Overview

URLbt-108449.weeblysite.com/
IP 199.34.228.97 (United States)
ASN#27647 WEEBLY
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-28 07:08:12 UTC
StatusLoading report..
IDS alerts0
Blocklist alert5
urlquery alerts No alerts detected
Tags None

Domain Summary (9)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
bt-108449.weeblysite.com (3) 0 No data No data 199.34.228.97 Domain (weeblysite.com) ranked at: 133646
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-28 05:46:10 UTC 34.117.237.239
bt-108449.weeblysite.com (3) 0 No data No data 199.34.228.96 Domain (weeblysite.com) ranked at: 133646
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
r3.o.lencr.org (5) 344 No data No data 23.36.77.32
ocsp.digicert.com (3) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 35.163.1.35
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-28 05:55:58 UTC 34.102.187.140
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
Scan Date Severity Indicator Comment
2022-11-27 2 bt-108449.weeblysite.com/ BT Group plc
2022-11-27 2 bt-108449.weeblysite.com/ BT Group plc
2022-11-27 2 bt-108449.weeblysite.com/ BT Group plc

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-28 2 bt-108449.weeblysite.com/ Phishing
2022-11-28 2 bt-108449.weeblysite.com/ Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 199.34.228.97
Date UQ / IDS / BL URL IP
2023-02-05 14:52:44 +0000 0 - 0 - 5 att-106942.weeblysite.com/ 199.34.228.97
2023-02-05 14:11:48 +0000 0 - 0 - 15 mail-102801.weeblysite.com/ 199.34.228.97
2023-02-05 13:04:03 +0000 0 - 0 - 27 att-109781.weeblysite.com/ 199.34.228.97
2023-02-05 12:45:21 +0000 0 - 0 - 5 xzccfdjdhdfh.weeblysite.com/ 199.34.228.97
2023-02-05 07:17:01 +0000 0 - 0 - 2 axxtxx.weeblysite.com/ 199.34.228.97


Last 5 reports on ASN: WEEBLY
Date UQ / IDS / BL URL IP
2023-02-05 16:08:33 +0000 0 - 0 - 18 printablemom.com/ 199.34.228.164
2023-02-05 14:52:44 +0000 0 - 0 - 5 att-106942.weeblysite.com/ 199.34.228.97
2023-02-05 14:38:45 +0000 0 - 0 - 5 att-108645-100332.weeblysite.com/ 199.34.228.96
2023-02-05 14:14:28 +0000 0 - 0 - 22 mail-103100.weeblysite.com/ 199.34.228.96
2023-02-05 14:11:48 +0000 0 - 0 - 15 mail-102801.weeblysite.com/ 199.34.228.97


Last 5 reports on domain: weeblysite.com
Date UQ / IDS / BL URL IP
2023-02-05 14:52:44 +0000 0 - 0 - 5 att-106942.weeblysite.com/ 199.34.228.97
2023-02-05 14:38:45 +0000 0 - 0 - 5 att-108645-100332.weeblysite.com/ 199.34.228.96
2023-02-05 14:14:28 +0000 0 - 0 - 22 mail-103100.weeblysite.com/ 199.34.228.96
2023-02-05 14:11:48 +0000 0 - 0 - 15 mail-102801.weeblysite.com/ 199.34.228.97
2023-02-05 14:06:55 +0000 0 - 0 - 24 gtdhdytjfy.weeblysite.com/ 199.34.228.96


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-02-05 14:52:44 +0000 0 - 0 - 5 att-106942.weeblysite.com/ 199.34.228.97
2023-02-05 12:45:21 +0000 0 - 0 - 5 xzccfdjdhdfh.weeblysite.com/ 199.34.228.97
2023-02-05 10:23:18 +0000 0 - 0 - 5 yahoo-105679.weeblysite.com/ 199.34.228.96
2023-02-05 04:11:53 +0000 0 - 0 - 5 mail-101245.weeblysite.com/ 199.34.228.97
2023-02-04 22:34:55 +0000 0 - 0 - 5 att-101836.weeblysite.com/ 199.34.228.96

