Report - webmail.robusduct.com/

Report Overview

Submitted URL
webmail.robusduct.com/
IP
103.191.208.50
ASN
#0
Submitted
2023-03-25 23:50:11
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
12

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-29T05:09:31Z	333 B	391 B	34.117.237.239
ocsp.comodoca.com	1696	2012-05-21T09:01:17Z	2023-03-29T10:52:11Z	341 B	1.0 kB	104.18.32.68
www.milesweb.in	unknown	2018-03-28T14:46:26Z	2023-03-26T00:50:00Z	811 B	9.8 kB	103.191.208.201
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-29T10:13:53Z	431 B	2.3 kB	172.217.21.170
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-29T05:09:11Z	2.7 kB	7.1 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-29T05:09:31Z	413 B	5.9 kB	34.160.144.191
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-29T05:09:32Z	606 B	127 B	52.39.77.173
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-29T11:19:48Z	509 B	46 kB	216.58.207.227
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-29T05:09:12Z	3.2 kB	68 kB	34.120.237.76
webmail.robusduct.com	unknown	2019-06-05T18:04:24Z	2023-03-26T00:49:54Z	5.4 kB	93 kB	103.191.208.50
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-29T05:09:03Z	782 B	2.4 kB	35.241.9.150
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-29T05:09:04Z	1.7 kB	3.5 kB	142.250.74.131
ka-f.fontawesome.com	3598	2019-12-17T07:36:13Z	2023-03-29T05:34:09Z	1.8 kB	9.1 kB	172.64.169.22
kit.fontawesome.com	1868	2019-12-16T20:51:31Z	2023-03-29T05:25:02Z	410 B	650 B	104.18.23.52

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-03-25	medium	webmail.robusduct.com/	Malware
2023-03-25	medium	webmail.robusduct.com/	Malware
2023-03-25	medium	webmail.robusduct.com/cPanel_magic_revision_1652458542/unprotected/MWTheme/images/cpanel-tutorial.svg	Malware
2023-03-25	medium	webmail.robusduct.com/cPanel_magic_revision_1652458542/unprotected/MWTheme/images/FAQ3.svg	Malware
2023-03-25	medium	webmail.robusduct.com/cPanel_magic_revision_1652458542/unprotected/MWTheme/images/pool-of-knowledge.svg	Malware
2023-03-25	medium	webmail.robusduct.com/cPanel_magic_revision_1678963566/	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (4)

	URL	Size	First Seen	Last Seen
	kit.fontawesome.com/eb54a157e0.js	11 kB	2023-03-14	2023-03-29
Pretty URL kit.fontawesome.com/eb54a157e0.js IP 104.18.23.52 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 06:23:51 Last Seen2023-03-29 22:40:24 Times Seen3 Hash a0fe05940fd75cae9ac827afe793462e 4360be9327815adbd65abc1d150b7cce78d0cb82 b306d720a2d765209c4f7d5fe6eb5939e5764717424f38d7c91a5257b542560e Loading...

	webmail.robusduct.com/	84 B	2023-03-07	2024-04-18
Pretty URL webmail.robusduct.com/ IP 103.191.208.50 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:37 Last Seen2024-04-18 12:54:36 Times Seen1350 Hash f88baf75b8e07dd7ec741e96546bc4f7 a74b22312f7ce6ea751190a32f188b305f2e71e3 1e5f5c8697f7a5934a4e88d298805feb7272c5ae7b1a357b44ec0b5289b60a50 Loading...

	webmail.robusduct.com/	20 kB	2023-03-29	2023-03-29
Pretty URL webmail.robusduct.com/ IP 103.191.208.50 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 22:40:24 Last Seen2023-03-29 22:40:24 Times Seen1 Hash b8c6365229543b4d7213dba7b61ff049 ebc8de4b2390ff9169cf9ca47f0fcc84814207a3 3437f1fb019478b2fa5199b51d27f527fbe9f91dec799886c371e0de3b369703 Loading...

	webmail.robusduct.com/	180 B	2023-03-08	2023-03-29
Pretty URL webmail.robusduct.com/ IP 103.191.208.50 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:07:59 Last Seen2023-03-29 22:40:24 Times Seen3 Hash 0a7a3740cad4a1ad7a691f24d984464d e701895ebf819a1154fa151ce80bf88c36880c39 5957548727fc1b5ac323e7168c8833c79effa9fcf44004b658b78753481fc80f Loading...

