Overview

URLbtconnect-1051093746btconnect.weebly.com/
IP 199.34.228.53 (United States)
ASN#27647 WEEBLY
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-04 13:24:46 UTC
StatusLoading report..
IDS alerts0
Blocklist alert17
urlquery alerts No alerts detected
Tags None

Domain Summary (0)

No passive DNS data

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
Scan Date Severity Indicator Comment
2022-12-04 2 btconnect-1051093746btconnect.weebly.com/ BT Group plc
2022-12-04 2 btconnect-1051093746btconnect.weebly.com/ BT Group plc
2022-12-04 2 btconnect-1051093746btconnect.weebly.com/ BT Group plc
2022-12-04 2 btconnect-1051093746btconnect.weebly.com/ BT Group plc
2022-12-04 2 btconnect-1051093746btconnect.weebly.com/ BT Group plc
2022-12-04 2 btconnect-1051093746btconnect.weebly.com/ BT Group plc
2022-12-04 2 btconnect-1051093746btconnect.weebly.com/ BT Group plc
2022-12-04 2 btconnect-1051093746btconnect.weebly.com/ BT Group plc
2022-12-04 2 btconnect-1051093746btconnect.weebly.com/ BT Group plc
2022-12-04 2 btconnect-1051093746btconnect.weebly.com/ BT Group plc

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-12-04 2 btconnect-1051093746btconnect.weebly.com/ Phishing
2022-12-04 2 btconnect-1051093746btconnect.weebly.com/files/theme/MutationObserver.js Phishing
2022-12-04 2 btconnect-1051093746btconnect.weebly.com/files/theme/plugins.js?1667895926 Phishing
2022-12-04 2 btconnect-1051093746btconnect.weebly.com/files/theme/jquery.pxuMenu.js?1667 (...) Phishing
2022-12-04 2 btconnect-1051093746btconnect.weebly.com/files/theme/custom-1.js?1667895926 Phishing
2022-12-04 2 btconnect-1051093746btconnect.weebly.com/files/theme/images/arrow-light.svg (...) Phishing
2022-12-04 2 btconnect-1051093746btconnect.weebly.com/ajax/api/JsonRPC/CustomerAccounts/ (...) Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 199.34.228.53
Date UQ / IDS / BL URL IP
2023-02-02 13:44:14 +0000 0 - 0 - 14 noticecustomermail.weebly.com/ 199.34.228.53
2023-02-02 12:49:38 +0000 0 - 0 - 17 btconnect-105102951746btconnect.weebly.com/ 199.34.228.53
2023-02-02 11:34:13 +0000 0 - 0 - 2 safetyconfirmationredirected.weebly.com/?atte (...) 199.34.228.53
2023-02-01 11:50:37 +0000 0 - 0 - 15 idsvssavorg.weebly.com/ 199.34.228.53
2023-02-01 09:19:35 +0000 0 - 0 - 11 bts365phs.weebly.com/ 199.34.228.53


Last 5 reports on ASN: WEEBLY
Date UQ / IDS / BL URL IP
2023-02-02 20:32:33 +0000 0 - 0 - 7 mail-100308.weeblysite.com/ 199.34.228.97
2023-02-02 19:05:52 +0000 0 - 0 - 3 outlookmicrosoft.net/ 199.34.228.167
2023-02-02 16:02:24 +0000 0 - 0 - 5 yahoomail-106049.weeblysite.com/ 199.34.228.97
2023-02-02 13:57:54 +0000 0 - 0 - 8 myatt-service-100094.weeblysite.com/ 199.34.228.96
2023-02-02 13:57:36 +0000 0 - 0 - 8 att-helpdesk606.weeblysite.com/ 199.34.228.96


Last 5 reports on domain: weebly.com
Date UQ / IDS / BL URL IP
2023-02-02 13:44:14 +0000 0 - 0 - 14 noticecustomermail.weebly.com/ 199.34.228.53
2023-02-02 13:01:18 +0000 0 - 0 - 20 btconnect-103876btconnectmail.weebly.com/ 199.34.228.54
2023-02-02 12:57:16 +0000 0 - 0 - 17 btconnect-103876btconnectmaiads.weebly.com/ 199.34.228.54
2023-02-02 12:49:38 +0000 0 - 0 - 17 btconnect-105102951746btconnect.weebly.com/ 199.34.228.53
2023-02-02 11:34:13 +0000 0 - 0 - 2 safetyconfirmationredirected.weebly.com/?atte (...) 199.34.228.53


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-01-17 23:26:00 +0000 0 - 0 - 21 btconnect-1051093746btconnect.weebly.com/ 199.34.228.53
2023-01-08 07:59:53 +0000 0 - 0 - 21 btconnect-1051043746btconnect.weebly.com/ 199.34.228.54
2022-12-21 05:40:20 +0000 0 - 0 - 6 btconnect-1051043746btconnect.weebly.com/ 199.34.228.54
2022-12-04 22:30:38 +0000 0 - 0 - 19 btconnect-1051093746btconnect.weebly.com/ 199.34.228.54
2022-12-04 16:11:29 +0000 0 - 0 - 19 btconnect-1051093746btconnect.weebly.com/ 199.34.228.54