JavaScript

Executed Scripts (0)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (22)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3954
Expires: Mon, 28 Nov 2022 08:13:55 GMT
Date: Mon, 28 Nov 2022 07:08:01 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5725
Cache-Control: max-age=104317
Date: Mon, 28 Nov 2022 07:08:01 GMT
Etag: "63833c71-1d7"
Expires: Tue, 29 Nov 2022 12:06:38 GMT
Last-Modified: Sun, 27 Nov 2022 10:31:13 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4FD46B0B6A2EA24F5CE175985A3933C04B4C01BD3E32BEE2E50A61A65EEF7AF4"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4901
Expires: Mon, 28 Nov 2022 08:29:42 GMT
Date: Mon, 28 Nov 2022 07:08:01 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 28 Nov 2022 06:19:32 GMT
cache-control: public,max-age=3600
age: 2909
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    d130218d0e2841f39c99610fe1a2ab90
Sha1:   29fbe1e177ee55c7a61ae0a206afff271cf5f945
Sha256: 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: nHHrOoAdX0lrENtxAaaC5MpM2n9xb7chIJk6gOqFLmXVjbgf3YOSWaAJqqikP2nYWOqNhMrC07Poy/FL4V3vXQ==
x-amz-request-id: D4M0954AKWRBDAJ6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 28 Nov 2022 06:41:57 GMT
age: 1564
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET / HTTP/1.1 
Host: bt-108449.weeblysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         199.34.228.97
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, private
Date: Mon, 28 Nov 2022 07:08:01 GMT
Location: https://bt-108449.weeblysite.com
Set-Cookie: publishedsite-xsrf=eyJpdiI6IkJUVUh6V0dqRHpSTWVHNEJ1a1VYRlE9PSIsInZhbHVlIjoiSzh0N0I1dUF4ZXUwR0czTTk5dFJcL3VTWHBteWlabFozNG9LK1NVMjkyejh0SlJtQjJLMFRPVUM4a1lrOUhuNmNcL2hKUFV6XC8wbXZFV2xIQTlUQXJqUkZKQml6WlhEc1VcLzJzVEx6bHE1cWJJdE9lekRcL0tJOWE3V2U2ZW5OT0VpZiIsIm1hYyI6IjI2NDJlNmJhMTMxYzhmNjc2Njg0ZTVlZDExYmJmYzVjNmI5OWMyMTU4Y2RiY2JjNzFhNzc5MTFjOWRjNDM5ZjkifQ%3D%3D; expires=Mon, 12-Dec-2022 07:08:01 GMT; Max-Age=1209600; path=/ XSRF-TOKEN=eyJpdiI6ImdDbFRDYUw5U0xueWxPZ3dpd0NTS3c9PSIsInZhbHVlIjoiQUU3Z2VhZTBseUdkRTNsN3ZMTTM4RmE1SzdhMEVsd01hejNodVc5SkU4MlUwXC9keGNSS21XUEY0TUlDV0Juc09hYVwvN05ITklRYXd2bEZTTHE3Z2diQk5hZENCZ0EwQ3BtNWVvRENsS09QWStNdm1zbHhUVkM5ZXF4MjBySFJSMSIsIm1hYyI6ImNlODljN2Y4MDJjMzhhZDkwYTRmMWQwYWQ4YmVmNmNkZmY4NGViN2I4NWU5M2ZlM2IxNGJmODYyOTkyYWY1ODYifQ%3D%3D; expires=Mon, 12-Dec-2022 07:08:01 GMT; Max-Age=1209600; path=/ PublishedSiteSession=eyJpdiI6IkszMXZcL1lVZmNEa3JXamhBbThHRExBPT0iLCJ2YWx1ZSI6IkNKbksxQW1vYWxselRHWkJjYVZcL0dEQWY4Mys2S3R5dFdzV29pS2orS09NVjl0SUVYUjhNTExPVVBoK0FZbVlveDhZUm0yXC9Bd0tBWVVMNFM5MFFIMGpTRXJERkhQY0prVUFKbXMyaGIxYXM4cGR6bTg0UEFGSlE4Uk4zdzUwUzkiLCJtYWMiOiJlYThiYmU0YzZjMjRlNzBlMTlhZmI0OTkyM2FiYThjODlhYjE0NWY1MjIzNDAyMmY2ZWM2NjAxNDVkZWJhM2Y4In0%3D; expires=Mon, 12-Dec-2022 07:08:01 GMT; Max-Age=1209600; path=/; httponly
X-Host: blu42.sf2p.intern.weebly.net
X-Revision: 8b6d9d887a47f8cceadf99cb849a3347de2cf18d
X-Request-ID: 2f638e556b1e76b47d6a4309c65fc557