HTTP Transactions (44)

URL IP Response Size

webmail.robusduct.com/

103.191.208.50

301 Moved Permanently

114 B

URL HTTP/1.1
webmail.robusduct.com/
IP
103.191.208.50:0
ASN
#0

File type
HTML document text\012- HTML document, ASCII text
Size
114 B (114 bytes)
Hash
450e436d1680391da925bb405514c5b6
0cf3e4fb4558d3efff5862c6125b82f9fe8f913b
d95a926753c980e3235827bdf8f54308e05e63e1d164eb4c81eac8391413f01b

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: webmail.robusduct.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 25 Mar 2023 23:50:00 GMT
Content-Type: text/html; charset="utf-8"
Content-Length: 114
location: https://webmail.robusduct.com/
cache-control: no-cache, no-store, must-revalidate, private

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5d9435c884bf4a0777fdf4b57079ae09
7f04b9db47ffeec90ac6397416b7553e5336a550
fe77420ec3a11f547cf5172b68d30faa4fe0c13165ae305f0013b02914e61084

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FE77420EC3A11F547CF5172B68D30FAA4FE0C13165AE305F0013B02914E61084"
Last-Modified: Sat, 25 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10082
Expires: Sun, 26 Mar 2023 02:38:02 GMT
Date: Sat, 25 Mar 2023 23:50:00 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dfd491ebe7381221b3674c2c8bf9e566
d2ac5badf17f348c28a52e9db10e6eb80e5a231a
34a026664386054b0b73c36cd1ddfce023551ee41963df0e38248bac1e1eb56c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "34A026664386054B0B73C36CD1DDFCE023551EE41963DF0E38248BAC1E1EB56C"
Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12121
Expires: Sun, 26 Mar 2023 03:12:01 GMT
Date: Sat, 25 Mar 2023 23:50:00 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 25 Mar 2023 23:27:46 GMT
content-type: application/json
age: 1335
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9bb70197d53617b5e6889b890dd2ae26
f3e9b8a743de494529baf2d078a622539f965307
a094a13905b7f1cd89475f9c83f9245580d4c3c7228d51d5c16622aec3c6aa45

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A094A13905B7F1CD89475F9C83F9245580D4C3C7228D51D5C16622AEC3C6AA45"
Last-Modified: Sat, 25 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3798
Expires: Sun, 26 Mar 2023 00:53:19 GMT
Date: Sat, 25 Mar 2023 23:50:01 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: RhR5yG/0AwaHaVElzKiw0Vx/OtU6sQe5rxgjsakDHDy7SOEhfhXPN/aLP0hqSGSFYC/WRvrpOuk=
x-amz-request-id: H140BNQCD8R4EK5S
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 25 Mar 2023 22:55:05 GMT
age: 3296
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 23:50:01 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.comodoca.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.comodoca.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
8d36a6f514cdef7492ff0eaef56b6276
6a1060e0036f58ee30663140477cd47db874c501
85d2f2e4f198fdd9dbeb411bba736076cce523cfb185c6ce8944c7cb5e871dde

HTTP Headers

POST / HTTP/1.1
Host: ocsp.comodoca.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 23:50:01 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 24 Mar 2023 01:08:20 GMT
Expires: Fri, 31 Mar 2023 01:08:19 GMT
Etag: "6a1060e0036f58ee30663140477cd47db874c501"
Cache-Control: max-age=436099,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7adb0dc28a74b4ee-OSL

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Content-Type, Cache-Control, Pragma, Alert, Last-Modified, Retry-After, Backoff, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 25 Mar 2023 23:14:33 GMT
age: 2128
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
717ebcc65cb1390c2509851bac7b5878
1e04e3058329f3809bc01022d441172dcacc1aaa
3c8d41efe14dc75e001ce50aae65e133d90bcb2e2f86b2426cefe7abe4c7b588

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C8D41EFE14DC75E001CE50AAE65E133D90BCB2E2F86B2426CEFE7ABE4C7B588"
Last-Modified: Fri, 24 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3510
Expires: Sun, 26 Mar 2023 00:48:31 GMT
Date: Sat, 25 Mar 2023 23:50:01 GMT
Connection: keep-alive

webmail.robusduct.com/

103.191.208.50

200 OK

15 kB

URL HTTP/2
webmail.robusduct.com/
IP
103.191.208.50:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (10609)
Size
15 kB (14590 bytes)
Hash
fc029801c2bcbc881d4adfcd272f697c
ccbb042d856bbaf9ac623a741d4f1bec6495e120
ab8915dd06bdfa1b13da7bd6990a29c5355c9cba36f21c263382bc9306710536