JavaScript

Executed Scripts (30)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (61)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5416
Expires: Sun, 04 Dec 2022 14:54:50 GMT
Date: Sun, 04 Dec 2022 13:24:34 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1956
Cache-Control: max-age=164359
Date: Sun, 04 Dec 2022 13:24:34 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 11:03:53 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 04 Dec 2022 13:18:24 GMT
cache-control: public,max-age=3600
age: 370
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3902
Expires: Sun, 04 Dec 2022 14:29:36 GMT
Date: Sun, 04 Dec 2022 13:24:34 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: d1tpmz5mM5kcbyhPkedOb6iAftYT7qHZc4v4FgnehQ8WHJ7P9f0XbZ5rpTdYCTOGywp7j4hQSM4=
x-amz-request-id: 04GM60Q5MWRT3ZAC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 04 Dec 2022 12:46:59 GMT
age: 2255
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 04 Dec 2022 13:24:34 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4157
Cache-Control: max-age=144586
Date: Sun, 04 Dec 2022 13:24:35 GMT
Etag: "638c2120-1d7"
Expires: Tue, 06 Dec 2022 05:34:21 GMT
Last-Modified: Sun, 04 Dec 2022 04:25:04 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 04 Dec 2022 13:08:58 GMT
cache-control: public,max-age=3600
age: 937
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET / HTTP/1.1 
Host: btconnect-1051093746btconnect.weebly.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         199.34.228.54
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Sun, 04 Dec 2022 13:24:35 GMT
Server: Apache
Vary: X-W-SSL,Accept-Encoding,User-Agent
Set-Cookie: is_mobile=0; path=/; domain=btconnect-1051093746btconnect.weebly.com language=en; expires=Sun, 18-Dec-2022 13:24:35 GMT; Max-Age=1209600; path=/
Cache-Control: private
ETag: W/"eb2f374a504efaa01637447e7fc2fada-gzip"
Content-Encoding: gzip
X-Host: blu62.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 7554
Keep-Alive: timeout=10, max=48
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2437), with CRLF, LF line terminators
Size:   7554
Md5:    2b9af336f341c778d685a396aab84332
Sha1:   f5226f46fc077cd5ac07ad835d87cb91f7c14d23
Sha256: 37d981b3de4f2c1a450da6ce61acf43a315da780ad3bebaa668e821a088093d7

Alerts:
  Blocklists:
    - openphish: BT Group plc
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1943
Cache-Control: max-age=159279
Date: Sun, 04 Dec 2022 13:24:35 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 09:39:14 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /css/sites.css?buildTime=1667842284 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://btconnect-1051093746btconnect.weebly.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.65.46
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
last-modified: Mon, 21 Nov 2022 14:34:30 GMT
etag: W/"637b8c76-347ac"
expires: Mon, 05 Dec 2022 17:31:44 GMT
cache-control: max-age=1209600
x-host: grn45.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 04 Dec 2022 13:24:35 GMT
age: 1108371
x-served-by: cache-sjc10081-SJC, cache-bma1625-BMA
x-cache: HIT, HIT
x-cache-hits: 7433, 2
x-timer: S1670160276.616061,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 29746
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   29746
Md5:    d10158b22b553f723d99dc78eaee6390
Sha1:   80f2d6670cfb0d01cd20c471cf8e3e6465ddd3f6
Sha256: 939c7a8e1ad74a44e0c847e38533e69e36454b6805d25acf3fb0cb5c472d245e
                                        
                                            GET /js/site/footerSignup.js?buildTime=1669994233 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://btconnect-1051093746btconnect.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.65.46
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
last-modified: Thu, 01 Dec 2022 20:21:50 GMT
etag: "63890cde-e10"
expires: Fri, 16 Dec 2022 15:19:39 GMT
cache-control: max-age=1209600
x-host: blu21.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 04 Dec 2022 13:24:35 GMT
age: 165897
x-served-by: cache-sjc10075-SJC, cache-bma1625-BMA
x-cache: HIT, HIT
x-cache-hits: 34, 403
x-timer: S1670160276.616739,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1372
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3600), with no line terminators
Size:   1372
Md5:    121a5b9688d8e70ee7bb06cc79491f76
Sha1:   3a28220baa7d8879270c8311bed7dddefa7e43e9
Sha256: 181716c84474c9eb6685a809d69dda5d49ce44dfbf64c5dee89a3091e23def40
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 13:24:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /js/lang/en/stl.js?buildTime=1667842284& HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://btconnect-1051093746btconnect.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.65.46
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
last-modified: Mon, 28 Nov 2022 20:02:26 GMT
etag: "638513d2-2c00a"
expires: Tue, 13 Dec 2022 09:13:30 GMT
cache-control: max-age=1209600
x-host: grn67.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 04 Dec 2022 13:24:35 GMT
age: 447065
x-served-by: cache-sjc10047-SJC, cache-bma1625-BMA
x-cache: HIT, HIT
x-cache-hits: 478, 1
x-timer: S1670160276.616322,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 32668
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65024)
Size:   32668
Md5:    d8a96093e4ac9525ad79fcfd57d8ef8a
Sha1:   c69965f81400795e52e7795f2befbb62dc84dbeb
Sha256: 260dadf35ac438d5101a0c5ad9f48d631d6e9652e92761af42e81338153831f2
                                        