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   374
Md5:    d2162c48d6aa8bde591c9f78f1f18e51
Sha1:   a8f10e72b4a881438fe2230ce68f93e2adcd8d6c
Sha256: 4485f9b6ff307892de4485bb2b86ba190dfd9ec3ae89b6c592d48d011a584b5f

Alerts:
  Blocklists:
    - openphish: BT Group plc
    - fortinet: Phishing
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Mon, 28 Nov 2022 07:08:01 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 28 Nov 2022 06:08:55 GMT
cache-control: public,max-age=3600
age: 3546
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3120
Cache-Control: max-age=166151
Date: Mon, 28 Nov 2022 07:08:02 GMT
Etag: "63843829-1d7"
Expires: Wed, 30 Nov 2022 05:17:13 GMT
Last-Modified: Mon, 28 Nov 2022 04:25:13 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4972
Cache-Control: max-age=98502
Date: Mon, 28 Nov 2022 07:08:02 GMT
Etag: "638328ac-1d7"
Expires: Tue, 29 Nov 2022 10:29:44 GMT
Last-Modified: Sun, 27 Nov 2022 09:06:52 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: kwZHR4I6a1FWWjFcESDbRA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         35.163.1.35
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: spXMVsUYhVV0ZALLcWCamebbdW0=

                                        
                                            GET / HTTP/1.1 
Host: bt-108449.weeblysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         199.34.228.96
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Mon, 28 Nov 2022 07:08:02 GMT
Set-Cookie: publishedsite-xsrf=eyJpdiI6Ik9IM1hmTXpaemFpMHpVc0RzSEtiWGc9PSIsInZhbHVlIjoiQ2xKVDVrSkF1XC9xUDJRQU9aUktFK1dDeFBDMSt3dGp6ajRpbUlhR1F6QWZiS1RpZkc4YjVRdkMzOXVSdkhhUnpDVmpUSW9wNzRTeTFHaTh1MGQ1emdJazZoNm0rQmdpYTZOK3kwZUZsamlST3ZzeVYyWlwvNzc4SDMyamFRazF3RCIsIm1hYyI6IjJkMTZjOTY2ODllOWU3YmVmN2EwNTRiY2E1OGE5M2FmYTAzOGE0YmY3MGFlNGQxOGIxZmVkMGI1ZTM4YzIwNjcifQ%3D%3D; expires=Mon, 12-Dec-2022 07:08:02 GMT; Max-Age=1209600; path=/ XSRF-TOKEN=eyJpdiI6InI4enptYTlYRmFvT1R6VnZ2WkVsamc9PSIsInZhbHVlIjoiTHRiYjZSS2Vmc0doeGlpbjlFVzRzRXlqTlB6OHlIVElqc2RFOENkTzZ0bFFQczRUUUZkbkltT0ZrbHUwYjlxYXJIaFBMVm5VbDlyOTZXazJKWkJpTTVGTTVGbnhtSTBIajdNMDd1Yzk5XC9GcUVBRlBmODY2OXllZk9pa2VITzE0IiwibWFjIjoiMTQyMzEwYTY5N2RmMmQ5YzJhMTUwNGNkYjIxODIyNTQ2NGUxMmZiZjBlZjIyNjZlYzgwY2Y4YzRkZjg0ZDVjYiJ9; expires=Mon, 12-Dec-2022 07:08:02 GMT; Max-Age=1209600; path=/ PublishedSiteSession=eyJpdiI6IjNoQnEwVlJqZnhROU1TWm92UTd3a1E9PSIsInZhbHVlIjoianhpMEZoZ0lIRzZrczRvUzR3c08yakxGUVdjVm1ib2RPQThHV1MzbHBaRHhpSlVPWU9MZHcrTjFodjE3TmUyK2UySjlUVHN0MUNvWGt3NVpFRWQyWjYzM2VSMjRJVGZ2dnAwdWp4THBRM2JnKzY4dVNHMnNQZWg3eUVXR3NHa1ciLCJtYWMiOiIwNmRjODI1ZjljMzRlNDk5MGQ5MjU0NTMwNzU4NTc3MzJlZGQ4ZWYxYmNiN2FhOWEzMzlmZWRkOTZmODYzMmVjIn0%3D; expires=Mon, 12-Dec-2022 07:08:02 GMT; Max-Age=1209600; path=/; httponly
X-Host: grn69.sf2p.intern.weebly.net
X-Revision: 8b6d9d887a47f8cceadf99cb849a3347de2cf18d
X-Request-ID: 5c2b3b7b820317c88828defd7e690748
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   620
Md5:    609283f0abd216f052c6b32877678dfb
Sha1:   990ea8c9bac587ffc680dfdcaf54706c0ee3288b
Sha256: 2c02a57d702cb0cf240374bb61b7724b408b998b9cd9825bc0e55f74f27cc10d

