urlquery - report: https://attmailksds.weebly.com/

Overview

URL	https://attmailksds.weebly.com/
IP	199.34.228.54
ASN	WEEBLY
Location	United States
Report completed	2022-07-01 08:39:44 UTC
Status	Loading report..
urlquery Alerts	No alerts detected

Settings

UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer

Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Blocklists

OpenPhish

Added / Verified	Severity	Host	Comment
2022-06-30	2	attmailksds.weebly.com/	AT&T Inc.

PhishTank

No alerts detected

Fortinet's Web Filter

Added / Verified	Severity	Host	Comment
2022-07-01	2	attmailksds.weebly.com/	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

Files

No files detected

Passive DNS (10)

Passive DNS Source	Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
[Mnemonic Passive DNS]	ocsp.digicert.com (2)	86	2012-11-29 12:49:49 UTC	2022-07-01 02:02:36 UTC	93.184.220.29
[Mnemonic Passive DNS]	contile.services.mozilla.com (1)	1114	No data	No data	34.117.237.239
[Mnemonic Passive DNS]	attmailksds.weebly.com (2)	0	No data	No data	199.34.228.54	Domain (weebly.com) ranked at: 4470
[Mnemonic Passive DNS]	push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2022-07-01 05:02:25 UTC	52.39.43.50
[Mnemonic Passive DNS]	img-getpocket.cdn.mozilla.net (6)	1631	2017-09-01 03:40:57 UTC	2022-07-01 04:59:48 UTC	34.120.237.76
[Mnemonic Passive DNS]	content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03 12:26:46 UTC	2022-07-01 04:15:58 UTC	54.230.111.99
[Mnemonic Passive DNS]	firefox.settings.services.mozilla.com (2)	867	2016-03-17 08:25:01 UTC	2020-05-25 20:01:47 UTC	54.230.111.7
[Mnemonic Passive DNS]	cdn2.editmysite.com (2)	11564	2012-10-02 18:27:39 UTC	2022-07-01 07:33:54 UTC	151.101.85.46
[Mnemonic Passive DNS]	r3.o.lencr.org (2)	344	2020-12-02 08:52:13 UTC	2022-07-01 04:59:48 UTC	23.36.77.32
[Mnemonic Passive DNS]	cdn1.editmysite.com (2)	56529	2012-05-23 06:23:09 UTC	2022-07-01 05:47:55 UTC	151.101.85.46

Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 199.34.228.54

Date	UQ / IDS / BL	URL	IP
2022-08-18 04:33:31 +0000	0 - 0 - 0	xacnhanquydoisgd.weebly.com	199.34.228.54
2022-08-17 08:02:34 +0000	0 - 0 - 0	quydoi24h365d.weebly.com	199.34.228.54
2022-08-17 06:52:23 +0000	0 - 0 - 12	2roundpploansignatge.weebly.com/	199.34.228.54
2022-08-17 06:48:03 +0000	0 - 0 - 2	https://33oq-mailhostchiameritechnegslcpcgdnd (...)	199.34.228.54
2022-08-17 06:45:39 +0000	0 - 0 - 8	https://logsfr30.weebly.com/	199.34.228.54
2022-08-15 19:09:44 +0000	0 - 0 - 11	https://frontiersetuplinkupdate.weebly.com/	199.34.228.54
2022-08-14 19:49:03 +0000	0 - 0 - 1	https://layanan-pembatalan-pemblokiran2022.we (...)	199.34.228.54
2022-08-13 19:52:02 +0000	0 - 0 - 18	consulated.weebly.com/	199.34.228.54
2022-08-12 19:12:20 +0000	0 - 0 - 4	https://logon-unil-ch.weebly.com/	199.34.228.54
2022-08-11 08:10:13 +0000	0 - 0 - 0	chuyentienquoctebank.weebly.com	199.34.228.54