                                            GET /css/old/fancybox.css?1667842284 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://btconnect-1051093746btconnect.weebly.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.65.46
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
last-modified: Mon, 21 Nov 2022 14:34:36 GMT
etag: "637b8c7c-f47"
expires: Mon, 05 Dec 2022 17:31:46 GMT
cache-control: max-age=1209600
x-host: blu105.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 04 Dec 2022 13:24:35 GMT
age: 1108369
x-served-by: cache-sjc10066-SJC, cache-bma1625-BMA
x-cache: HIT, HIT
x-cache-hits: 6976, 2
x-timer: S1670160276.627449,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1218
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3910)
Size:   1218
Md5:    b644e92258f4c7c0b4270047652d1e60
Sha1:   93734d52ee9e86a768159e514076051813c39cd9
Sha256: 29199496fb817668f887938571046abcdfb49063d0207d571b361f221f467907
                                        
                                            GET /files/theme/MutationObserver.js HTTP/1.1 
Host: btconnect-1051093746btconnect.weebly.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://btconnect-1051093746btconnect.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         199.34.228.54
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 04 Dec 2022 13:24:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 17 May 2022 14:16:26 GMT
x-rgw-object-type: Normal
ETag: W/"e52201e96af18dd02c85eb627c843491"
x-amz-request-id: tx000000000000001e8ea5c-006284b25c-b9fbc7f-sfo1
X-Storage-Bucket: z3974
X-Storage-Object: 397452d9f6a2ea6a2135b45c9e40139c68ac6661f3bab4413e7299586ccb408a
X-Host: blu28.sf2p.intern.weebly.net
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text
Size:   6842
Md5:    a502a64ac17dab318a72b5c6f667e5d6
Sha1:   9b623c5cdc2c288649ff13504131ea2c382e700d
Sha256: b0d53c00940847c4638accf26f204ef4569affa4a686ebcc5d3cc87d1697aa9d

Alerts:
  Blocklists:
    - openphish: BT Group plc
    - fortinet: Phishing
                                        
                                            GET /fonts/Oswald/font.css?2 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://btconnect-1051093746btconnect.weebly.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.65.46
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
last-modified: Mon, 21 Nov 2022 20:04:53 GMT
etag: "637bd9e5-4f0"
expires: Tue, 06 Dec 2022 07:46:31 GMT
cache-control: max-age=1209600
x-host: grn63.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 04 Dec 2022 13:24:35 GMT
age: 1057084
x-served-by: cache-sjc10054-SJC, cache-bma1625-BMA
x-cache: HIT, HIT
x-cache-hits: 29, 4
x-timer: S1670160276.628220,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 300
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   300
Md5:    b4e1fa8edbbb593aefc47d16b3254da7
Sha1:   f9b4e2c9b0df700a2a892be0c0853f92211a5656
Sha256: ddb677f162840a44ef4cdf085c35379f76e5b88162205a32cdf584acd826b1c3
                                        
                                            GET /images/site/footer/footer-toast-published-image-1.png HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://btconnect-1051093746btconnect.weebly.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.65.46
HTTP/2 200 OK
content-type: image/png
                                        
x-guploader-uploadid: ADPycdujQNpHaXULXK5hWOudOsrFbrCOJBmkXkf6lNHnzHxB1q3PphW4yFVZQbxms7rfGEwEu0IdDaAyLbpAPqDN6NvCrqCgiKDD
cache-control: public, max-age=86400, s-maxage=259200
expires: Thu, 06 Oct 2022 22:59:09 GMT
last-modified: Tue, 12 Feb 2019 18:19:08 GMT
etag: "6e0f7ad31bf187e0d88fc5787573ba71"
x-goog-generation: 1549995548326466
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 9677
x-goog-hash: crc32c=QhrKCw==, md5=bg960xvxh+DYj8V4dXO6cQ==
x-goog-storage-class: STANDARD
server: UploadServer
accept-ranges: bytes
date: Sun, 04 Dec 2022 13:24:35 GMT
via: 1.1 varnish
age: 138221
x-served-by: cache-bma1625-BMA
x-cache: HIT
x-cache-hits: 511
x-timer: S1670160276.627477,VS0,VE0
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 9677
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 199 x 97, 8-bit colormap, non-interlaced\012- data
Size:   9677
Md5:    6e0f7ad31bf187e0d88fc5787573ba71
Sha1:   14e8b85cc32a01c8901e4ac0160582d29a45e9e6
Sha256: 580ef6409e067a4ec4a427400c7d6216184869e2da53343df20753cc1f8a46cd
                                        