Alerts:
  Blocklists:
    - openphish: BT Group plc
    - fortinet: Phishing
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: bt-108449.weeblysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bt-108449.weeblysite.com/
Cookie: publishedsite-xsrf=eyJpdiI6Ik9IM1hmTXpaemFpMHpVc0RzSEtiWGc9PSIsInZhbHVlIjoiQ2xKVDVrSkF1XC9xUDJRQU9aUktFK1dDeFBDMSt3dGp6ajRpbUlhR1F6QWZiS1RpZkc4YjVRdkMzOXVSdkhhUnpDVmpUSW9wNzRTeTFHaTh1MGQ1emdJazZoNm0rQmdpYTZOK3kwZUZsamlST3ZzeVYyWlwvNzc4SDMyamFRazF3RCIsIm1hYyI6IjJkMTZjOTY2ODllOWU3YmVmN2EwNTRiY2E1OGE5M2FmYTAzOGE0YmY3MGFlNGQxOGIxZmVkMGI1ZTM4YzIwNjcifQ%3D%3D; XSRF-TOKEN=eyJpdiI6InI4enptYTlYRmFvT1R6VnZ2WkVsamc9PSIsInZhbHVlIjoiTHRiYjZSS2Vmc0doeGlpbjlFVzRzRXlqTlB6OHlIVElqc2RFOENkTzZ0bFFQczRUUUZkbkltT0ZrbHUwYjlxYXJIaFBMVm5VbDlyOTZXazJKWkJpTTVGTTVGbnhtSTBIajdNMDd1Yzk5XC9GcUVBRlBmODY2OXllZk9pa2VITzE0IiwibWFjIjoiMTQyMzEwYTY5N2RmMmQ5YzJhMTUwNGNkYjIxODIyNTQ2NGUxMmZiZjBlZjIyNjZlYzgwY2Y4YzRkZjg0ZDVjYiJ9; PublishedSiteSession=eyJpdiI6IjNoQnEwVlJqZnhROU1TWm92UTd3a1E9PSIsInZhbHVlIjoianhpMEZoZ0lIRzZrczRvUzR3c08yakxGUVdjVm1ib2RPQThHV1MzbHBaRHhpSlVPWU9MZHcrTjFodjE3TmUyK2UySjlUVHN0MUNvWGt3NVpFRWQyWjYzM2VSMjRJVGZ2dnAwdWp4THBRM2JnKzY4dVNHMnNQZWg3eUVXR3NHa1ciLCJtYWMiOiIwNmRjODI1ZjljMzRlNDk5MGQ5MjU0NTMwNzU4NTc3MzJlZGQ4ZWYxYmNiN2FhOWEzMzlmZWRkOTZmODYzMmVjIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         199.34.228.96
HTTP/1.1 200 OK
Content-Type: application/octet-stream
                                        
Server: nginx
Date: Mon, 28 Nov 2022 07:08:02 GMT
Content-Length: 1
Connection: keep-alive
Last-Modified: Tue, 14 Apr 2020 20:17:36 GMT
x-rgw-object-type: Normal
ETag: "93b885adfe0da089cdf634904fd59f71"
x-amz-meta-s3cmd-attrs: atime:1586895392/ctime:1586718963/gid:0/gname:root/md5:93b885adfe0da089cdf634904fd59f71/mode:33188/mtime:1586718963/uid:0/uname:root
x-amz-request-id: tx000000000000001ac69fa-00628473f9-b9fbc64-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: grn149.sf2p.intern.weebly.net
X-Revision: 8b6d9d887a47f8cceadf99cb849a3347de2cf18d
X-Request-ID: 108cf6bb5b4d0b64490f72c449eebce4