Last 10 reports on ASN: WEEBLY

Date	UQ / IDS / BL	URL	IP
2022-08-19 06:45:58 +0000	0 - 0 - 5	https://mailverificationadminsettingsserver.s (...)	199.34.228.40
2022-08-18 20:08:21 +0000	0 - 0 - 3	aol-mail-incworld.square.site/	199.34.228.40
2022-08-18 20:02:58 +0000	0 - 0 - 11	my-businessss123445.square.site/	199.34.228.39
2022-08-18 20:02:44 +0000	0 - 0 - 3	att-106501.square.site/	199.34.228.39
2022-08-18 19:06:01 +0000	0 - 0 - 2	https://btinternet-104129.weeblysite.com/	199.34.228.96
2022-08-18 18:58:19 +0000	0 - 0 - 2	https://bt-108392.weeblysite.com/	199.34.228.96
2022-08-18 18:57:41 +0000	0 - 0 - 2	https://bttqghhxsgw.weeblysite.com/	199.34.228.96
2022-08-18 18:55:04 +0000	0 - 0 - 3	https://dfghfdrtygfdbdsdfghbvcxdfghgfdsdfgt.w (...)	199.34.228.96
2022-08-18 18:37:24 +0000	0 - 0 - 5	att-yahoo101.square.site/	199.34.228.40
2022-08-18 18:37:03 +0000	0 - 0 - 2	https://yahoo-mail-108320.square.site/	199.34.228.40

No other reports on domain: weebly.com

JavaScript

Executed Scripts (0)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (21)

