Overview

URLat-usersmaillbox.square.site/
IP 199.34.228.40 (United States)
ASN#27647 WEEBLY
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-30 09:29:22 UTC
StatusLoading report..
IDS alerts0
Blocklist alert7
urlquery alerts No alerts detected
Tags None

Domain Summary (9)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
ocsp.entrust.net (1) 1208 2014-01-10 02:18:45 UTC 2020-04-24 21:44:37 UTC 104.110.10.32
ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-30 04:06:17 UTC 34.102.187.140
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
at-usersmaillbox.square.site (3) 0 No data No data 199.34.228.39 Domain (square.site) ranked at: 22579
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-30 04:06:04 UTC 34.117.237.239
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 54.148.69.31
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
r3.o.lencr.org (6) 344 No data No data 23.36.76.226

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
Scan Date Severity Indicator Comment
2022-11-29 2 at-usersmaillbox.square.site/ AT&T Inc.
2022-11-29 2 at-usersmaillbox.square.site/ AT&T Inc.
2022-11-29 2 at-usersmaillbox.square.site/ AT&T Inc.

PhishTank
Scan Date Severity Indicator Comment
2022-11-29 2 at-usersmaillbox.square.site/ Other
2022-11-29 2 at-usersmaillbox.square.site/ Other

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-30 2 at-usersmaillbox.square.site/ Phishing
2022-11-30 2 at-usersmaillbox.square.site/ Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 199.34.228.40
Date UQ / IDS / BL URL IP
2023-02-01 09:05:21 +0000 0 - 0 - 14 att-109649-105907.square.site/ 199.34.228.40
2023-02-01 02:35:22 +0000 0 - 0 - 14 att-109649-105907.square.site/ 199.34.228.40
2023-01-31 16:01:30 +0000 0 - 0 - 12 loginscreeninc.square.site/ 199.34.228.40
2023-01-31 15:49:30 +0000 0 - 0 - 20 attnet-101605.square.site/ 199.34.228.40
2023-01-31 15:45:29 +0000 0 - 0 - 22 uzzcol.square.site/ 199.34.228.40


Last 5 reports on ASN: WEEBLY
Date UQ / IDS / BL URL IP
2023-02-01 09:31:40 +0000 0 - 0 - 26 att-validation-mail.weeblysite.com/ 199.34.228.96
2023-02-01 09:20:55 +0000 0 - 0 - 8 att-101668-109096.weeblysite.com/ 199.34.228.96
2023-02-01 09:20:24 +0000 0 - 0 - 13 exchange-scienceandtech-org.weebly.com/ 199.34.228.54
2023-02-01 09:19:35 +0000 0 - 0 - 11 bts365phs.weebly.com/ 199.34.228.53
2023-02-01 09:05:21 +0000 0 - 0 - 14 att-109649-105907.square.site/ 199.34.228.40


Last 5 reports on domain: square.site
Date UQ / IDS / BL URL IP
2023-02-01 09:05:21 +0000 0 - 0 - 14 att-109649-105907.square.site/ 199.34.228.40
2023-02-01 02:35:22 +0000 0 - 0 - 14 att-109649-105907.square.site/ 199.34.228.40
2023-01-31 16:43:46 +0000 0 - 0 - 10 att-103193-101421.square.site/ 199.34.228.39
2023-01-31 16:01:30 +0000 0 - 0 - 12 loginscreeninc.square.site/ 199.34.228.40
2023-01-31 15:49:30 +0000 0 - 0 - 20 attnet-101605.square.site/ 199.34.228.40


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-02-01 06:38:25 +0000 0 - 0 - 2 aol-105961.weeblysite.com/ 199.34.228.97
2023-02-01 04:09:50 +0000 0 - 0 - 8 att-65431234.weeblysite.com/ 199.34.228.97
2023-02-01 03:39:47 +0000 0 - 0 - 8 att-108957-101153.weeblysite.com/ 199.34.228.96
2023-02-01 03:39:06 +0000 0 - 0 - 8 attnet-104624.weeblysite.com/ 199.34.228.97
2023-01-31 20:35:56 +0000 0 - 0 - 2 att-101047.weeblysite.com/ 199.34.228.97

