 Feb 2022 10:50:39 GMT accept-ranges: bytes server: nginx etag: W/"620cd6ff-17b8b" cache-control: max-age=315360000, public access-control-allow-origin: * vary: Accept-Encoding x-hw: 1675093646.dop009.sk1.t,1675093646.cds242.sk1.hn,1675093646.cds251.sk1.c X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (32077) Size: 33738 Md5: fc7624613c4e25843694cdb7fa956f05 Sha1: 7765bb4016ae929e22be579ccde505b94c2a63c1 Sha256: 49c97d70ef48bfdc1d7b96271b5613bb099b2c040ebdf5624962aea92ff428ae
GET /shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg HTTP/1.1 Host: aadcdn.msftauth.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://podocare.mx/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: aadcdn.msftauth.net/shared/1.0/content/images/signin-op (...) FQDN: aadcdn.msftauth.net IP: 152.199.23.37 HASH: f7ed91a1dab5bb2802a7a3b3890df4777588ccbe04903260fba83e6e64c90ddf 152.199.23.37 HTTP/2 200 OK content-type: image/svg+xml content-encoding: gzip accept-ranges: bytes access-control-allow-origin: * access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding age: 20012361 cache-control: public, max-age=31536000 content-md5: R2FAVxfpONfnQAuxVxXbHg== date: Mon, 30 Jan 2023 15:47:26 GMT etag: 0x8D8852A740F01B9 last-modified: Tue, 10 Nov 2020 03:41:05 GMT server: ECAcc (ska/F695) vary: Accept-Encoding x-cache: HIT x-ms-blob-type: BlockBlob x-ms-lease-status: unlocked x-ms-request-id: 61d031c2-901e-008e-5cbf-7ee72e000000 x-ms-version: 2009-09-19 content-length: 621 X-Firefox-Spdy: h2 --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1592), with no line terminators Size: 621 Md5: 4761405717e938d7e7400bb15715db1e Sha1: 76fed7c229d353a27db3257f5927c1eaf0ab8de9 Sha256: f7ed91a1dab5bb2802a7a3b3890df4777588ccbe04903260fba83e6e64c90ddf
GET /shared/1.0/content/images/applogos/53_8b36337037cff88c3df203bb73d58e41.png HTTP/1.1 Host: aadcdn.msftauth.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://podocare.mx/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: aadcdn.msftauth.net/shared/1.0/content/images/applogos/ (...) FQDN: aadcdn.msftauth.net IP: 152.199.23.37 HASH: e4e1e65871749d18aea150643c07e0aab2057da057c6c57ec1c3c43580e1c898 152.199.23.37 HTTP/2 200 OK content-type: image/png accept-ranges: bytes access-control-allow-origin: * access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding age: 1367542 cache-control: public, max-age=31536000 content-md5: izYzcDfP+Iw98gO7c9WOQQ== date: Mon, 30 Jan 2023 15:47:26 GMT etag: 0x8D7AF695D6C58F2 last-modified: Wed, 12 Feb 2020 03:12:17 GMT server: ECAcc (ska/F7B7) x-cache: HIT x-ms-blob-type: BlockBlob x-ms-lease-status: unlocked x-ms-request-id: e919a5a0-a01e-0090-4f52-2899e8000000 x-ms-version: 2009-09-19 content-length: 5139 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 342 x 72, 8-bit/color RGBA, non-interlaced\012- data Size: 5139 Md5: 8b36337037cff88c3df203bb73d58e41 Sha1: 1ada36fa207b8b96b2a5f55078bfe2a97acead0e Sha256: e4e1e65871749d18aea150643c07e0aab2057da057c6c57ec1c3c43580e1c898
GET /shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg HTTP/1.1 Host: aadcdn.msftauth.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://podocare.mx/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: aadcdn.msftauth.net/shared/1.0/content/images/microsoft (...) FQDN: aadcdn.msftauth.net IP: 152.199.23.37 HASH: 7ecbba946c099539c3d9c03f4b6804958900e5b90d48336eea7e5a2ed050fa36 152.199.23.37 HTTP/2 200 OK content-type: image/svg+xml content-encoding: gzip accept-ranges: bytes access-control-allow-origin: * access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding age: 1365784 cache-control: public, max-age=31536000 content-md5: nzaLxFgP7ZB3dfMcaybWzw== date: Mon, 30 Jan 2023 15:47:26 GMT etag: 0x8D79A1B9F5E121A last-modified: Thu, 16 Jan 2020 00:32:52 GMT server: ECAcc (ska/F7B5) vary: Accept-Encoding x-cache: HIT x-ms-blob-type: BlockBlob x-ms-lease-status: unlocked x-ms-request-id: fc3f3f64-801e-006c-6456-2890f5000000 x-ms-version: 2009-09-19 content-length: 1435 X-Firefox-Spdy: h2 --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (3651), with no line terminators Size: 1435 Md5: 9f368bc4580fed907775f31c6b26d6cf Sha1: e393a40b3e337f43057eee3de189f197ab056451 Sha256: 7ecbba946c099539c3d9c03f4b6804958900e5b90d48336eea7e5a2ed050fa36
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 35.241.9.150 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 35.241.9.150 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Mon, 30 Jan 2023 14:49:04 GMT age: 3502 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E" Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3352 Expires: Mon, 30 Jan 2023 16:43:18 GMT Date: Mon, 30 Jan 2023 15:47:26 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 22b9916fc1fafc9bdc9bb37f9eac8a9a Sha1: 86f640e134a741a0f906a8e3a0f5c6659dd0e394 Sha256: a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