Request	Response
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "3E2650132BC75A58C9B08C2A69EC353237F48E840D9D2481F9D5E63D92ABBC6F" Last-Modified: Wed, 29 Jun 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4278 Expires: Fri, 01 Jul 2022 09:50:49 GMT Date: Fri, 01 Jul 2022 08:39:31 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: f877dcf1049551cb05fe926e4b94fb51 Sha1: 2f5c8da538c78853b68ca58a3df5dd64b032291b Sha256: 3e2650132bc75a58c9b08c2a69ec353237f48e840d9d2481f9d5e63d92abbc6f
GET /chains/remote-settings.content-signature.mozilla.org-2022-08-10-12-10-21.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 581454acdd98f34fd3fbabd0977ade29$ 54.230.111.99 HTTP/2 200 OK content-type: binary/octet-stream content-length: 5348 last-modified: Tue, 21 Jun 2022 12:10:22 GMT content-disposition: attachment accept-ranges: bytes server: AmazonS3 date: Fri, 01 Jul 2022 03:26:42 GMT etag: "581454acdd98f34fd3fbabd0977ade29" x-cache: Hit from cloudfront via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: Z_s0KVdZqSoC6XRdJEgF3hVRvgI9xSBriEDFqI7V-5sVatjfbBApMA== age: 18770 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 581454acdd98f34fd3fbabd0977ade29 Sha1: d8d86c0b513137aeb85de01cea7b272c35eb6ab4 Sha256: e98f8f33ba5ed59c3cfdf2ae54957ed32652cf0899f3c8db4b5872e3ece1e4eb
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 91dd975a7b17b2922dd23c0e49314e40$ 54.230.111.7 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 939 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Retry-After, Backoff, Content-Type, Content-Length, Alert Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Date: Fri, 01 Jul 2022 07:44:08 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-Cache: Hit from cloudfront Via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: gQSdijft6VTrmaWIc8K-k6W-4YRquX_C_hULhay60b8OMlQ7wS_CvQ== Age: 3323 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 91dd975a7b17b2922dd23c0e49314e40 Sha1: 57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2 Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4231 Cache-Control: max-age=102846 Date: Fri, 01 Jul 2022 08:39:31 GMT Etag: "62bd90fa-1d7" Expires: Sat, 02 Jul 2022 13:13:37 GMT Last-Modified: Thu, 30 Jun 2022 12:03:06 GMT Server: ECS (ska/F71C) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 86ae375a38bdab43ab7ae1c6c15006f3 Sha1: 973057f1aad661421d210066f4bf16cb5999cb8a Sha256: 3f9ec460986595b91d54eb2e2714be1a885532288e511284813051eb41457633
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6$ 34.117.237.239 HTTP/2 200 OK server: nginx date: Fri, 01 Jul 2022 08:39:31 GMT content-type: application/json content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET / HTTP/1.1 Host: attmailksds.weebly.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	$Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (368) Size: 3909 Md5: cfb21f4ad5784874888cd24fbaa3567e$ 199.34.228.54 HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Date: Fri, 01 Jul 2022 08:39:31 GMT Server: Apache Vary: X-W-SSL,User-Agent Set-Cookie: is_mobile=0; path=/; domain=attmailksds.weebly.com language=en; expires=Fri, 15-Jul-2022 08:39:31 GMT; Max-Age=1209600; path=/ Cache-Control: private X-Host: blu93.sf2p.intern.weebly.net X-UA-Compatible: IE=edge,chrome=1 Content-Length: 3909 Keep-Alive: timeout=10, max=70 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (368) Size: 3909 Md5: cfb21f4ad5784874888cd24fbaa3567e Sha1: a9c7841d7a800f61ca2035e87084c27f2ab322f6 Sha256: 2abc9507d57ba45090ba603321cc242dae5876f891c2db90532040281dce0bd0 Alerts: Blocklists: - openphish: AT&T Inc. - fortinet: Phishing
GET /images/weebly-logo-blue.png HTTP/1.1 Host: cdn1.editmysite.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://attmailksds.weebly.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	$Magic: PNG image data, 174 x 62, 8-bit colormap, non-interlaced\012- data Size: 3740 Md5: 6907726ede4fc851beeafb7b9ff6eeb9$ 151.101.85.46 HTTP/2 200 OK server: nginx content-type: image/png last-modified: Fri, 24 Jun 2022 16:06:35 GMT etag: "62b5e10b-e9c" expires: Sat, 25 Jun 2022 07:53:20 GMT cache-control: max-age=300 x-host: blu106.sf2p.intern.weebly.net access-control-allow-origin: * via: 1.1 varnish, 1.1 varnish accept-ranges: bytes date: Fri, 01 Jul 2022 08:39:32 GMT age: 521472 x-served-by: cache-sjc10044-SJC, cache-bma1665-BMA x-cache: HIT, HIT x-cache-hits: 2, 1 x-timer: S1656664772.078924,VS0,VE1 content-length: 3740 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 174 x 62, 8-bit colormap, non-interlaced\012- data Size: 3740 Md5: 6907726ede4fc851beeafb7b9ff6eeb9 Sha1: 86b1e9af4a07e02a426ec9475e37a13dfcedcb3c Sha256: 2b37ca56c61b7f2f892d75655cc37699ef847dd9139c94171414e5f92ffd97ed