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: webmail.robusduct.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 23:50:01 GMT
content-type: text/html; charset="utf-8"
content-length: 14590
cache-control: no-cache, no-store, must-revalidate, private
pragma: no-cache
set-cookie: webmailrelogin=no; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443; secure
webmailsession=%3a5WMFTOwnrd4Rjq_M%2c6ba0148a4a4bfda9be391e3b9394a841; HttpOnly; path=/; port=443; secure
roundcube_sessid=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443; secure
roundcube_sessauth=expired; HttpOnly; domain=webmail.robusduct.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443; secure
Horde=expired; HttpOnly; domain=.webmail.robusduct.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443; secure
horde_secret_key=expired; HttpOnly; domain=.webmail.robusduct.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443; secure
Horde=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443; secure
Horde=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/horde; port=443; secure
PPA_ID=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443; secure
imp_key=expired; HttpOnly; domain=webmail.robusduct.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443; secure
Horde=expired; HttpOnly; domain=.webmail.robusduct.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443; secure
horde_secret_key=expired; HttpOnly; domain=.webmail.robusduct.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443; secure
roundcube_cookies=enabled; HttpOnly; expires=Sun, 24-Mar-2024 23:50:01 GMT; path=/; port=443; secure
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-encoding: gzip
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
63ca8c4e17e0b692d1829cd62b9af3af
d0bbecbe0b93ea21026898dbd13edee5fc071cb2
1208545ecf01edb7bcef0b3c288d9edd34d2034c7404ba68a64c2ef251cb42f1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 23:50:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
63ca8c4e17e0b692d1829cd62b9af3af
d0bbecbe0b93ea21026898dbd13edee5fc071cb2
1208545ecf01edb7bcef0b3c288d9edd34d2034c7404ba68a64c2ef251cb42f1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 23:50:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

52.39.77.173

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.39.77.173:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Ft40ZfCviP1Z4c63sVSAXw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: zQxxHOwFkdrT90psH8IdH5bMJw8=

webmail.robusduct.com/cPanel_magic_revision_1664857947/unprotected/MWTheme/style_v2_optimized.css

103.191.208.50

200 OK

33 kB

URL HTTP/2
webmail.robusduct.com/cPanel_magic_revision_1664857947/unprotected/MWTheme/style_v2_optimized.css
IP
103.191.208.50:0
ASN
#0

File type
ASCII text, with very long lines (36021)
Size
33 kB (32649 bytes)
Hash
e6874143b8151d822f463704d3c4e52c
96b9fa23fe89a28fb62f591cd2db126116ff54a7
b69ad070341e1c799775aea4303b080e8c4b835c6df60673b7af9a0a007f59ff

HTTP Headers

GET /cPanel_magic_revision_1664857947/unprotected/MWTheme/style_v2_optimized.css HTTP/1.1
Host: webmail.robusduct.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmail.robusduct.com/
Cookie: webmailsession=%3a5WMFTOwnrd4Rjq_M%2c6ba0148a4a4bfda9be391e3b9394a841; roundcube_cookies=enabled
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 23:50:02 GMT
content-type: text/css
content-length: 32649
last-modified: Tue, 04 Oct 2022 04:32:27 GMT
cache-control: max-age=5184000, public
expires: Wed, 24 May 2023 23:50:01 GMT
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-encoding: gzip
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

webmail.robusduct.com/cPanel_magic_revision_1652458542/unprotected/MWTheme/images/cpanel-tutorial.svg

103.191.208.50

200 OK

301 B

URL HTTP/2
webmail.robusduct.com/cPanel_magic_revision_1652458542/unprotected/MWTheme/images/cpanel-tutorial.svg
IP
103.191.208.50:0
ASN
#0

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (539), with no line terminators
Size
301 B (301 bytes)
Hash
2e6afcb2b3187b8022d51e0b15966a94
87d2ac4ede7ba0d9f8e35e98f3021c2b045d0f25
5a4518eef4815e8835292de4391b26908a61497851f3e6681b6b9ef0163b39e3

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /cPanel_magic_revision_1652458542/unprotected/MWTheme/images/cpanel-tutorial.svg HTTP/1.1
Host: webmail.robusduct.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmail.robusduct.com/
Cookie: webmailsession=%3a5WMFTOwnrd4Rjq_M%2c6ba0148a4a4bfda9be391e3b9394a841; roundcube_cookies=enabled
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 23:50:02 GMT
content-type: image/svg+xml
content-length: 301
last-modified: Tue, 04 Oct 2022 04:32:29 GMT
cache-control: max-age=5184000, public
expires: Wed, 24 May 2023 23:50:02 GMT
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-encoding: gzip
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

webmail.robusduct.com/cPanel_magic_revision_1652458542/unprotected/MWTheme/images/refer-&-earn.svg

103.191.208.50

200 OK

515 B

URL HTTP/2
webmail.robusduct.com/cPanel_magic_revision_1652458542/unprotected/MWTheme/images/refer-&-earn.svg
IP
103.191.208.50:0
ASN
#0

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1091), with no line terminators
Size
515 B (515 bytes)
Hash
ee5be232738344aad6819d6d20e17413
960ad1ac4f40c31014bf343637fe25a44d5d318a
263bbe6e257ef04cebef397dc676ec9585ebd84f53ba6230c0fa95922060432b