JavaScript

Executed Scripts (0)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (23)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13369
Expires: Wed, 30 Nov 2022 13:12:00 GMT
Date: Wed, 30 Nov 2022 09:29:11 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5236
Cache-Control: 'max-age=158059'
Date: Wed, 30 Nov 2022 09:29:11 GMT
Last-Modified: Wed, 30 Nov 2022 08:01:55 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10564
Expires: Wed, 30 Nov 2022 12:25:15 GMT
Date: Wed, 30 Nov 2022 09:29:11 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 09:19:41 GMT
cache-control: public,max-age=3600
age: 570
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    30db107dcf4380cef05efea409c2e6a3
Sha1:   96e6a306fbc07299aba64e5c14e2bfca35872fa9
Sha256: b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: ZhvjMXJ/+B6BbbPYGdEND99vtH2YU+YfTURjZYeuj3Ogb3LILg20n44XLiZL6KzHjFnZyrTCmXw=
x-amz-request-id: B95DPE6ZXT5D24VG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 08:45:10 GMT
age: 2641
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET / HTTP/1.1 
Host: at-usersmaillbox.square.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         199.34.228.39
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, private
Date: Wed, 30 Nov 2022 09:29:11 GMT
Location: https://at-usersmaillbox.square.site
Set-Cookie: publishedsite-xsrf=eyJpdiI6InhUNnZxdWVmRG13Z3JkQUhXbjZUMVE9PSIsInZhbHVlIjoiVlBXOElqeHNaNjVibHFtQURWa0J1OVwvdktvVmlhQTJWa2hRbHhjZTZQOUJWMDlLaGlTQ0tCSkdXRnkrU1lmcE5XVlZvcE5YeXVMdGx4aU1UQ3ZqZ0s4NU5YK0k4Slg5WE1nSUVYR3F6YXZBcGtjSjgyRDlKNWlDWlNNdUVGK3VlIiwibWFjIjoiZTM5NGMyMjI3ODVjYzAzMDExNmQ5NzBjYWY0ZWVkYTgzMjAyMTI4NmRiODJlNzQ2Y2RlYmUzODZlYjEzNjFmNCJ9; expires=Wed, 14-Dec-2022 09:29:11 GMT; Max-Age=1209600; path=/ XSRF-TOKEN=eyJpdiI6Ikt5SmxhMXdVQXVvcHlORXNubzQyY1E9PSIsInZhbHVlIjoiQnBibHBVQ0FKOUVoMXl5QnBjXC8zZjlRNU1tSWVMSm5NWE5GRmxEc2l4ZXBGYVQycXhWTGlTc0tkSll2WHdJZ1I5N2hqQjZpT3JKOEJMZnliODMzbU1Kb25HSUhQOWt1QWRsWFVCb1lMa1dTcm14YnAzYmtNSG4zMXJSRlBCbklxIiwibWFjIjoiYWFlZTBkYTlkMmJjMzFmZDc3OWJjM2FjNmEyMDk4OTNjZTE5MDg0NzAxZmY2MzU0MjI2Yzk5NDQ4N2RiNzYyMiJ9; expires=Wed, 14-Dec-2022 09:29:11 GMT; Max-Age=1209600; path=/ PublishedSiteSession=eyJpdiI6IjlJT2xtNFVRS04wallxcEdtRlwveStnPT0iLCJ2YWx1ZSI6IlFQaG1LK2N1V2tMZmU1bUY3aGhwT0c5MGM3cjdzNXpHUXIyVTV0OEhqQUJaXC91dVpVcTJRXC8wQlNMaTJJWVwvZGlrcWhMQXoranEraXpWSzN4d1BlakhsbVdrN1FqakFvQ3VYbVk2QlpoQnUrRGZOZkVZNEJaTlpDXC9Ibkx4T1wvblAiLCJtYWMiOiI1YjhlYTFlNTYxZDI3ZTY1N2Q5ODhhMTljM2EzNzNhYmE3ZGNhZjYxMjM2YWY2NmMwYWYxYzNiOGI4MWUyMDNjIn0%3D; expires=Wed, 14-Dec-2022 09:29:11 GMT; Max-Age=1209600; path=/; httponly
X-Host: blu67.sf2p.intern.weebly.net
X-Revision: c44581c509cfdc3a59d66173b99fdedf4b73a44c
X-Request-ID: 3974e8958c677968c2e7c54f233a7e01


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   390
Md5:    8d93acad4325b1a3be44fa8c502cec88
Sha1:   a2f899186efb2ce01bc2e5c46470df808ee3fe6b
Sha256: 3c54e84d1ac18854cbd6bb3b8c07a18a2d84890b7a5bae7a327b6dfb24b523a4