GET /gdpr/gdprscript.js?buildTime=1656620022 HTTP/1.1 Host: attmailksds.weebly.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://attmailksds.weebly.com/ Cookie: is_mobile=0; language=en Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	$Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (368) Size: 3909 Md5: cfb21f4ad5784874888cd24fbaa3567e$ 199.34.228.54 HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Date: Fri, 01 Jul 2022 08:39:32 GMT Server: Apache Vary: X-W-SSL,User-Agent Set-Cookie: language=en; expires=Fri, 15-Jul-2022 08:39:32 GMT; Max-Age=1209600; path=/ Cache-Control: private X-Host: grn103.sf2p.intern.weebly.net X-UA-Compatible: IE=edge,chrome=1 Content-Length: 3909 Keep-Alive: timeout=10, max=39 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (368) Size: 3909 Md5: cfb21f4ad5784874888cd24fbaa3567e Sha1: a9c7841d7a800f61ca2035e87084c27f2ab322f6 Sha256: 2abc9507d57ba45090ba603321cc242dae5876f891c2db90532040281dce0bd0
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243$ 54.230.111.7 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 329 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff Date: Fri, 01 Jul 2022 08:38:48 GMT Cache-Control: max-age=3600 Expires: Fri, 01 Jul 2022 09:12:38 GMT ETag: "1648230346554" X-Cache: Hit from cloudfront Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: CdvR8W7ubYSwJU6aM_AIHpYqFVvTuHYitRKATJJpeBK2iyXVDpkgDA== Age: 44 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4294 Cache-Control: 'max-age=158059' Date: Fri, 01 Jul 2022 08:39:32 GMT Last-Modified: Fri, 01 Jul 2022 07:27:59 GMT Server: ECS (ska/F71C) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: fac89f1b43bf166583ebb1dad21bdf86 Sha1: c522b0ae51dd3367620badaa9385250949677c32 Sha256: c410309542788052f02c4cc6289ff4ee15e19cfd2f07a13627c9af22c2ec25d1
GET /components/ui-framework/fonts/proxima-nova-regular/31AC96_1_0.woff HTTP/1.1 Host: cdn2.editmysite.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://attmailksds.weebly.com Connection: keep-alive Referer: https://attmailksds.weebly.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: Web Open Font Format, TrueType, length 46052, version 0.0\012- data Size: 46052 Md5: 61f3bc4fc6146cc65961a8c8e917855a$ 151.101.85.46 HTTP/2 200 OK server: nginx content-type: font/woff last-modified: Tue, 21 Jun 2022 21:11:12 GMT etag: "62b233f0-b3e4" expires: Tue, 05 Jul 2022 22:21:38 GMT cache-control: max-age=1209600 x-host: blu101.sf2p.intern.weebly.net via: 1.1 varnish, 1.1 varnish accept-ranges: bytes date: Fri, 01 Jul 2022 08:39:32 GMT age: 814672 x-served-by: cache-sjc10035-SJC, cache-bma1656-BMA x-cache: HIT, HIT x-cache-hits: 7, 33 x-timer: S1656664772.261126,VS0,VE0 access-control-allow-origin: * content-length: 46052 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format, TrueType, length 46052, version 0.0\012- data Size: 46052 Md5: 61f3bc4fc6146cc65961a8c8e917855a Sha1: 02e25e22cf1c0a26d838a477b1f21bf33b71ca38 Sha256: aabc1a485e0941f1e2927b6a4beed2b368431466977483068bbe367de253a05c
GET /components/ui-framework/fonts/proxima-nova-semibold/31AC96_2_0.woff HTTP/1.1 Host: cdn2.editmysite.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://attmailksds.weebly.com Connection: keep-alive Referer: https://attmailksds.weebly.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: Web Open Font Format, TrueType, length 45516, version 0.0\012- data Size: 45516 Md5: 861dfbee66a135b4421ba3f0f3bc297f$ 151.101.85.46 HTTP/2 200 OK server: nginx content-type: font/woff last-modified: Fri, 17 Jun 2022 16:29:27 GMT etag: "62acabe7-b1cc" expires: Tue, 05 Jul 2022 09:24:30 GMT cache-control: max-age=1209600 x-host: blu88.sf2p.intern.weebly.net via: 1.1 varnish, 1.1 varnish accept-ranges: bytes date: Fri, 01 Jul 2022 08:39:32 GMT age: 861301 x-served-by: cache-sjc10049-SJC, cache-bma1656-BMA x-cache: HIT, HIT x-cache-hits: 1, 54 x-timer: S1656664772.265335,VS0,VE0 access-control-allow-origin: * content-length: 45516 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format, TrueType, length 45516, version 0.0\012- data Size: 45516 Md5: 861dfbee66a135b4421ba3f0f3bc297f Sha1: 1b379173b64e92893538ff39da0b16410dd5f653 Sha256: abbc659e9c167b41e012d7b7d7f8cf22d4edd74a7ffb85704e213b1418c8b177