GET /shared/1.0/content/images/appbackgrounds/49-small_e58aafc980614a9cd7796bea7b5ea8f0.jpg HTTP/1.1 Host: aadcdn.msauth.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://podocare.mx/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: aadcdn.msauth.net/shared/1.0/content/images/appbackgrou (...) FQDN: aadcdn.msauth.net IP: 13.107.237.53 HASH: 8b34a475187302935336bf43a2bf2a4e0adb9a1e87953ea51f6fcf0ef52a4a1d 13.107.237.53 HTTP/2 200 OK content-type: image/jpeg cache-control: public, max-age=31536000 content-length: 987 content-md5: 5YqvyYBhSpzXeWvqe16o8A== last-modified: Fri, 27 Mar 2020 19:41:47 GMT etag: 0x8D7D286E322A911 server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 x-cache: TCP_HIT x-ms-request-id: 2984191a-401e-0017-048f-34565f000000 x-ms-version: 2009-09-19 x-ms-lease-status: unlocked x-ms-blob-type: BlockBlob access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding access-control-allow-origin: * x-azure-ref-originshield: 0ZLfXYwAAAACG++pXT9OYS7wqoeUtC0HORlJBMjMxMDUwNDE4MDQ3ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng== x-azure-ref: 0jubXYwAAAADwsBpL3AUATaxbvrfWpmnrQ1BIMzBFREdFMDQxMgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY= date: Mon, 30 Jan 2023 15:47:26 GMT X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 4.2.9], baseline, precision 8, 50x28, components 3\012- data Size: 987 Md5: e58aafc980614a9cd7796bea7b5ea8f0 Sha1: d4cac92dcde0caf7c571e6d791101da94fdbd2ca Sha256: 8b34a475187302935336bf43a2bf2a4e0adb9a1e87953ea51f6fcf0ef52a4a1d
GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1 Host: aadcdn.msauth.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://podocare.mx/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: aadcdn.msauth.net/shared/1.0/content/images/favicon_a_e (...) FQDN: aadcdn.msauth.net IP: 13.107.237.53 HASH: 90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21 13.107.237.53 HTTP/2 200 OK content-type: image/x-icon cache-control: public, max-age=31536000 content-length: 17174 content-md5: EuPayFgGHQiAI7K9SOL6lg== last-modified: Sun, 18 Oct 2020 03:02:03 GMT etag: 0x8D8731230C851A6 server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 x-cache: TCP_HIT x-ms-request-id: 7acf1fd0-001e-002f-6e53-2d2f5f000000 x-ms-version: 2009-09-19 x-ms-lease-status: unlocked x-ms-blob-type: BlockBlob access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding access-control-allow-origin: * x-azure-ref-originshield: 0137XYwAAAAAKKyieU29sRJ0zJWRO4ZY+RlJBMjMxMDUwNDE3MDQ3ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng== x-azure-ref: 0jubXYwAAAADQ/hM+CSPERqOo2knZm7O5Q1BIMzBFREdFMDQxMgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY= date: Mon, 30 Jan 2023 15:47:26 GMT X-Firefox-Spdy: h2 --- Additional Info --- Magic: MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors\012- data Size: 17174 Md5: 12e3dac858061d088023b2bd48e2fa96 Sha1: e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5 Sha256: 90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: EiVske1ON1ph2Oc/I6Vp/g== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 35.85.116.246 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 35.85.116.246 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: pIy4B47jLo0uGLJA3yM8u4h/xSM= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC" Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12230 Expires: Mon, 30 Jan 2023 19:11:18 GMT Date: Mon, 30 Jan 2023 15:47:28 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 43bc5afe1d7330aa521e0efc78185a92 Sha1: f53e9daa0a32e0acf7a10d9494fb383c1d039305 Sha256: 429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC" Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12230 Expires: Mon, 30 Jan 2023 19:11:18 GMT Date: Mon, 30 Jan 2023 15:47:28 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 43bc5afe1d7330aa521e0efc78185a92 Sha1: f53e9daa0a32e0acf7a10d9494fb383c1d039305 Sha256: 429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC" Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12230 Expires: Mon, 30 Jan 2023 19:11:18 GMT Date: Mon, 30 Jan 2023 15:47:28 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 43bc5afe1d7330aa521e0efc78185a92 Sha1: f53e9daa0a32e0acf7a10d9494fb383c1d039305 Sha256: 429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e9b24d-3c7c-46d8-89b7-084483cc3d1d.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 874b38a04aa3736e65aaef72da2cc2efceb208618267107a495bdfe51ec58e58 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 12507 x-amzn-requestid: 85c9adcd-b997-48ca-bbfb-ccdeaf3e8cfb x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fhklyFaJoAMFqKA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d6e7be-2bcdd8c353d8429d2b1e95f6;Sampled=0 x-amzn-remapped-date: Sun, 29 Jan 2023 21:40:14 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: XABaoZCqUulmnfZOXx6XTLSUMS5Mie6u0OfkqozmBzCf3Qjzf-fbRA== via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google date: Sun, 29 Jan 2023 21:54:32 GMT age: 64376 etag: "d60f280f8a742480527dbc32d08f321f972d4fcf" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 12507 Md5: 5190c0bdc6abe0ee258e9f8c20ddaf51 Sha1: d60f280f8a742480527dbc32d08f321f972d4fcf Sha256: 874b38a04aa3736e65aaef72da2cc2efceb208618267107a495bdfe51ec58e58