Alerts:
  Blocklists:
    - openphish: AT&T Inc.
    - phishtank: Other
    - fortinet: Phishing
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 30 Nov 2022 09:29:11 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 09:08:56 GMT
cache-control: public,max-age=3600
age: 1216
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.entrust.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.110.10.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
ETag: "FDAA459299C0A9D0221E38DACF976DB9936A9A97289618B1708E3340728E0947"
Last-Modified: Tue, 29 Nov 2022 22:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3131
Expires: Wed, 30 Nov 2022 10:21:23 GMT
Date: Wed, 30 Nov 2022 09:29:12 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1588
Md5:    edd8ea9a7b73867fbc05273c633536f2
Sha1:   048ebe5861429e56faf08da0dbfaf540aa582eef
Sha256: fdaa459299c0a9d0221e38dacf976db9936a9a97289618b1708e3340728e0947
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5233
Cache-Control: max-age=90289
Date: Wed, 30 Nov 2022 09:29:12 GMT
Etag: "6385cba8-1d7"
Expires: Thu, 01 Dec 2022 10:34:01 GMT
Last-Modified: Tue, 29 Nov 2022 09:06:48 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: at-usersmaillbox.square.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         199.34.228.39
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Wed, 30 Nov 2022 09:29:12 GMT
Set-Cookie: publishedsite-xsrf=eyJpdiI6IjFaNlZ1T0MzRWZEVlhsMjlXeDRncUE9PSIsInZhbHVlIjoiUHcwQjJlOW1VZkFWNVJHRjZSXC82RXJNRXVqcEtLMnI2dFU2NW1iUklCVjVLQmowZ0NqVWNlNDFqUURzRmFVN3Y4bXE1bURBSUY1SWFHVmNRWjlEcGhxSU5LaWFyZVFhV0gwWUxrQWQ4RnlCSWU2OXRYRklZeWRTazVxS0dNUkFmIiwibWFjIjoiYmM0MGU2ZDNhNWFmYWNmN2MwNzAyZTM0ZmU1YjYwNzJlNDAzZWQzMWQ0YzFlOTUwYzM3NjVjOGMwMjM3OWIxNCJ9; expires=Wed, 14-Dec-2022 09:29:12 GMT; Max-Age=1209600; path=/ XSRF-TOKEN=eyJpdiI6IlwvZ1ZtUWlkQjltKzV1RVZCNDFLYjl3PT0iLCJ2YWx1ZSI6ImxGVnBaalpTQXQrdEFQQm1ZelkxSFl1NzlNU2FyVW53NVowcjd2WUhDMGtRSGt4WWh4aVNSZGg3WFV3STNVN0h4a1JYYXRyamdQNW9VTWg5MENKcjlOcjh3ZDdSMnFEdzZ5OUo2NWVrWm1IM3NTMVRtck9KOVJESnd3TGFabWh6IiwibWFjIjoiNjg2YWI4NTkxYzM3ZTA1ZjM3ZjI0OTc2NGE5ODQyMjAyMTI2NmMwMGU4YTJlMmU4N2RkMTM5OGE1ZTVlMDEyYSJ9; expires=Wed, 14-Dec-2022 09:29:12 GMT; Max-Age=1209600; path=/ PublishedSiteSession=eyJpdiI6Ik9PXC94QVE2UnkzUFwvcW80OEZjanY2QT09IiwidmFsdWUiOiJsWWVDcWE3cHJwSUtYaFQ5RTBvK3FvcGNuXC9LMHE3XC9hMTAxcmF0cDhqQzZqcFdSWVNvc0FUK0J6dWZ6MUhTK0UrUWo0WENWUGZCZ0xjd2FNM1dsU0lNUHpxdzF2Nyt6eUE5SGRmdW5uK3A0ZVgwbmxWTStOeUVjMDRWaVFLWnM5IiwibWFjIjoiOWI3OTcxMzM4NWFmNjAzZmUxNDgxODIyZjUxZTE1ODMyYTc0NDgwZTRkYWExODhlYWNmNTYwODIyODI4NTNlMCJ9; expires=Wed, 14-Dec-2022 09:29:12 GMT; Max-Age=1209600; path=/; httponly
X-Host: blu134.sf2p.intern.weebly.net
X-Revision: c44581c509cfdc3a59d66173b99fdedf4b73a44c
X-Request-ID: c98a47e26e86b3357f10f1eb697f4c05
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   620
Md5:    609283f0abd216f052c6b32877678dfb
Sha1:   990ea8c9bac587ffc680dfdcaf54706c0ee3288b
Sha256: 2c02a57d702cb0cf240374bb61b7724b408b998b9cd9825bc0e55f74f27cc10d