GET /developer/none.ico HTTP/1.1 Host: cdn1.editmysite.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://attmailksds.weebly.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	$Magic: MS Windows icon resource - 1 icon, 16x16\012- data Size: 65 Md5: c88c3b0a67be1aa816661dbd567e7163$ 151.101.85.46 HTTP/2 200 OK server: nginx content-type: image/x-icon last-modified: Wed, 22 Jun 2022 00:05:40 GMT etag: "62b25cd4-57e" expires: Wed, 22 Jun 2022 09:34:54 GMT cache-control: max-age=300 x-host: blu86.sf2p.intern.weebly.net access-control-allow-origin: * content-encoding: gzip via: 1.1 varnish, 1.1 varnish accept-ranges: bytes date: Fri, 01 Jul 2022 08:39:32 GMT age: 774578 x-served-by: cache-sjc10058-SJC, cache-bma1665-BMA x-cache: HIT, HIT x-cache-hits: 1, 1 x-timer: S1656664772.292496,VS0,VE0 vary: Accept-Encoding content-length: 65 X-Firefox-Spdy: h2 --- Additional Info --- Magic: MS Windows icon resource - 1 icon, 16x16\012- data Size: 65 Md5: c88c3b0a67be1aa816661dbd567e7163 Sha1: e0c36a8570ee2ed2bfcb6a9b3ec3389f98cb1d9c Sha256: 2f506d63f617cb33b2e42f8779a67cb23b191a51cdc86903fd378bfa9b878576
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: CofYlCmwAR2IUT1HmvqBMA== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	52.39.43.50 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: npG+M0FnW+G7404PZ/EOM06wpio= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "6A0721423C3B7EF429DA855641043D8F038DA4FFF1A788C1273BA18B1C0C9F8B" Last-Modified: Wed, 29 Jun 2022 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4341 Expires: Fri, 01 Jul 2022 09:51:54 GMT Date: Fri, 01 Jul 2022 08:39:33 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: d538dea07a9f0bd634392c5975b0fa70 Sha1: 0b80d11db004a10fe57cf73757a6d7b00b698f12 Sha256: 6a0721423c3b7ef429da855641043d8f038da4fff1a788c1273ba18b1c0c9f8b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc64139e3-1714-4207-9f83-6963efdebdb1.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11303 Md5: b38a21dc4af2a753ec1149a58eca2ee2$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 11303 x-amzn-requestid: bb4e28bd-b8fe-46aa-b7e1-9df6f52c9d34 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UeQW-EnzIAMFSfw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62bbfa92-4788a606125c42431ba5c73a;Sampled=0 x-amzn-remapped-date: Wed, 29 Jun 2022 07:09:06 GMT x-amz-cf-pop: SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: FECr8vnUNXIJXah4ilgSdBbkbjEIYjsLUdys3R4NE65S9iuOzjcSwQ== via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google date: Fri, 01 Jul 2022 07:42:41 GMT age: 3412 etag: "91d2dc48008a198adb2b740bec1843a146f826c1" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11303 Md5: b38a21dc4af2a753ec1149a58eca2ee2 Sha1: 91d2dc48008a198adb2b740bec1843a146f826c1 Sha256: 2e56992e4642c248dd330fc1343977dedd2ec4e944564214be432f3f390488e7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb8c568de-dd75-46d8-a4b9-f178f3798a53.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7641 Md5: 204528d6d0fd0a8c0991353d096b4eb0$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 7641 x-amzn-requestid: 20b289aa-2eee-4c86-9dcf-10ba4a0f5a90 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UgdXLGCXoAMFkZQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62bcdc2d-652396ae74f1146b05c066ea;Sampled=0 x-amzn-remapped-date: Wed, 29 Jun 2022 23:11:41 GMT x-amz-cf-pop: SEA73-P2, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: nwKljOqoF29FeG9htmVduwRDq73bRydZWpIr-giPVfQMScUt4IMidw== via: 1.1 2a44ef7b9d28e74c78ffadeedcbb887c.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google date: Thu, 30 Jun 2022 22:03:52 GMT age: 38141 etag: "879055ce294f5227ff9583d2f8f4e5d4333ba66e" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7641 Md5: 204528d6d0fd0a8c0991353d096b4eb0 Sha1: 879055ce294f5227ff9583d2f8f4e5d4333ba66e Sha256: 0a7f74062dc45f19a38cf43b91459beaaee359373286de2d0a7d0f82ebb08d24