HTTP Headers

GET /cPanel_magic_revision_1652458542/unprotected/MWTheme/images/refer-&-earn.svg HTTP/1.1
Host: webmail.robusduct.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmail.robusduct.com/
Cookie: webmailsession=%3a5WMFTOwnrd4Rjq_M%2c6ba0148a4a4bfda9be391e3b9394a841; roundcube_cookies=enabled
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 23:50:02 GMT
content-type: image/svg+xml
content-length: 515
last-modified: Tue, 04 Oct 2022 04:32:32 GMT
cache-control: max-age=5184000, public
expires: Wed, 24 May 2023 23:50:02 GMT
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-encoding: gzip
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

webmail.robusduct.com/cPanel_magic_revision_1652458542/unprotected/MWTheme/images/FAQ3.svg

103.191.208.50

200 OK

327 B

URL HTTP/2
webmail.robusduct.com/cPanel_magic_revision_1652458542/unprotected/MWTheme/images/FAQ3.svg
IP
103.191.208.50:0
ASN
#0

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (646), with no line terminators
Size
327 B (327 bytes)
Hash
f052e1206289d0e2798fe33eabff6db4
08ef3656391bdc1a70c4cd6b663386191f787c88
d4a9b6649e7ce820d2afb3d1fd1ce1583de0d5d031790024152160a349bb57c3

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /cPanel_magic_revision_1652458542/unprotected/MWTheme/images/FAQ3.svg HTTP/1.1
Host: webmail.robusduct.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmail.robusduct.com/
Cookie: webmailsession=%3a5WMFTOwnrd4Rjq_M%2c6ba0148a4a4bfda9be391e3b9394a841; roundcube_cookies=enabled
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 23:50:02 GMT
content-type: image/svg+xml
content-length: 327
last-modified: Tue, 04 Oct 2022 04:32:29 GMT
cache-control: max-age=5184000, public
expires: Wed, 24 May 2023 23:50:02 GMT
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-encoding: gzip
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

webmail.robusduct.com/cPanel_magic_revision_1663837273/unprotected/MWTheme/login.css

103.191.208.50

200 OK

439 B

URL HTTP/2
webmail.robusduct.com/cPanel_magic_revision_1663837273/unprotected/MWTheme/login.css
IP
103.191.208.50:0
ASN
#0

File type
ASCII text, with CRLF line terminators
Size
439 B (439 bytes)
Hash
75e5b5248271fb0b6548a46b826ac875
370b3c2cb0ee5955c8160721a2a61f711f3f4d7f
859c40886b6bb8da2214c33b4cb1b365390c9db3f09a018bd68a7d9badb53ae6

HTTP Headers

GET /cPanel_magic_revision_1663837273/unprotected/MWTheme/login.css HTTP/1.1
Host: webmail.robusduct.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmail.robusduct.com/
Cookie: webmailsession=%3a5WMFTOwnrd4Rjq_M%2c6ba0148a4a4bfda9be391e3b9394a841; roundcube_cookies=enabled
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 23:50:02 GMT
content-type: text/css
content-length: 439
last-modified: Tue, 04 Oct 2022 04:32:24 GMT
cache-control: max-age=5184000, public
expires: Wed, 24 May 2023 23:50:02 GMT
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-encoding: gzip
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

webmail.robusduct.com/cPanel_magic_revision_1652458542/unprotected/MWTheme/images/pool-of-knowledge.svg

103.191.208.50

200 OK

536 B

URL HTTP/2
webmail.robusduct.com/cPanel_magic_revision_1652458542/unprotected/MWTheme/images/pool-of-knowledge.svg
IP
103.191.208.50:0
ASN
#0

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1447), with no line terminators
Size
536 B (536 bytes)
Hash
285a37f065c7c96d266baa944da43537
422b880809ed5799d0ce15ed512d68fa1b2b8a49
0541f1f62a862d6718c03a6751678e957069287e2ab1e86d058f2e4e9b8c70b8

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /cPanel_magic_revision_1652458542/unprotected/MWTheme/images/pool-of-knowledge.svg HTTP/1.1
Host: webmail.robusduct.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmail.robusduct.com/
Cookie: webmailsession=%3a5WMFTOwnrd4Rjq_M%2c6ba0148a4a4bfda9be391e3b9394a841; roundcube_cookies=enabled
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 23:50:02 GMT
content-type: image/svg+xml
content-length: 536
last-modified: Tue, 04 Oct 2022 04:32:32 GMT
cache-control: max-age=5184000, public
expires: Wed, 24 May 2023 23:50:02 GMT
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-encoding: gzip
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

webmail.robusduct.com/cPanel_magic_revision_1652458542/unprotected/MWTheme/images/c-panel-login.png

103.191.208.50

200 OK

21 kB

URL HTTP/2
webmail.robusduct.com/cPanel_magic_revision_1652458542/unprotected/MWTheme/images/c-panel-login.png
IP
103.191.208.50:0
ASN
#0