Alerts:
  Blocklists:
    - openphish: AT&T Inc.
    - phishtank: Other
    - fortinet: Phishing
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: T+z0SWacN+Yd4uroB8f0rw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         54.148.69.31
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: NId6aQgmhW8Vg+3BQ1O9YYftC5g=

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: at-usersmaillbox.square.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://at-usersmaillbox.square.site/
Cookie: publishedsite-xsrf=eyJpdiI6IjFaNlZ1T0MzRWZEVlhsMjlXeDRncUE9PSIsInZhbHVlIjoiUHcwQjJlOW1VZkFWNVJHRjZSXC82RXJNRXVqcEtLMnI2dFU2NW1iUklCVjVLQmowZ0NqVWNlNDFqUURzRmFVN3Y4bXE1bURBSUY1SWFHVmNRWjlEcGhxSU5LaWFyZVFhV0gwWUxrQWQ4RnlCSWU2OXRYRklZeWRTazVxS0dNUkFmIiwibWFjIjoiYmM0MGU2ZDNhNWFmYWNmN2MwNzAyZTM0ZmU1YjYwNzJlNDAzZWQzMWQ0YzFlOTUwYzM3NjVjOGMwMjM3OWIxNCJ9; XSRF-TOKEN=eyJpdiI6IlwvZ1ZtUWlkQjltKzV1RVZCNDFLYjl3PT0iLCJ2YWx1ZSI6ImxGVnBaalpTQXQrdEFQQm1ZelkxSFl1NzlNU2FyVW53NVowcjd2WUhDMGtRSGt4WWh4aVNSZGg3WFV3STNVN0h4a1JYYXRyamdQNW9VTWg5MENKcjlOcjh3ZDdSMnFEdzZ5OUo2NWVrWm1IM3NTMVRtck9KOVJESnd3TGFabWh6IiwibWFjIjoiNjg2YWI4NTkxYzM3ZTA1ZjM3ZjI0OTc2NGE5ODQyMjAyMTI2NmMwMGU4YTJlMmU4N2RkMTM5OGE1ZTVlMDEyYSJ9; PublishedSiteSession=eyJpdiI6Ik9PXC94QVE2UnkzUFwvcW80OEZjanY2QT09IiwidmFsdWUiOiJsWWVDcWE3cHJwSUtYaFQ5RTBvK3FvcGNuXC9LMHE3XC9hMTAxcmF0cDhqQzZqcFdSWVNvc0FUK0J6dWZ6MUhTK0UrUWo0WENWUGZCZ0xjd2FNM1dsU0lNUHpxdzF2Nyt6eUE5SGRmdW5uK3A0ZVgwbmxWTStOeUVjMDRWaVFLWnM5IiwibWFjIjoiOWI3OTcxMzM4NWFmNjAzZmUxNDgxODIyZjUxZTE1ODMyYTc0NDgwZTRkYWExODhlYWNmNTYwODIyODI4NTNlMCJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         199.34.228.39
HTTP/1.1 200 OK
Content-Type: application/octet-stream
                                        
Server: nginx
Date: Wed, 30 Nov 2022 09:29:12 GMT
Content-Length: 1
Connection: keep-alive
Last-Modified: Tue, 14 Apr 2020 20:17:36 GMT
x-rgw-object-type: Normal
ETag: "93b885adfe0da089cdf634904fd59f71"
x-amz-meta-s3cmd-attrs: atime:1586895392/ctime:1586718963/gid:0/gname:root/md5:93b885adfe0da089cdf634904fd59f71/mode:33188/mtime:1586718963/uid:0/uname:root
x-amz-request-id: tx000000000000001a88773-00628473fc-b9fbc20-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: blu134.sf2p.intern.weebly.net
X-Revision: c44581c509cfdc3a59d66173b99fdedf4b73a44c
X-Request-ID: 5adb53e9ba9ee2c648d28a9a2ea9d75e