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb04f5dfe-1292-470f-a6e5-5b3dd4a61747.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11008 Md5: 49f18bcaddf0f8e631999310323e3796$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 11008 x-amzn-requestid: 64a52ab5-5f82-4fe6-bb55-301ba9996f35 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UREdkGnZoAMFuqQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62b6b456-68c9d3cb79efdbb050ba544f;Sampled=0 x-amzn-remapped-date: Sat, 25 Jun 2022 07:08:06 GMT x-amz-cf-pop: YVR50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: dl9eHfUdLp7rPus3oIjnKH0r2RbAgIgW6QrD3HbF1E3jnCDolzCdlw== via: 1.1 d7782b26e589b8e1397d352f4daf0d58.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google date: Thu, 30 Jun 2022 22:04:10 GMT age: 38123 etag: "52759655d9f48d7490d2c60756480aac00135962" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11008 Md5: 49f18bcaddf0f8e631999310323e3796 Sha1: 52759655d9f48d7490d2c60756480aac00135962 Sha256: 79760378c53a5fcb1a99c3eb6b69f07a4af52fc741f054a76f25816f2a4dd91f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6db634e-e239-4b93-881b-a8655a27d650.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8188 Md5: a00287c642d20230cf09897d4c7cf848$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 8188 x-amzn-requestid: 27339e76-dbd1-45f6-b0d3-d60795d3402c x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Uji5yEvRIAMFoEg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62be183e-71771e9a59cd04481fa7155b;Sampled=0 x-amzn-remapped-date: Thu, 30 Jun 2022 21:40:14 GMT x-amz-cf-pop: SEA73-P2, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: iyLcPUUXob_B75mtzJaEBU0CV9Qs99qBmJMQB_X1Py5d-CEkrHYiGg== via: 1.1 7d01bcfcfe27ce0b8979cf621dd081de.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google date: Thu, 30 Jun 2022 21:57:04 GMT age: 38549 etag: "bce84b1e6ac56efc7ad37190eeefd129183d2a2b" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8188 Md5: a00287c642d20230cf09897d4c7cf848 Sha1: bce84b1e6ac56efc7ad37190eeefd129183d2a2b Sha256: 6e2b5ba420cba4324d3f1232a680ebff32babd2bc7fbc125d16f32b7bdc19b34
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F196c4b0a-3347-4c85-bfe0-287634ee9e39.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7889 Md5: 1404cd830c13c9ee41cc493a58359120$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 7889 x-amzn-requestid: 1c79bebe-e788-4e0a-a758-be49e5b9aa2b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Uji7zGt2oAMFTaA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62be184b-4b9da63b24d86eeb74b979e6;Sampled=0 x-amzn-remapped-date: Thu, 30 Jun 2022 21:40:27 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: 2HkhJIjhZ25Z2ei-oviGi1GtQySDtu2s_zRxSpjrWVr8BfQ9d6Nz3w== via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 a2c13de7f3df76280ef01a6604863734.cloudfront.net (CloudFront), 1.1 google date: Thu, 30 Jun 2022 21:53:19 GMT age: 38774 etag: "d373bc0d83e02d246a8220d47086eb395ffc7e86" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7889 Md5: 1404cd830c13c9ee41cc493a58359120 Sha1: d373bc0d83e02d246a8220d47086eb395ffc7e86 Sha256: 840f0c820fe4a936836485cf766875c59178bb812d0d0257a8d33e03110db03e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1827d75f-c672-481c-b375-38f3a4dca1a1.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10806 Md5: 185ef56a78c1076fd412a9253a6778ff$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 10806 x-amzn-requestid: c45c649d-fea4-4658-a9ea-bc9eca980bff x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UUXJ0FeWoAMF1OA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62b80571-730a5081162a24e47634a07b;Sampled=0 x-amzn-remapped-date: Sun, 26 Jun 2022 07:06:25 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: _zBbeU2gbvydtxyp8wMOZPCqJN_cEuvVDslPpDPB17DH7IbGsyJ4rQ== via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google date: Thu, 30 Jun 2022 16:47:56 GMT age: 57097 etag: "6c0e7eb6607d5237a9951aaf5943c2b40c783144" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10806 Md5: 185ef56a78c1076fd412a9253a6778ff Sha1: 6c0e7eb6607d5237a9951aaf5943c2b40c783144 Sha256: 589990fe4de2d7a61820b85ac1033b9ecf01e2f27f907d89312704cdd69bf94a