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 799af4bf9fa07ed27ebdc9d1a3344ee8a2b6529f076c263495b93290c47a1cc4 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8464 x-amzn-requestid: bf2cf356-ebb1-469b-ba35-a79bb009cad6 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fhj3qGeboAMFzNw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d6e697-7c96841f52b6a96d1b0eaf34;Sampled=0 x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:19 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: y6bDvcD7a3-A4DLC3cSdZT-yewV1kkFqcGr7AMuqvUeGA4A0pgF4wQ== via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google date: Sun, 29 Jan 2023 21:59:27 GMT age: 64081 etag: "7aa5fbdc8156514770ae620e81f1afef1c77890f" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8464 Md5: fe31ee140c2fd62e616c8a1edc9e78bb Sha1: 7aa5fbdc8156514770ae620e81f1afef1c77890f Sha256: 799af4bf9fa07ed27ebdc9d1a3344ee8a2b6529f076c263495b93290c47a1cc4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 89d5443a1d313c632d09a583ef602aa4645a16986076387329f434262d15b0a1 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10997 x-amzn-requestid: a6fac0ab-1acf-4808-8785-3b4ec5e32edf x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fhj30FX7IAMFa5w= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d6e698-005109ec2e76529e793678d6;Sampled=0 x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:20 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: skGKI_MWvDwpAbGibUcr8wTlimgoPU9ZYhEHltd3uhdJZ_GoNznVAA== via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google date: Sun, 29 Jan 2023 22:08:57 GMT etag: "027dbc7a104c922904f067ed15d696c363c11774" age: 63511 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10997 Md5: 65c02d8a1b0d6a210cb2a649c5c67469 Sha1: 027dbc7a104c922904f067ed15d696c363c11774 Sha256: 89d5443a1d313c632d09a583ef602aa4645a16986076387329f434262d15b0a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9167 x-amzn-requestid: e6e0789c-a4a9-4ffa-a0ae-691770d1035b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fPF9YEBmIAMF0kQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63cf8388-01d2093432d3959903671a69;Sampled=0 x-amzn-remapped-date: Tue, 24 Jan 2023 07:06:48 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: awfNeaKbFw2bjiTGwUrwUTxU-qbVS2eTjn948H8kn1hy7pi_DwLMlQ== via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google date: Sun, 29 Jan 2023 17:35:56 GMT age: 79892 etag: "50a48e737310d3f31840db4301b25927fbcc12c5" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9167 Md5: 3be81f83687ddb6c93d3ff3c09a9dba2 Sha1: 50a48e737310d3f31840db4301b25927fbcc12c5 Sha256: e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 588830e5f725e8e56270565e40f817f2658b0ee7c0425d138e5f65a17ff40483 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9457 x-amzn-requestid: 7c48e5ca-2128-43da-ba83-fd91568af1ef x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fhkBOGHVoAMFQtw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d6e6d4-1b850ffd543f51f92dec3894;Sampled=0 x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:20 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: 3EXFa0gb46AbdZ9ZznGiPTemGZ7zWh9WLs5Yr1zmfyh_jyKA6o7xoA== via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google date: Sun, 29 Jan 2023 22:19:57 GMT age: 62851 etag: "e4388ced02e5576867e77547496dec1ac2338ef7" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9457 Md5: 51aa950d5eed7b90cab6632107092edc Sha1: e4388ced02e5576867e77547496dec1ac2338ef7 Sha256: 588830e5f725e8e56270565e40f817f2658b0ee7c0425d138e5f65a17ff40483
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: df75cf7183d401a19655aab025d08ad2c498573c88b32e9b258d951d2993b936 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 7679 x-amzn-requestid: 0c7983d5-6040-44e9-b394-21c3784702a2 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fhkEtEfHoAMFaNA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d6e6ea-54c55dbd09ca642048af8916;Sampled=0 x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:42 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: VHh2SQ21xoDoBnGvM2kRiposhXuCE-DdWW1bM35kEykjbHYmhsldVA== via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google date: Sun, 29 Jan 2023 21:51:22 GMT age: 64566 etag: "b820be4ed885dcf288eb6460c57e1fa7b1c7c476" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7679 Md5: 3e04b9eaf7449828136ad59e4c9d69f1 Sha1: b820be4ed885dcf288eb6460c57e1fa7b1c7c476 Sha256: df75cf7183d401a19655aab025d08ad2c498573c88b32e9b258d951d2993b936