File type
PNG image data, 1384 x 947, 8-bit colormap, non-interlaced\012- data
Size
21 kB (21063 bytes)
Hash
deee7f868017d82d9d4d03d32b312f3c
b456d2d2b1eed40ce3c2b4ed11c06446b6b9496a
c789737d435d86e7e7b9df0ef8432268cc11d411961e3fec962b59a0b36bc96c

HTTP Headers

GET /cPanel_magic_revision_1652458542/unprotected/MWTheme/images/c-panel-login.png HTTP/1.1
Host: webmail.robusduct.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmail.robusduct.com/
Cookie: webmailsession=%3a5WMFTOwnrd4Rjq_M%2c6ba0148a4a4bfda9be391e3b9394a841; roundcube_cookies=enabled
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 23:50:02 GMT
content-type: image/png
content-length: 21063
last-modified: Tue, 04 Oct 2022 04:32:29 GMT
cache-control: max-age=5184000, public
expires: Wed, 24 May 2023 23:50:02 GMT
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

webmail.robusduct.com/cPanel_magic_revision_1678963566/

103.191.208.50

200 OK

15 kB

URL HTTP/2
webmail.robusduct.com/cPanel_magic_revision_1678963566/
IP
103.191.208.50:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (10609)
Size
15 kB (14604 bytes)
Hash
bd5141e09bd3bfd4b67fe3c77ff6ea91
8c74f91990b961846a27bd451af77ee5824a4345
aa5f345923fba5464bde68cf1ae9c859b01c117cb3df501c92924ed877c5c777

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /cPanel_magic_revision_1678963566/ HTTP/1.1
Host: webmail.robusduct.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmail.robusduct.com/
Cookie: webmailsession=%3a5WMFTOwnrd4Rjq_M%2c6ba0148a4a4bfda9be391e3b9394a841; roundcube_cookies=enabled
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 23:50:02 GMT
content-type: text/html; charset="utf-8"
content-length: 14604
cache-control: no-cache, no-store, must-revalidate, private
pragma: no-cache
set-cookie: webmailrelogin=no; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443; secure
webmailsession=%3aJAvkn8VC1LxCpRcH%2c47117abac258366ad7ea5d857308cddd; HttpOnly; path=/; port=443; secure
roundcube_sessid=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443; secure
roundcube_sessauth=expired; HttpOnly; domain=webmail.robusduct.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443; secure
Horde=expired; HttpOnly; domain=.webmail.robusduct.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443; secure
horde_secret_key=expired; HttpOnly; domain=.webmail.robusduct.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443; secure
Horde=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443; secure
Horde=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/horde; port=443; secure
PPA_ID=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443; secure
imp_key=expired; HttpOnly; domain=webmail.robusduct.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443; secure
Horde=expired; HttpOnly; domain=.webmail.robusduct.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443; secure
horde_secret_key=expired; HttpOnly; domain=.webmail.robusduct.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443; secure
roundcube_cookies=enabled; HttpOnly; expires=Sun, 24-Mar-2024 23:50:02 GMT; path=/; port=443; secure
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-encoding: gzip
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

www.milesweb.in/styles/open-sans.css

103.191.208.201

200 OK

728 B

URL HTTP/2
www.milesweb.in/styles/open-sans.css
IP
103.191.208.201:0
ASN
#0

File type
ASCII text
Size
728 B (728 bytes)
Hash
1a27b99b0758c7faaffec0c49a3106d3
c40685371a6e32943617cf16e83be89191a8d498
1fd427a3f6788733a0a41723dfcc4773b3f9e0a05cd111c16bd88acfdc1ac378

HTTP Headers

GET /styles/open-sans.css HTTP/1.1
Host: www.milesweb.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmail.robusduct.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Mon, 24 Apr 2023 23:50:02 GMT
content-type: text/css
last-modified: Sat, 16 Apr 2022 09:33:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 728
date: Sat, 25 Mar 2023 23:50:02 GMT
server: LiteSpeed
x-frame-options: DENY
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

www.milesweb.in/img-assets/logo/milesweb.png

103.191.208.201

200 OK

8.0 kB

URL HTTP/2
www.milesweb.in/img-assets/logo/milesweb.png
IP
103.191.208.201:0
ASN
#0

File type
PNG image data, 190 x 61, 8-bit/color RGBA, non-interlaced\012- data
Size
8.0 kB (8025 bytes)
Hash
f9d38e220fa356f9192f0f66989c7cc3
d1a7cfca3dd0da4644cae8bbfc85d59e018771e5
82a3183af2bd1487a1909f8413137415ca81aa6a698c078c804bc27d503259ce