                                            GET /css/social-icons.css?buildtime=1667842284 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://btconnect-1051093746btconnect.weebly.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.65.46
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
last-modified: Fri, 18 Nov 2022 22:54:15 GMT
etag: W/"63780d17-3319"
expires: Mon, 05 Dec 2022 13:35:57 GMT
cache-control: max-age=1209600
x-host: blu123.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 04 Dec 2022 13:24:35 GMT
age: 1122518
x-served-by: cache-sjc10070-SJC, cache-bma1625-BMA
x-cache: HIT, HIT
x-cache-hits: 191, 1
x-timer: S1670160276.641751,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1640
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (13080)
Size:   1640
Md5:    b68dd725cb8837663dfea840359f5c54
Sha1:   e68b4672d22123b6dfda900d162401893c08de7e
Sha256: 6df067d045c633eba1de5b37d0d0c0e6804e78938d0e61042514b4663dc72223
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 13:24:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /js/jquery-1.8.3.min.js HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://btconnect-1051093746btconnect.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.65.46
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
last-modified: Tue, 29 Nov 2022 20:15:51 GMT
etag: "63866877-16dc4"
expires: Tue, 13 Dec 2022 23:08:14 GMT
cache-control: max-age=1209600
x-host: grn99.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 04 Dec 2022 13:24:35 GMT
age: 396982
x-served-by: cache-sjc10032-SJC, cache-bma1625-BMA
x-cache: HIT, HIT
x-cache-hits: 84, 2639
x-timer: S1670160276.627431,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 33467
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65483)
Size:   33467
Md5:    67a5a77f65f13559b3d723829f2e0108
Sha1:   5e861ec7c2993abffc3591d6132c47bc7cdc3e98
Sha256: ac4ffabaed7382810a3829d812e1a45c77984a1dbfaf7d172c8bc19b3cf68ca6
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: kLDDL5UcK2Nub2ElSQrUWA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         52.89.255.30
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: s3Qc51/+nkOJdepa7dANzUn6HHw=

                                        
                                            GET /fonts/Karla/font.css?2 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://btconnect-1051093746btconnect.weebly.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.65.46
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
last-modified: Mon, 21 Nov 2022 20:04:53 GMT
etag: "637bd9e5-6ae"
expires: Tue, 06 Dec 2022 09:24:23 GMT
cache-control: max-age=1209600
x-host: grn129.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 04 Dec 2022 13:24:35 GMT
age: 1051212
x-served-by: cache-sjc10062-SJC, cache-bma1625-BMA
x-cache: HIT, HIT
x-cache-hits: 22, 1
x-timer: S1670160276.651475,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 322
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   322
Md5:    d71cf3f7d1a0aeba7d9f9af0aec9eeef
Sha1:   0df230495adb47cd3d83ae78d6fd695f826b55e5
Sha256: da2980fa5103aadeafa7f1d903e44567f97d612ce52e17e4f03074ae4c7bccb6
                                        
                                            GET /js/site/main.js?buildTime=1667842284 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://btconnect-1051093746btconnect.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.65.46
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
last-modified: Tue, 29 Nov 2022 20:16:26 GMT
etag: "6386689a-74804"
expires: Wed, 14 Dec 2022 07:56:15 GMT
cache-control: max-age=1209600
x-host: blu114.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 04 Dec 2022 13:24:35 GMT
age: 365300
x-served-by: cache-sjc10020-SJC, cache-bma1625-BMA
x-cache: HIT, HIT
x-cache-hits: 1056, 1
x-timer: S1670160276.616766,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 146400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32147)
Size:   146400
Md5:    81b8673c5d3aa3ab8c0574f2a8f0e3b4
Sha1:   2e0661bc7907d9e2703b3347c3fec579f0aef5d6
Sha256: 0e981f4de6287406ce261fddea24aa05ded4b6a8c4c07283c363c1502071cf40
                                        
                                            GET /js/site/main-customer-accounts-site.js?buildTime=1667842284 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://btconnect-1051093746btconnect.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.65.46
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
last-modified: Mon, 21 Nov 2022 14:34:53 GMT
etag: "637b8c8d-8250f"
expires: Mon, 05 Dec 2022 17:31:44 GMT
cache-control: max-age=1209600
x-host: blu34.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 04 Dec 2022 13:24:35 GMT
age: 1108370
x-served-by: cache-sjc10058-SJC, cache-bma1625-BMA
x-cache: HIT, HIT
x-cache-hits: 12608, 1
x-timer: S1670160276.627625,VS0,VE2
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 158975
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32007)
Size:   158975
Md5:    c29a5e4fd4ee0d3b7cd0597f2b9b602b
Sha1:   bb134ed641467954f4a724167dc7ea56a03e7fa8
Sha256: bf9850a7e6dd269898b78ecf07a34438bc300cad0bbb2d280e10ccadf81646b2
                                        
                                            POST /ca/gsatlasr3dvtlsca2022q3 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         151.101.194.133
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Connection: keep-alive
Content-Length: 1462
Etag: "6B31E20E56465606C0E32F0D9CBDB21746FC3AEB"
Expires: Mon, 05 Dec 2022 01:00:00 UTC
Last-Modified: Sun, 04 Dec 2022 13:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
Accept-Ranges: bytes
Date: Sun, 04 Dec 2022 13:24:35 GMT
Via: 1.1 varnish
Age: 27
X-Served-By: cache-bma1678-BMA
X-Cache: HIT
X-Cache-Hits: 1
X-Timer: S1670160276.919452,VS0,VE1