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    93b885adfe0da089cdf634904fd59f71
Sha1:   5ba93c9db0cff93f52b521d7420e43f6eda2784f
Sha256: 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Alerts:
  Blocklists:
    - openphish: BT Group plc
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3510
Expires: Mon, 28 Nov 2022 08:06:33 GMT
Date: Mon, 28 Nov 2022 07:08:03 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3510
Expires: Mon, 28 Nov 2022 08:06:33 GMT
Date: Mon, 28 Nov 2022 07:08:03 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3510
Expires: Mon, 28 Nov 2022 08:06:33 GMT
Date: Mon, 28 Nov 2022 07:08:03 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd56d2fad-ed89-4d96-831f-7f8467b7079b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10119
x-amzn-requestid: 20bfd6a6-2981-42ca-8997-9363676773c1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR782HEZIAMFTKQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d9eb-552581a92a69d6cd322bf334;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _jTN1lFL0_PS-9DYgE6O2V6s6AYnlGJs0xCEHn761Mxq_asytlaRoQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:40 GMT
age: 33383
etag: "9a3ca698ca1aeae695923277ed2244465e01a1ea"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10119
Md5:    15bd53848c7082464273007e010c54e0
Sha1:   9a3ca698ca1aeae695923277ed2244465e01a1ea
Sha256: 36cfa29965173ea683992d4b436f393e92c978350347f869355d933613e2c005
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F17eed5ca-e7b1-43be-b937-69356fce9d8a.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4708
x-amzn-requestid: 6efd15cd-c944-42e7-8142-01360fbe4a25
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_JFbXIAMFc_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-3c7d91eb7a2f3a9669f89d88;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6FSZ3Zw-s95LlrU3skAr5_g6m36c9SQ9_6vA3HFbMKYTTFzJRBJ76w==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:26:43 GMT
age: 31280
etag: "a73feecd0e221f7c7a3b74b75aeaa81bd9baa1da"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4708
Md5:    4060284252d32701c42e2df4a83970a0
Sha1:   a73feecd0e221f7c7a3b74b75aeaa81bd9baa1da
Sha256: 53eca0f8435d6e2e62962ef80d4597afad2773a582746d523f7f5d30c3e07b8e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6c93814-fbc2-4f60-a417-7cb6ff99a2ef.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6263
x-amzn-requestid: 5c3da401-eb9e-4904-a7e9-5e74648b8b77
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_KFfWoAMF99A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-3110d65625e883502a5078a9;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: X6t2ucU4VTXi5XIRLVpmTMxEW3MtinOQs3mIHIhgeW6aK6kN53dWEQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:18 GMT
age: 33405
etag: "c033d1ecdb9e7640f3df044e39053bed8292fcbc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6263
Md5:    b24e349e9d22fb30fbc80497b512cead
Sha1:   c033d1ecdb9e7640f3df044e39053bed8292fcbc
Sha256: 2d77e3c39c60a3563613b1ba97ec0b1a256f41ad09936ba49b23d8cf22f8a7a8
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NMMuQ1NNks65LJK_HDAK69MfCJ3pS0Y6VzBs8_5Oku64v4FSWADCdw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:46 GMT
age: 32777
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9430
Md5:    1f434933b5bd6377d299ada22d1ae7ef
Sha1:   075531f525e625b117b2497f31139c9824d0e9c5
Sha256: b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f14adca-9ca8-4ff4-8a3e-4620f8c1e8f8.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8568
x-amzn-requestid: da2726a2-20ad-4201-b4e9-3de9be88a485
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7-BHcUIAMFieA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d9f3-370921803a9de7e627682c94;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MPWvdL-woEL21aHiMtzg--1Z1p2w9y0XTGxb445LyuMVlWTp4nsMQw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:16:30 GMT
age: 31893
etag: "16096289cd354fada56dbb3f2d75d406ae8ab62f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8568
Md5:    13f4c2b3410532b6c756990f1759da46
Sha1:   16096289cd354fada56dbb3f2d75d406ae8ab62f
Sha256: 9894d998a884f2b5637bd12b0cd3df556835ea7a3134eb0f516fc03e3d31c26c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4908162-9f1d-4654-8d78-fe85386ce233.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7556
x-amzn-requestid: 1cda5313-2256-4830-bf84-2e6e15949d3e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR78KFTmoAMF4yg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d9e7-452e36d718a298d12a2374a9;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 70UuQl2XCoplrZYENrKleE2mcvB-xP9zZGs8Tuh21NidSiHvA97sXw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:09 GMT
age: 33414
etag: "1a542a53ba0b1cd0fb23257ebed8166555f16dfb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7556
Md5:    7e5051d8c06f69e1842a9295ce256a36
Sha1:   1a542a53ba0b1cd0fb23257ebed8166555f16dfb
Sha256: a7c0dbbb4d0d9138f5ca318cc2aa44e12dadf7ed6263ec204ba756da64b29c41