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F" 

                                        
                                            
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=4584 

                                        
                                            
Expires: Mon, 30 Jan 2023 17:03:50 GMT 

                                        
                                            
Date: Mon, 30 Jan 2023 15:47:26 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    5eb7c9bc996a0ff420e58af45526f053

                                                Sha1:   8c2614832b8efe1c9da0bbd465d6f3f172d95a9e

                                                Sha256: c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f

                                        
                                            GET /v1/ HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         35.241.9.150

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After 

                                        
                                            
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
content-length: 939 

                                        
                                            
via: 1.1 google 

                                        
                                            
date: Mon, 30 Jan 2023 15:43:12 GMT 

                                        
                                            
age: 254 

                                        
                                            
cache-control: max-age=3600,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators

                                                Size:   939

                                                Md5:    dcd75ca6daca51c5e39d431468511793

                                                Sha1:   07f76d3bf23d65c9110d810fa71a994e39e085d3

                                                Sha256: 73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "DF2124DAAA604627245C4981F4A34ECC3B1368657AD778326DF980F3E2CC4C5E" 

                                        
                                            
Last-Modified: Sat, 28 Jan 2023 06:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=19016 

                                        
                                            
Expires: Mon, 30 Jan 2023 21:04:22 GMT 

                                        
                                            
Date: Mon, 30 Jan 2023 15:47:26 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    4001df4824e1d57b42ca62ceab42a525

                                                Sha1:   8bc7cfedbff344f0b84296d979348955aee6e764

                                                Sha256: df2124daaa604627245c4981f4a34ecc3b1368657ad778326df980f3e2cc4c5e

                                        
                                            GET /v1/tiles HTTP/1.1 

                                        
                                            
Host: contile.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.117.237.239

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Mon, 30 Jan 2023 15:47:26 GMT 

                                        
                                            
content-length: 12 

                                        
                                            
access-control-expose-headers: content-type 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
via: 1.1 google 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with no line terminators

                                                Size:   12

                                                Md5:    23e88fb7b99543fb33315b29b1fad9d6

                                                Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce

                                                Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

                                        
                                            GET /shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg HTTP/1.1 

                                        
                                            
Host: aadcdn.msftauth.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://podocare.mx/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         152.199.23.37

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/svg+xml

                                        