--- Additional Info ---
Magic:  data
Size:   1462
Md5:    f9e666e6ce76fd713cfe239ba90970d6
Sha1:   97dd8f935e8b5d7a8ca507097bcf13eb454c40e1
Sha256: 169ff3329089e5b6145034d6c4f5b11c8470f00ba48973623746b056b0c33cd3
                                        
                                            GET /uploads/1/4/3/7/143782348/down-aol-yahoo-and-all_orig.png HTTP/1.1 
Host: btconnect-1051093746btconnect.weebly.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://btconnect-1051093746btconnect.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         199.34.228.54
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Sun, 04 Dec 2022 13:24:35 GMT
Content-Length: 4783
Connection: keep-alive
Last-Modified: Tue, 12 Oct 2021 23:49:28 GMT
x-rgw-object-type: Normal
ETag: "7a57e8e9030bfe4551c75f58e87da61e"
x-amz-request-id: tx00000000000002641f58f-0063623cfc-c6aed46-sfo1
X-Storage-Bucket: zedd8
X-Storage-Object: edd8b0668c9caae8e29d5680f045e4fbf7f4d6afa1adc4cf8366fa45c716ddcb
X-Host: grn42.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 259 x 164, 8-bit/color RGBA, non-interlaced\012- data
Size:   4783
Md5:    7a57e8e9030bfe4551c75f58e87da61e
Sha1:   742d6916a573f06fb5df69a236db25fb647462b5
Sha256: edd8b0668c9caae8e29d5680f045e4fbf7f4d6afa1adc4cf8366fa45c716ddcb

Alerts:
  Blocklists:
    - openphish: BT Group plc
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 13:24:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/robotomono/v22/L0xTDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_3vrtSM1J-gEPT5Ese6hmHSh0mQ.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://btconnect-1051093746btconnect.weebly.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.227
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22168
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Dec 2022 14:25:39 GMT
expires: Sun, 03 Dec 2023 14:25:39 GMT
cache-control: public, max-age=31536000
age: 82737
last-modified: Mon, 11 Jul 2022 18:56:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 22168, version 1.0\012- data
Size:   22168
Md5:    aecf4656f9d639613cf46bf25e28a08b
Sha1:   b51fb5207f34b7283474875e2493591784c09947
Sha256: f39f934bc7f7b1b4dfa532f4b38dac960a3a7ad6bb9789a412f03bdcb4abd9f5
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 13:24:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /files/theme/plugins.js?1667895926 HTTP/1.1 
Host: btconnect-1051093746btconnect.weebly.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://btconnect-1051093746btconnect.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         199.34.228.54
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 04 Dec 2022 13:24:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 24 Apr 2022 01:56:38 GMT
x-rgw-object-type: Normal
ETag: W/"2b8d85f1ea01d2c3e8b962eac8d76a5c"
x-amz-request-id: tx000000000000001b7bf86-0062847aed-b9fbc29-sfo1
X-Storage-Bucket: zb635
X-Storage-Object: b6353ca52760aba4e7547ae9861db68158dc2af0f4febece55e5c775ee4449f5
X-Host: grn61.sf2p.intern.weebly.net
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text
Size:   15721
Md5:    43e6b0bb6eb6524188831a282f7656d7
Sha1:   44e73fe367fc1fb8efee7eefac557b7d76ef0f44
Sha256: 9001fcfe93ceab40de4bb3535fc61335318c56d4440b53070cac27a26fef42bb

Alerts:
  Blocklists:
    - openphish: BT Group plc
    - fortinet: Phishing
                                        
                                            GET /files/theme/jquery.revealer.js?1667895926 HTTP/1.1 
Host: btconnect-1051093746btconnect.weebly.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://btconnect-1051093746btconnect.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         199.34.228.54
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 04 Dec 2022 13:24:36 GMT
Content-Length: 2828
Connection: keep-alive
Last-Modified: Tue, 26 Oct 2021 13:57:33 GMT
x-rgw-object-type: Normal
ETag: "c22ab67199a33d876512504cda4ff55b"
x-amz-request-id: tx000000000000000d11219-0061a71c4b-a9f4046-sfo1
X-Storage-Bucket: zc4cd
X-Storage-Object: c4cd233d3d6b0f184e99d5017e521b4c6f9106d3e546864a8ba516189b934311
X-Host: grn29.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text
Size:   2828
Md5:    c22ab67199a33d876512504cda4ff55b
Sha1:   36e96eae4644b6028532974fe5186a072792cb37
Sha256: c4cd233d3d6b0f184e99d5017e521b4c6f9106d3e546864a8ba516189b934311
                                        
                                            GET /files/theme/jquery.pxuMenu.js?1667895926 HTTP/1.1 
Host: btconnect-1051093746btconnect.weebly.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://btconnect-1051093746btconnect.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         199.34.228.54
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 04 Dec 2022 13:24:36 GMT
Content-Length: 3697
Connection: keep-alive
Last-Modified: Mon, 25 Apr 2022 13:50:18 GMT
x-rgw-object-type: Normal
ETag: "ac373d716afe4270df40f60417b0f418"
x-amz-request-id: tx000000000000001e53eb5-006284b0eb-b9fbc20-sfo1
X-Storage-Bucket: zf755
X-Storage-Object: f75570c56743e8c705cb06f5f1f9b1f8f2cc13119f5e2acda2f3bb8d987de94a
X-Host: blu33.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   3697
Md5:    ac373d716afe4270df40f60417b0f418
Sha1:   aba148148c771bb66b0b4aeab6eac8eb40352745
Sha256: f75570c56743e8c705cb06f5f1f9b1f8f2cc13119f5e2acda2f3bb8d987de94a