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    93b885adfe0da089cdf634904fd59f71
Sha1:   5ba93c9db0cff93f52b521d7420e43f6eda2784f
Sha256: 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Alerts:
  Blocklists:
    - openphish: AT&T Inc.
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9946
Expires: Wed, 30 Nov 2022 12:14:59 GMT
Date: Wed, 30 Nov 2022 09:29:13 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9946
Expires: Wed, 30 Nov 2022 12:14:59 GMT
Date: Wed, 30 Nov 2022 09:29:13 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9946
Expires: Wed, 30 Nov 2022 12:14:59 GMT
Date: Wed, 30 Nov 2022 09:29:13 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9946
Expires: Wed, 30 Nov 2022 12:14:59 GMT
Date: Wed, 30 Nov 2022 09:29:13 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7298
x-amzn-requestid: 381e55bb-876b-46ad-84b6-1ddf9f876f56
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDcE3poAMFaAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-7c12394600900afc7281e858;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8heT2eN5oLbO14R9qLq78Vma_TkteufTyKM5i3K2XoJYXfWNwLMEwQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:56:25 GMT
age: 41568
etag: "e4ddf955e8ac1986045ed55880c43c69e588a021"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7298
Md5:    e00769bd1391b8f4f5b8ab128a825355
Sha1:   e4ddf955e8ac1986045ed55880c43c69e588a021
Sha256: 81ca4d20c28fed8fd3135515daadc1fdbfb4198535d7c46021b418b8b98e59a5
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9051
x-amzn-requestid: 1032dd9c-a15e-4e8a-9c81-07419e8caf67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhGvEMNIAMFaKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bc4-1005c20a33320dbf6567ca31;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: IMaVlQblNnh9mFKwb2LG7hw7h_f1_nVYqO4aEUqY01a2HofnnQqcFQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:49:31 GMT
age: 41982
etag: "6170d6776615503e3e29f86783febc3e3e78ca66"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9051
Md5:    05196ec43964cf559caa0c0279148d62
Sha1:   6170d6776615503e3e29f86783febc3e3e78ca66
Sha256: 47f3a5cde661987e3496ce110a0170b10087dd9ba8d4fd691c4830587ba3fa3f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4f88ec5-5875-45d1-bcd3-d997040d6d42.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3719
x-amzn-requestid: 6fab3454-fedd-4a1e-ae47-468ddd6233bc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDaGQ4IAMFUkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-4b313cf054d6301e71cdc0c1;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: phw8DXQgjOyH5g4gvbqgZk-2sHr2n9cHVr4lqqPXfXtyhG32gs2pIg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:52:45 GMT
age: 41788
etag: "453067f6ab356aa87a3ad3b56e33545376597852"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3719
Md5:    ceb8e975fb408de32c43f55febaa6414
Sha1:   453067f6ab356aa87a3ad3b56e33545376597852
Sha256: e0ecbb6052b4fef75f58da8dae589c81ab9ec9d304de08f26c144a2c3ce9eaac
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CJiSRzIK7-rQE81gaP2We0LhgKX1YmuJKEGYEqW34Bm1KMx6NB8yhQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:35:09 GMT
age: 39244
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4803
Md5:    cc0a257323f882caff067adb86d906e4
Sha1:   cedf2f21be7cd366bd46055b62b5513db3011dfc
Sha256: c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9674
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEoHVAoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ym_L3s5E6MLy6BxqNkVxok6L6hA4c-ilSsEqt42j2IbiXYPb4c6-VQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:52:51 GMT
age: 41782
etag: "53650399f9a986ba54addd668b4557109d12003b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9674
Md5:    5508d05a290b663fd89ead9b58f2efd8
Sha1:   53650399f9a986ba54addd668b4557109d12003b
Sha256: 65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5785
x-amzn-requestid: ee77265b-8e90-4035-8ef1-92a2d26aaefa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDaHdWoAMFqmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-0d10d74030e7aee74804b654;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QhUrNKIJUxXTYFTgfCwizAd9L4PdLMVLbqv1sHmmnrWya0xz1MTSiw==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:08:46 GMT
etag: "f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b"
age: 40827
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5785
Md5:    59baec8db5ced0210ab766ea5636a5fd
Sha1:   f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b
Sha256: 33ff55891f18c22970804f1b8b2ba6821ddfd7426b01486410bd43f2b4295a8d