                                        
                                            
content-encoding: gzip 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding 

                                        
                                            
age: 20012361 

                                        
                                            
cache-control: public, max-age=31536000 

                                        
                                            
content-md5: R2FAVxfpONfnQAuxVxXbHg== 

                                        
                                            
date: Mon, 30 Jan 2023 15:47:26 GMT 

                                        
                                            
etag: 0x8D8852A740F01B9 

                                        
                                            
last-modified: Tue, 10 Nov 2020 03:41:05 GMT 

                                        
                                            
server: ECAcc (ska/F695) 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
x-cache: HIT 

                                        
                                            
x-ms-blob-type: BlockBlob 

                                        
                                            
x-ms-lease-status: unlocked 

                                        
                                            
x-ms-request-id: 61d031c2-901e-008e-5cbf-7ee72e000000 

                                        
                                            
x-ms-version: 2009-09-19 

                                        
                                            
content-length: 621 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1592), with no line terminators

                                                Size:   621

                                                Md5:    4761405717e938d7e7400bb15715db1e

                                                Sha1:   76fed7c229d353a27db3257f5927c1eaf0ab8de9

                                                Sha256: f7ed91a1dab5bb2802a7a3b3890df4777588ccbe04903260fba83e6e64c90ddf

                                        
                                            GET /shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg HTTP/1.1 

                                        
                                            
Host: aadcdn.msftauth.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://podocare.mx/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         152.199.23.37

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/svg+xml

                                        

                                        
                                            
content-encoding: gzip 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding 

                                        
                                            
age: 1365784 

                                        
                                            
cache-control: public, max-age=31536000 

                                        
                                            
content-md5: nzaLxFgP7ZB3dfMcaybWzw== 

                                        
                                            
date: Mon, 30 Jan 2023 15:47:26 GMT 

                                        
                                            
etag: 0x8D79A1B9F5E121A 

                                        
                                            
last-modified: Thu, 16 Jan 2020 00:32:52 GMT 

                                        
                                            
server: ECAcc (ska/F7B5) 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
x-cache: HIT 

                                        
                                            
x-ms-blob-type: BlockBlob 

                                        
                                            
x-ms-lease-status: unlocked 

                                        
                                            
x-ms-request-id: fc3f3f64-801e-006c-6456-2890f5000000 

                                        
                                            
x-ms-version: 2009-09-19 

                                        
                                            
content-length: 1435 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (3651), with no line terminators

                                                Size:   1435

                                                Md5:    9f368bc4580fed907775f31c6b26d6cf

                                                Sha1:   e393a40b3e337f43057eee3de189f197ab056451

                                                Sha256: 7ecbba946c099539c3d9c03f4b6804958900e5b90d48336eea7e5a2ed050fa36

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E" 

                                        
                                            
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=3352 

                                        
                                            
Expires: Mon, 30 Jan 2023 16:43:18 GMT 

                                        
                                            
Date: Mon, 30 Jan 2023 15:47:26 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    22b9916fc1fafc9bdc9bb37f9eac8a9a

                                                Sha1:   86f640e134a741a0f906a8e3a0f5c6659dd0e394

                                                Sha256: a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e

                                        
                                            GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1 

                                        
                                            
Host: aadcdn.msauth.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://podocare.mx/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         13.107.237.53

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/x-icon

                                        

                                        
                                            
cache-control: public, max-age=31536000 

                                        
                                            
content-length: 17174 

                                        
                                            
content-md5: EuPayFgGHQiAI7K9SOL6lg== 

                                        
                                            
last-modified: Sun, 18 Oct 2020 03:02:03 GMT 

                                        
                                            
etag: 0x8D8731230C851A6 

                                        
                                            
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 

                                        
                                            
x-cache: TCP_HIT 

                                        
                                            
x-ms-request-id: 7acf1fd0-001e-002f-6e53-2d2f5f000000 

                                        
                                            
x-ms-version: 2009-09-19 

                                        
                                            
x-ms-lease-status: unlocked 

                                        
                                            
x-ms-blob-type: BlockBlob 

                                        
                                            
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
x-azure-ref-originshield: 0137XYwAAAAAKKyieU29sRJ0zJWRO4ZY+RlJBMjMxMDUwNDE3MDQ3ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng== 

                                        
                                            
x-azure-ref: 0jubXYwAAAADQ/hM+CSPERqOo2knZm7O5Q1BIMzBFREdFMDQxMgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY= 