Alerts:
  Blocklists:
    - openphish: BT Group plc
    - fortinet: Phishing
                                        
                                            GET /files/theme/jquery.trend.js?1667895926 HTTP/1.1 
Host: btconnect-1051093746btconnect.weebly.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://btconnect-1051093746btconnect.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         199.34.228.54
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 04 Dec 2022 13:24:36 GMT
Content-Length: 3775
Connection: keep-alive
Last-Modified: Thu, 10 Feb 2022 08:22:06 GMT
x-rgw-object-type: Normal
ETag: "4beccebe0a060b2b2c43de5c2d4512ef"
x-amz-request-id: tx000000000000001c5c994-006284897e-b9fbc63-sfo1
X-Storage-Bucket: z446f
X-Storage-Object: 446f48f512ecc0b771af3c21a3036de3a1c5740d1e6bdbb61448834326d0c738
X-Host: grn50.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text
Size:   3775
Md5:    4beccebe0a060b2b2c43de5c2d4512ef
Sha1:   250a779dd017877b9f360b264cf072d9e87974ff
Sha256: 446f48f512ecc0b771af3c21a3036de3a1c5740d1e6bdbb61448834326d0c738
                                        
                                            GET /files/theme/custom-1.js?1667895926 HTTP/1.1 
Host: btconnect-1051093746btconnect.weebly.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://btconnect-1051093746btconnect.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         199.34.228.54
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 04 Dec 2022 13:24:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 26 Oct 2021 13:57:32 GMT
x-rgw-object-type: Normal
ETag: W/"214dde43cebf15418cdcc76f9677ee46"
x-amz-request-id: tx000000000000010e10358-0061c07192-a9f41e7-sfo1
X-Storage-Bucket: zcfbf
X-Storage-Object: cfbf67a85c039719090cff2c4718de99203b1ced78cfb8fae5f7240d2f1570b7
X-Host: blu26.sf2p.intern.weebly.net
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text
Size:   4097
Md5:    9f3b0abe72c25dcd381cb41900970422
Sha1:   559cf4346ff62e549e9b5d9856fb6d1d1139eb8b
Sha256: 297782594ab453c80e206ae349690e2580655f5b6700c32b2a9a8a167917ffb6

Alerts:
  Blocklists:
    - openphish: BT Group plc
    - fortinet: Phishing
                                        
                                            GET /files/theme/images/arrow-light.svg?1667896487 HTTP/1.1 
Host: btconnect-1051093746btconnect.weebly.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://btconnect-1051093746btconnect.weebly.com/files/main_style.css?1667896487
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         199.34.228.54
HTTP/1.1 200 OK
Content-Type: image/svg+xml; charset=us-ascii
                                        
Server: nginx
Date: Sun, 04 Dec 2022 13:24:36 GMT
Content-Length: 886
Connection: keep-alive
Last-Modified: Sat, 19 Mar 2022 04:38:52 GMT
x-rgw-object-type: Normal
ETag: "552eb2e04260fc0733e5633d15c6aeaa"
x-amz-request-id: tx0000000000000000448a8-006258b632-4d6022f-las
X-Storage-Bucket: z705f
X-Storage-Object: 705ff3240de004523ff9d628b28aad705ad3f0ceb046312495265a4042c67570
Content-Disposition: attachment
X-Host: blu25.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   886
Md5:    552eb2e04260fc0733e5633d15c6aeaa
Sha1:   0a9efcc3b0ebabb23a49a00061fd8200eded1613
Sha256: 705ff3240de004523ff9d628b28aad705ad3f0ceb046312495265a4042c67570

Alerts:
  Blocklists:
    - openphish: BT Group plc
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 13:24:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /recaptcha/api.js?_=1670160273994 HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://btconnect-1051093746btconnect.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.228
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
expires: Sun, 04 Dec 2022 13:24:36 GMT
date: Sun, 04 Dec 2022 13:24:36 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 553
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (850), with no line terminators
Size:   553
Md5:    1309ff133720d219cc98090d66a051ed
Sha1:   b96fc5a893e42be16d687d7abdecdb13d348a019
Sha256: 358683c66634ea5ee3021c93111d8621d583880bcbbfadf3ec2ff87a15ea1038
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 13:24:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails] HTTP/1.1 
Host: btconnect-1051093746btconnect.weebly.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 83
Origin: https://btconnect-1051093746btconnect.weebly.com
Connection: keep-alive
Referer: https://btconnect-1051093746btconnect.weebly.com/
Cookie: is_mobile=0; language=en; _snow_ses.6b78=*; _snow_id.6b78=002e7e96-609e-4a3f-9e6e-c69b5dc134ba.1670160274.1.1670160274.1670160274.98237d3b-5393-42de-8eaa-5d71ac2896d7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

search
                                         199.34.228.54
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Date: Sun, 04 Dec 2022 13:24:36 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: blu13.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 348
Keep-Alive: timeout=10, max=30
Connection: Keep-Alive