HTTP Headers

GET /img-assets/logo/milesweb.png HTTP/1.1
Host: www.milesweb.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmail.robusduct.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Sun, 24 Mar 2024 23:50:02 GMT
content-type: image/png
last-modified: Mon, 06 Jun 2022 06:25:34 GMT
accept-ranges: bytes
content-length: 8025
date: Sat, 25 Mar 2023 23:50:02 GMT
server: LiteSpeed
vary: User-Agent
x-frame-options: DENY
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b644abd1d83faa6f0327486dae33b18d
cb745aa55db6976159ef31ff8835e2b26fd32109
784e1b0a41a50629890a6fd6f58beb9f3a6eb5ba56aa35c671e5217d839aeeac

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 23:50:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b644abd1d83faa6f0327486dae33b18d
cb745aa55db6976159ef31ff8835e2b26fd32109
784e1b0a41a50629890a6fd6f58beb9f3a6eb5ba56aa35c671e5217d839aeeac

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 23:50:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b644abd1d83faa6f0327486dae33b18d
cb745aa55db6976159ef31ff8835e2b26fd32109
784e1b0a41a50629890a6fd6f58beb9f3a6eb5ba56aa35c671e5217d839aeeac

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 23:50:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://webmail.robusduct.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 10:26:42 GMT
expires: Sat, 23 Mar 2024 10:26:42 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
age: 134600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ka-f.fontawesome.com/releases/v6.3.0/css/free-v4-shims.min.css?token=eb54a157e0

172.64.169.22

200 OK

4.8 kB

URL HTTP/2
ka-f.fontawesome.com/releases/v6.3.0/css/free-v4-shims.min.css?token=eb54a157e0
IP
172.64.169.22:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (27377)
Size
4.8 kB (4803 bytes)
Hash
ecddc1a3ed66738d4df4a2a47a521c59
28d983e94b5e068f50de8e6f1d6e87aa01479194
a745b7ed0972cda35aa6c2a5139c1ed38c18d0f33293ff879bc4e5d3a85cc731

HTTP Headers

GET /releases/v6.3.0/css/free-v4-shims.min.css?token=eb54a157e0 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://webmail.robusduct.com/
Origin: https://webmail.robusduct.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 25 Mar 2023 23:50:02 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 31 Jan 2023 18:17:21 GMT
etag: W/"3a57f9df341838cc106903c71730d13b"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 24639548230786af4bba1a9e26c6080e.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: aSUqy_R6-XTXr0EPR0A17eo5wn372cIUxMhElX58BizwwKAsyOxb7g==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H87AioowppbyGc1bz0sCIVQzPaN%2B5d7Cf7Elgh3O3NmSkbExg3mRnzw1l5%2B38BS5UQK8X9w2tOk7YFPpm0N82Ykt9k7NagaFWTR1hr%2FzTBLig6ULF%2Bh%2FJQL6kbbFyq25MjLdGTrFZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7adb0dca0ab87200-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Open+Sans:wght@400;500;600;700&display=swap

172.217.21.170

200 OK

1.7 kB

URL HTTP/2
fonts.googleapis.com/css2?family=Open+Sans:wght@400;500;600;700&display=swap
IP
172.217.21.170:0
ASN
#15169 GOOGLE

File type
data
Size
1.7 kB (1708 bytes)
Hash
26d9286092f3c6f946d756c8fb558a62
30e5d1fa6988c6ab69774f64cfdfa38569d05fed
202f9a5eebfacc2f624f7910f051781545681c61c15e4a1b79ca186b5f9d2456

HTTP Headers

GET /css2?family=Open+Sans:wght@400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmail.robusduct.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 25 Mar 2023 23:50:01 GMT
date: Sat, 25 Mar 2023 23:50:01 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6045
Expires: Sun, 26 Mar 2023 01:30:48 GMT
Date: Sat, 25 Mar 2023 23:50:03 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6045
Expires: Sun, 26 Mar 2023 01:30:48 GMT
Date: Sat, 25 Mar 2023 23:50:03 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6045
Expires: Sun, 26 Mar 2023 01:30:48 GMT
Date: Sat, 25 Mar 2023 23:50:03 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6045
Expires: Sun, 26 Mar 2023 01:30:48 GMT
Date: Sat, 25 Mar 2023 23:50:03 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg

34.120.237.76

200 OK

4.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.0 kB (4000 bytes)
Hash
85351059b67b0a42eda7e69a31b3b4b4
b798268806dc2f79f033e5872676019faf0e0cc1
86e163b7159b197d6358ab01333ac6da221de0ebe1c5da8d5cef2977d38625fe