                                        
                                            
date: Mon, 30 Jan 2023 15:47:26 GMT 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors\012- data

                                                Size:   17174

                                                Md5:    12e3dac858061d088023b2bd48e2fa96

                                                Sha1:   e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5

                                                Sha256: 90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC" 

                                        
                                            
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=12230 

                                        
                                            
Expires: Mon, 30 Jan 2023 19:11:18 GMT 

                                        
                                            
Date: Mon, 30 Jan 2023 15:47:28 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    43bc5afe1d7330aa521e0efc78185a92

                                                Sha1:   f53e9daa0a32e0acf7a10d9494fb383c1d039305

                                                Sha256: 429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC" 

                                        
                                            
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=12230 

                                        
                                            
Expires: Mon, 30 Jan 2023 19:11:18 GMT 

                                        
                                            
Date: Mon, 30 Jan 2023 15:47:28 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    43bc5afe1d7330aa521e0efc78185a92

                                                Sha1:   f53e9daa0a32e0acf7a10d9494fb383c1d039305

                                                Sha256: 429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 8464 

                                        
                                            
x-amzn-requestid: bf2cf356-ebb1-469b-ba35-a79bb009cad6 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: fhj3qGeboAMFzNw= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-63d6e697-7c96841f52b6a96d1b0eaf34;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:19 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: y6bDvcD7a3-A4DLC3cSdZT-yewV1kkFqcGr7AMuqvUeGA4A0pgF4wQ== 

                                        
                                            
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Sun, 29 Jan 2023 21:59:27 GMT 

                                        
                                            
age: 64081 

                                        
                                            
etag: "7aa5fbdc8156514770ae620e81f1afef1c77890f" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   8464

                                                Md5:    fe31ee140c2fd62e616c8a1edc9e78bb

                                                Sha1:   7aa5fbdc8156514770ae620e81f1afef1c77890f

                                                Sha256: 799af4bf9fa07ed27ebdc9d1a3344ee8a2b6529f076c263495b93290c47a1cc4

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 9167 

                                        
                                            
x-amzn-requestid: e6e0789c-a4a9-4ffa-a0ae-691770d1035b 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: fPF9YEBmIAMF0kQ= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-63cf8388-01d2093432d3959903671a69;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Tue, 24 Jan 2023 07:06:48 GMT 

                                        
                                            
x-amz-cf-pop: SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: awfNeaKbFw2bjiTGwUrwUTxU-qbVS2eTjn948H8kn1hy7pi_DwLMlQ== 

                                        
                                            
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Sun, 29 Jan 2023 17:35:56 GMT 

                                        
                                            
age: 79892 

                                        
                                            
etag: "50a48e737310d3f31840db4301b25927fbcc12c5" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   9167

                                                Md5:    3be81f83687ddb6c93d3ff3c09a9dba2

                                                Sha1:   50a48e737310d3f31840db4301b25927fbcc12c5

                                                Sha256: e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 7679 

                                        
                                            
x-amzn-requestid: 0c7983d5-6040-44e9-b394-21c3784702a2 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: fhkEtEfHoAMFaNA= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-63d6e6ea-54c55dbd09ca642048af8916;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:42 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: VHh2SQ21xoDoBnGvM2kRiposhXuCE-DdWW1bM35kEykjbHYmhsldVA== 

                                        
                                            
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Sun, 29 Jan 2023 21:51:22 GMT 

                                        
                                            
age: 64566 

                                        
                                            
etag: "b820be4ed885dcf288eb6460c57e1fa7b1c7c476" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   7679

                                                Md5:    3e04b9eaf7449828136ad59e4c9d69f1

                                                Sha1:   b820be4ed885dcf288eb6460c57e1fa7b1c7c476

                                                Sha256: df75cf7183d401a19655aab025d08ad2c498573c88b32e9b258d951d2993b936

URL	podocare.mx/
IP	192.185.161.100 (United States)
ASN	#46606 UNIFIEDLAYER-AS-1
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2023-01-30 15:47:36 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	4
urlquery alerts	No alerts detected
Tags	None

Overview

Domain Summary (10)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 192.185.161.100

Last 5 reports on ASN: UNIFIEDLAYER-AS-1

Last 5 reports on domain: podocare.mx

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (2)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (27)

Overview

Domain Summary (10)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 192.185.161.100

Last 5 reports on ASN: UNIFIEDLAYER-AS-1

Last 5 reports on domain: podocare.mx

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (2)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (27)

Network Intrusion Detection Systems