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (348), with no line terminators
Size:   348
Md5:    a944dd688c99d2901d6719be713271c0
Sha1:   4f5454d5d434829baf46671638610791758725d9
Sha256: adb97e1bc686c58b4286f1208d2bd969687c6cf3e2fc468697dfd956d260de49

Alerts:
  Blocklists:
    - openphish: BT Group plc
    - fortinet: Phishing
                                        
                                            GET /uploads/1/4/3/7/143782348/background-images/311947550.jpg HTTP/1.1 
Host: btconnect-1051093746btconnect.weebly.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://btconnect-1051093746btconnect.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         199.34.228.54
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Sun, 04 Dec 2022 13:24:36 GMT
Content-Length: 74265
Connection: keep-alive
Last-Modified: Sun, 31 Oct 2021 21:07:31 GMT
x-rgw-object-type: Normal
ETag: "28eaacc509734400e5d0342a39352bd9"
x-amz-request-id: tx000000000000026fd1ce5-0063616b33-c695612-sfo1
X-Storage-Bucket: zd6d3
X-Storage-Object: d6d3224d45f286e4570240ff243de497da4ec742f6edb886727108f8dd64e637
X-Host: blu43.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1600x900, components 3\012- data
Size:   74265
Md5:    28eaacc509734400e5d0342a39352bd9
Sha1:   df9acbeedc56a163e842de4589dd629b78d971ea
Sha256: d6d3224d45f286e4570240ff243de497da4ec742f6edb886727108f8dd64e637

Alerts:
  Blocklists:
    - openphish: BT Group plc
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.156
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=107556
Date: Sun, 04 Dec 2022 13:24:36 GMT
Etag: "638b8aa5-1d7"
Expires: Mon, 05 Dec 2022 19:17:12 GMT
Last-Modified: Sat, 03 Dec 2022 17:43:01 GMT
Server: ECS (nyb/1D2C)
X-Cache: Miss from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 5bhL3aAn1gkGohHuu3y7UrLRALvwJjEDPhOyJpSdj6hQzFh37H1QKA==
Age: 5651

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.156
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=106680
Date: Sun, 04 Dec 2022 13:24:36 GMT
Etag: "638b8aa5-1d7"
Expires: Mon, 05 Dec 2022 19:02:36 GMT
Last-Modified: Sat, 03 Dec 2022 17:43:01 GMT
Server: ECS (bsa/EB21)
X-Cache: Miss from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: WfAVPFnjSpg0cv6wd9pGSMP9s1ZJ64AOFR6G1x902JhaI164FZpDbg==
Age: 4775

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 13:24:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://btconnect-1051093746btconnect.weebly.com
Connection: keep-alive
Referer: https://btconnect-1051093746btconnect.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.211.3
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 19:09:57 GMT
expires: Tue, 28 Nov 2023 19:09:57 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
age: 497679
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (730)
Size:   162976
Md5:    79d18cf4265108d7cecca1bf4ada6109
Sha1:   e51d0285a545381d4c39e9e0292a650ffeeecbb9
Sha256: 59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
                                        
                                            GET /ga.js HTTP/1.1 
Host: ssl.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://btconnect-1051093746btconnect.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.136
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Sun, 04 Dec 2022 12:17:12 GMT
expires: Sun, 04 Dec 2022 14:17:12 GMT
cache-control: public, max-age=7200
age: 4044
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1305)
Size:   17168
Md5:    01d5892e6e243b52998310c2925b9f3a
Sha1:   58180151b6a6ee4af73583a214b68efb9e8844d4
Sha256: 7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 13:24:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: btconnect-1051093746btconnect.weebly.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://btconnect-1051093746btconnect.weebly.com/
Cookie: is_mobile=0; language=en; _snow_ses.6b78=*; _snow_id.6b78=002e7e96-609e-4a3f-9e6e-c69b5dc134ba.1670160274.1.1670160274.1670160274.98237d3b-5393-42de-8eaa-5d71ac2896d7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         199.34.228.54
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx
Date: Sun, 04 Dec 2022 13:24:36 GMT
Content-Length: 4286
Connection: keep-alive
Last-Modified: Fri, 24 Sep 2021 21:48:12 GMT
x-rgw-object-type: Normal
ETag: "4d27526198ac873ccec96935198e0fb9"
x-amz-request-id: tx000000000000000c7f3c4-0061a705d8-a9f6a62-sfo1
X-Storage-Bucket: z40a2
X-Storage-Object: 40a2146151863bcf46c786d596e81a308d1b0d26d74635be441e92656f29b1b4
X-Host: grn63.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Size:   4286
Md5:    4d27526198ac873ccec96935198e0fb9
Sha1:   b98d8b73ad6a0f7477c3397561b4aab37bf262aa
Sha256: 40a2146151863bcf46c786d596e81a308d1b0d26d74635be441e92656f29b1b4