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4000
x-amzn-requestid: 68dc01d7-3eed-48f6-8532-8efaa96cc1ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJpraEqyoAMFgNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a2315-3852cc8961365a560d1fa02f;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:17 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: I3GuoZ4ZxAtz0sKe3wrW67aitLlCAbaZkiPw23fl0F3FoumJDEnXiQ==
via: 1.1 288c777a01e22425da9494dad7a69734.cloudfront.net (CloudFront), 1.1 d90109c5a0c30f43223e0db85921c5c2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 05:56:24 GMT
age: 64419
etag: "b798268806dc2f79f033e5872676019faf0e0cc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ff4405f-78db-4a79-9e55-e4fc35844c68.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.6 kB (6566 bytes)
Hash
ffef80630953d486de654abbb5d40ccd
06323c322ac667e3388bba406222121607eb804a
b853a741069e96d8430d766bb1422e50488622729bd069e29b8839ddc5743822

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ff4405f-78db-4a79-9e55-e4fc35844c68.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6566
x-amzn-requestid: 0a9abca1-24c3-4adf-8509-f8ebcab1c24d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW1smEZFIAMFyFA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f6983-6ce8a53e779d724a11af3531;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:37:07 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: ibxm5Q-obzgZHNavKjqxgcgY9ePeF9PTC8wPzjE8fERmyVxaxnahKQ==
via: 1.1 0a166b53605851fe961f5a2952e5a748.cloudfront.net (CloudFront), 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 21:37:07 GMT
etag: "06323c322ac667e3388bba406222121607eb804a"
content-type: image/jpeg
age: 7976
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.6 kB (3589 bytes)
Hash
1ec08d4bd079a92161fc80f41281b5a9
bf61369962342cce85de8f48942b4b150fd2721e
8a8ed12c31d89d71c3cb88f0813ded83939529206461e917dcb0b8bc11abdda4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3589
x-amzn-requestid: 9c09af43-79e8-4734-b28b-4194e0bb1e4e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW1uyE2joAMF50g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f6991-7607d33f6301182b591c56e8;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:37:21 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: pjRA439kqSg5daR_Zuvsf2l45R4oqv3AMWNiMCGQ_C5o2KA8kEd3TQ==
via: 1.1 46673955829b59a6da0ab071e0b7fbea.cloudfront.net (CloudFront), 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 21:37:21 GMT
etag: "bf61369962342cce85de8f48942b4b150fd2721e"
content-type: image/jpeg
age: 7962
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8fcbc03b-3146-4d3b-898e-c53b92f7b7a6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11100 bytes)
Hash
908bd7a6c220345e72fa664f871424c4
61a5d3f11e85d5fd77192701c305cb8651aa6395
9531f5b25cab1030aa579aa9f3b369ecb9daf0b929573897c6516520c06084a2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8fcbc03b-3146-4d3b-898e-c53b92f7b7a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11100
x-amzn-requestid: 3021b51a-674d-45d7-9939-9257330c0dbc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW1hQFs1oAMFb0w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f693a-0200a29207f6a3f5074c3cf1;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:35:54 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: NWvCK-Z608BCGDZIvuqVJ2wBQxwRoRmfjnxeDEcvzHZ7877go8IpRw==
via: 1.1 02f1a759e4ec9fab6fc17c080dd851dc.cloudfront.net (CloudFront), 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 21:37:22 GMT
etag: "61a5d3f11e85d5fd77192701c305cb8651aa6395"
content-type: image/jpeg
age: 7961
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a195fab-643a-48cc-8f4e-51e27511b474.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.4 kB (5424 bytes)
Hash
c8a2437b3c9ab01cd0e2327d4be5c61a
33573e5a6b6c1912702040c6d880c362baf0c3db
2556646c122f89bfce8467d13bf05e68f735373c8c18a33f7258f37f602673cf

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a195fab-643a-48cc-8f4e-51e27511b474.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5424
x-amzn-requestid: b03169ca-0cc0-49f5-b785-5e29d70048cf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW1kWGCnIAMFf7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f694e-679415d416cf3b666ec128be;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:36:14 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: cMFdcKw6RZYIg35YKKDuetMlSGtT-g4Kc2L-BHA5s0877l_Gg-PqUw==
via: 1.1 88a7ff956a5b49ec3a35abfc0027af12.cloudfront.net (CloudFront), 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 21:37:07 GMT
etag: "33573e5a6b6c1912702040c6d880c362baf0c3db"
content-type: image/jpeg
age: 7976
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

31 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9fb4561-4e9a-4728-817a-dc7935921c78.gif
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 296 x 148\012- data
Size
31 kB (30715 bytes)
Hash
cb02719790621d275340a9f1302ad716
49d537f5017c791f5cf1757a99dffad2aedfb111
4d7be52572d52cd74432b3e32fd1b6e2975a0f7b7090d7f26f46c724647bf099