Alerts:
  Blocklists:
    - openphish: BT Group plc
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3393
Expires: Sun, 04 Dec 2022 14:21:10 GMT
Date: Sun, 04 Dec 2022 13:24:37 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3393
Expires: Sun, 04 Dec 2022 14:21:10 GMT
Date: Sun, 04 Dec 2022 13:24:37 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3393
Expires: Sun, 04 Dec 2022 14:21:10 GMT
Date: Sun, 04 Dec 2022 13:24:37 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3393
Expires: Sun, 04 Dec 2022 14:21:10 GMT
Date: Sun, 04 Dec 2022 13:24:37 GMT
Connection: keep-alive

                                        
                                            OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1 
Host: ec.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://btconnect-1051093746btconnect.weebly.com/
Origin: https://btconnect-1051093746btconnect.weebly.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         52.32.213.25
HTTP/2 200 OK
                                        
date: Sun, 04 Dec 2022 13:24:36 GMT
content-length: 0
server: nginx
access-control-allow-origin: https://btconnect-1051093746btconnect.weebly.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 600
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3393
Expires: Sun, 04 Dec 2022 14:21:10 GMT
Date: Sun, 04 Dec 2022 13:24:37 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vNP2rQwmWTntetjJyjonO8N_YOBqvQuZUm42BWX7c1GoX7jASOIpCg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:49:42 GMT
age: 56095
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5681
Md5:    43309032a892c486f9985ef520df696e
Sha1:   36f4682ca6a33ff80ee02129c77e6f27e996ede0
Sha256: 24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 16143
x-amzn-requestid: dc86fad4-4e53-42c9-9b0a-5e4d2cfcd087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGyLGqmoAMFnaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a7-0ea324b31e8c6578098b8ab9;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KHd4ajJWl-8TDH5HGbkuJXI4NL6I83IwSUBKzfq85cxpyRH_LGl6OA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 05:55:20 GMT
age: 26957
etag: "1d702df3a64258628f4124eafd580695f2d350af"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   16143
Md5:    14dcca2a9c4792d835ee709bcd947402
Sha1:   1d702df3a64258628f4124eafd580695f2d350af
Sha256: da01dcd8fef7c50bdb6f7a8a6a4955694092f479df3dba72f7fa69d7280d07b2
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8315
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMGVboAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JuY0xcLDiERwrVhq33d4PP64liDqFfk9bc9xX1H62o0tOwrt1ek7Pg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:42:39 GMT
age: 56518
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8315
Md5:    db1701b7b9d161a0c935bb6e10b17893
Sha1:   22a8c4bd58c729c1abcf794466e8f3231dfb034b
Sha256: b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7728
x-amzn-requestid: 9f37e7a6-1f00-4a81-9b14-962fd0b6cdf4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMEJxoAMFchQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-4a4cce217327b44525ea1e98;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ztC4S0WeA3ft_9JafrL6fInXo4jwkb0cTWUx4Z8L2uz3EWQS-d6F5A==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 22:08:25 GMT
age: 54972
etag: "9f80bb7ca6f699d88eaec2248dec508c589fe994"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7728
Md5:    027480c06cd67621f373c6765dafee4d
Sha1:   9f80bb7ca6f699d88eaec2248dec508c589fe994
Sha256: f69a0d6bd6e79d8fa7f2f15df11237c0a8b04d45af3cd5870eeef86d18f553bf
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: z5uqgjB-Bsl0U55a8aFi37cpJ65Vnbjm6bJ2GnMpaO7RXsMZsOCbPQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:44:01 GMT
age: 56436
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4666
Md5:    c01fe1cccdb3b672bbade6d98217ffe9
Sha1:   a9a529dc9894827f6243a1bf57f81caa4fe88fc2
Sha256: c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F826f887d-ca78-40db-9b7d-6c693667c155.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7503
x-amzn-requestid: a4120308-c51e-4cff-99c2-90e86018b05d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cgZjCGkVIAMFpsw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6389a2e0-6fdf362a6d32449239476155;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 07:01:52 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dy619jlSTwCjwDhGuLmwTMcmuYj1Kg2oLA7xORyAYX8IHWimhNo6pw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 07:23:21 GMT
age: 21676
etag: "6a0258e8c97ce09f1723382c8a16d9682b7dc50c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7503
Md5:    c1a6f4805f59db44f9d3520d88701a58
Sha1:   6a0258e8c97ce09f1723382c8a16d9682b7dc50c
Sha256: ae120df5e96352c6998c24c69c709dfd2b01a7ff8a7b935d496757fd7661f2f5
                                        
                                            POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1 
Host: ec.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1811
Origin: https://btconnect-1051093746btconnect.weebly.com
Connection: keep-alive
Referer: https://btconnect-1051093746btconnect.weebly.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         52.32.213.25
HTTP/2 200 OK
content-type: text/plain; charset=UTF-8
                                        
date: Sun, 04 Dec 2022 13:24:37 GMT
content-length: 2
server: nginx
set-cookie: sp=bea4b2b1-2f23-47ca-857d-e41af99a9e1a; Expires=Mon, 04 Dec 2023 13:24:37 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://btconnect-1051093746btconnect.weebly.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   2
Md5:    444bcb3a3fcf8389296c49467f27e1d6
Sha1:   7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
Sha256: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df