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9fb4561-4e9a-4728-817a-dc7935921c78.gif HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 30715
x-amzn-requestid: 0c3fb7fe-a3a6-4cff-9bdf-e3d45a9d5ff1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CRi6YHaOoAMF8zQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641d4b75-15abd6411d64661b3e73de78;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 07:04:21 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 9zS033UuOJMwNkrxTBQuEUmuSVCnifR9l7eNPmPmy_mSpzH8q23C8Q==
via: 1.1 3698a5f586d9ecca74d570e41f4c8516.cloudfront.net (CloudFront), 1.1 efcf7b9d0f917f9ebf314db03e52d9b6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 07:36:40 GMT
age: 58403
etag: "49d537f5017c791f5cf1757a99dffad2aedfb111"
content-type: image/gif
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ka-f.fontawesome.com/releases/v6.3.0/css/free-v4-font-face.min.css?token=eb54a157e0

172.64.169.22

200 OK

0 B

URL HTTP/2
ka-f.fontawesome.com/releases/v6.3.0/css/free-v4-font-face.min.css?token=eb54a157e0
IP
172.64.169.22:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/v6.3.0/css/free-v4-font-face.min.css?token=eb54a157e0 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://webmail.robusduct.com/
Origin: https://webmail.robusduct.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 25 Mar 2023 23:50:02 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 31 Jan 2023 18:17:21 GMT
etag: W/"00bb3d26f3fee308e5747eb9f5760b48"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4e17b9920844b6a8df812cad8c3506ec.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: Nf21fz6r1G-2rpZN0jGnZe7Vx3HMFe53HeFQvow4L6ZN7IA5aqV3vQ==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zd6BPPN0KU1WZQfUX29MNFZXNhcJnbZLsfPeOCL0bf32AW%2BbTpRxx7jQiyLkyjyA4IKarcM0UPS%2FOwsdzSHRD9yyrAsjtvFkdxNev6IyUHBDNFjB8d0yD1qosFmtkjESJ1aDcN2Ufw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7adb0dca0abc7200-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ka-f.fontawesome.com/releases/v6.3.0/css/free-v5-font-face.min.css?token=eb54a157e0

172.64.169.22

200 OK

0 B

URL HTTP/2
ka-f.fontawesome.com/releases/v6.3.0/css/free-v5-font-face.min.css?token=eb54a157e0
IP
172.64.169.22:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/v6.3.0/css/free-v5-font-face.min.css?token=eb54a157e0 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://webmail.robusduct.com/
Origin: https://webmail.robusduct.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 25 Mar 2023 23:50:02 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 31 Jan 2023 18:17:21 GMT
etag: W/"fdedb74e19e1bffdcab908079cabd49a"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
x-cache: Hit from cloudfront
via: 1.1 90b0c7315c3da3c762112b5b8fdfc0aa.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: ikyCWxRIv0HsgoZ_XmU7-UiCpF9fe7BSRo92WRvUaq1WigCZF72uyQ==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=US7tWTMbgg2kJLoAbqfqUlUVic%2Fixu8H31TviHjY6r0vOjBV%2BCq2EJPQCcw%2F9JV8LFzjJPSPMmokBpCZ%2FWaDdcYqpWY5fSfZGgY2IsVKYgDrcLNzUOp5y9zHz7fvV%2FNzV3NnfXC1LQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7adb0dca0abe7200-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ka-f.fontawesome.com/releases/v6.3.0/css/free.min.css?token=eb54a157e0

172.64.169.22

200 OK

0 B

URL HTTP/2
ka-f.fontawesome.com/releases/v6.3.0/css/free.min.css?token=eb54a157e0
IP
172.64.169.22:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/v6.3.0/css/free.min.css?token=eb54a157e0 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://webmail.robusduct.com/
Origin: https://webmail.robusduct.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 25 Mar 2023 23:50:02 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 31 Jan 2023 18:17:21 GMT
etag: W/"b7d524a460c5ceb6420db3aec0be8c92"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6dcc614055ae7b26eae9b754199e9f94.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: u59PGutHCrr1ic7me-zVq3PMLrscs4XIruvY7rf1YG8LXCqHb2I30A==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5t1isa2o%2BviDr3jYGe24qXbDQu14naTzOBPdZrcXGGakRpOcAZ%2B2cMM4VdVpZgclkvnAx%2Bm7l9XdNEHdiudar18exrViajXKTU9Z42%2FvjLNolcb1vzdExXf7nexQ4HzO60sQkOFpcA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7adb0dca0abf7200-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

kit.fontawesome.com/eb54a157e0.js

104.18.23.52

200 OK

0 B

URL HTTP/2
kit.fontawesome.com/eb54a157e0.js
IP
104.18.23.52:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /eb54a157e0.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://webmail.robusduct.com
Connection: keep-alive
Referer: https://webmail.robusduct.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 25 Mar 2023 23:50:01 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: F0_Od_K_P_iDi8utKJ0D
cf-cache-status: HIT
age: 1
server: cloudflare
cf-ray: 7adb0dc60e330b65-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (44)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN