Report - btconnect-1051043746btconnect.weebly.com/

Report Overview

URL

btconnect-1051043746btconnect.weebly.com/
IP

199.34.228.54

ASN

#27647 WEEBLY
Submitted

2023-01-08T07:59:53Z

Access
Tags

None
urlquery detections

No alerts detected

Detections

urlquery

0
Network Intrusion Detection

0
Threat Detection Systems

21

Domain Summary

Domain	Rank	First Seen	Last Seen	Sent	Received	IP
btconnect-1051043746btconnect.weebly.com (14)	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	7192	143528	199.34.228.53
ssl.google-analytics.com (1)	275	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	390	17814	172.217.21.168
fonts.googleapis.com (1)	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	460	746	216.58.207.202
push.services.mozilla.com (1)	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606	127	44.236.232.139
fonts.gstatic.com (1)	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	550	23116	142.250.74.35
www.gstatic.com (1)	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	505	165687	142.250.74.35
ocsp.sca1b.amazontrust.com (2)	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	700	1948	143.204.42.158
content-signature-2.cdn.mozilla.net (1)	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413	5856	34.160.144.191
contile.services.mozilla.com (1)	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333	391	34.117.237.239
ocsp.digicert.com (2)	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682	1474	93.184.220.29
cdn2.editmysite.com (11)	11564	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4780	275883	151.101.193.46
r3.o.lencr.org (7)	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2366	6203	23.33.119.27
ocsp.pki.goog (7)	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2401	4896	142.250.74.131
ec.editmysite.com (2)	12806	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1103	789	35.85.214.41
firefox.settings.services.mozilla.com (2)	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782	2374	35.241.9.150
www.google.com (1)	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	407	1166	216.58.207.228
img-getpocket.cdn.mozilla.net (6)	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3245	59895	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-01-07	medium	btconnect-1051043746btconnect.weebly.com/	BT Group plc
2023-01-07	medium	btconnect-1051043746btconnect.weebly.com/	BT Group plc
2023-01-07	medium	btconnect-1051043746btconnect.weebly.com/	BT Group plc
2023-01-07	medium	btconnect-1051043746btconnect.weebly.com/	BT Group plc
2023-01-07	medium	btconnect-1051043746btconnect.weebly.com/	BT Group plc
2023-01-07	medium	btconnect-1051043746btconnect.weebly.com/	BT Group plc
2023-01-07	medium	btconnect-1051043746btconnect.weebly.com/	BT Group plc
2023-01-07	medium	btconnect-1051043746btconnect.weebly.com/	BT Group plc
2023-01-07	medium	btconnect-1051043746btconnect.weebly.com/	BT Group plc
2023-01-07	medium	btconnect-1051043746btconnect.weebly.com/	BT Group plc
2023-01-07	medium	btconnect-1051043746btconnect.weebly.com/	BT Group plc
2023-01-07	medium	btconnect-1051043746btconnect.weebly.com/	BT Group plc

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-08	medium	btconnect-1051043746btconnect.weebly.com/	Phishing
2023-01-08	medium	btconnect-1051043746btconnect.weebly.com/	Phishing
2023-01-08	medium	btconnect-1051043746btconnect.weebly.com/files/theme/MutationObserver.js	Phishing
2023-01-08	medium	btconnect-1051043746btconnect.weebly.com/files/main_style.css?1667894572	Phishing
2023-01-08	medium	btconnect-1051043746btconnect.weebly.com/files/theme/jquery.pxuMenu.js?1667858160	Phishing
2023-01-08	medium	btconnect-1051043746btconnect.weebly.com/files/theme/plugins.js?1667858160	Phishing
2023-01-08	medium	btconnect-1051043746btconnect.weebly.com/files/theme/custom-1.js?1667858160	Phishing
2023-01-08	medium	btconnect-1051043746btconnect.weebly.com/files/theme/images/arrow-light.svg?1667894572	Phishing
2023-01-08	medium	btconnect-1051043746btconnect.weebly.com/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

HTTP Transactions (61)

URL IP Response Size

r3.o.lencr.org/

23.33.119.27

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.33.119.27:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

e4bdd77c0369662aa71ce2d01fd3edab

0ab1c5857e200e7e7946424c2c844537bfbb9775

a163c19fcc8fcf985e8df6ad4bd7ce73912b3df892d8236c70f9bc80820b26da

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A163C19FCC8FCF985E8DF6AD4BD7CE73912B3DF892D8236C70F9BC80820B26DA"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21545
Expires: Sun, 08 Jan 2023 13:58:47 GMT
Date: Sun, 08 Jan 2023 07:59:42 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.33.119.27:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

b782882bdabaf3b08e64120922b4a4b7

2035ed7fc9fb5b6ee9715601ba43de5f94d0c0e9

3fe7d1a9a55b86ec25d02634749ccfae11f3477033ba8cd7ac4131b7948ba619

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3FE7D1A9A55B86EC25D02634749CCFAE11F3477033BA8CD7AC4131B7948BA619"
Last-Modified: Sat, 07 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8112
Expires: Sun, 08 Jan 2023 10:14:54 GMT
Date: Sun, 08 Jan 2023 07:59:42 GMT
Connection: keep-alive

btconnect-1051043746btconnect.weebly.com/

199.34.228.53

301 Moved Permanently

442

URL HTTP/1.1

btconnect-1051043746btconnect.weebly.com/
IP

199.34.228.53:0
ASN

#27647 WEEBLY

Magic

HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text

Size

442
Hash

d4d36610f439df446402b58b6b1ef6a9

9c2171a7240a67212a0c3836138c43418f2cceed

5b395e45697268d9194dfa78cc9637848953e5700726d0e6c5289385229e7e00

Detections

Analyzer	Verdict	Alert
openphish	BT Group plc
fortinet	Phishing

HTTP Headers

                                        GET / HTTP/1.1
Host: btconnect-1051043746btconnect.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                        HTTP/1.1 301 Moved Permanently
Date: Sun, 08 Jan 2023 07:59:42 GMT
Server: Apache
Set-Cookie: is_mobile=0; path=/; domain=btconnect-1051043746btconnect.weebly.com
Vary: X-W-SSL,User-Agent
Location: https://btconnect-1051043746btconnect.weebly.com/
X-Host: blu115.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 442
Keep-Alive: timeout=10, max=55
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

r3.o.lencr.org/

23.33.119.27

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.33.119.27:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

75f0037a1d53a9a5321a796206ec3e24

70d42c9bf1334f20e1cea4ce3c8212e0e780ee77

80ec1e61f9563e799c9f44ea31e616c37daea1b9670091fbbc6efc39ebafe3d3

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "80EC1E61F9563E799C9F44EA31E616C37DAEA1B9670091FBBC6EFC39EBAFE3D3"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8809
Expires: Sun, 08 Jan 2023 10:26:31 GMT
Date: Sun, 08 Jan 2023 07:59:42 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939

URL HTTP/2

firefox.settings.services.mozilla.com/v1/
IP

35.241.9.150:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with very long lines (939), with no line terminators

Size

939
Hash

ff250d3ef3fa45322bf05039a0122a9f

b3e7a2c383bce1bab807dbe1a03c375258b51f1d

d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

                                        GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 08 Jan 2023 07:41:28 GMT
content-type: application/json
age: 1094
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain

34.160.144.191

200 OK

5348

URL HTTP/2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP

34.160.144.191:0
ASN

#15169 GOOGLE

Magic

PEM certificate\012- , ASCII text

Size

5348
Hash

b1fcd419a4245617397846e8d17233f6

2a037ce244587640b27ead9a0ec2af4f862d91b2

e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f

HTTP Headers

                                        GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
x-amz-id-2: 4lvkUwIWn+K6+0o6ZipnMncG+Cg4MkjUL2E7BWHVqYRZOfsGxfO4gMHgTjeXfGsmV+UPt4PVJ6xoPpuQ9++b7Q==
x-amz-request-id: 4Q3WYWNB11DG7A60
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 08 Jan 2023 07:00:43 GMT
age: 3539
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

URL HTTP/2

contile.services.mozilla.com/v1/tiles
IP

34.117.237.239:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with no line terminators

Size

12
Hash

23e88fb7b99543fb33315b29b1fad9d6

a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce

7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

                                        GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 07:59:42 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471

URL HTTP/1.1

ocsp.digicert.com/
IP

93.184.220.29:0
ASN

#15133 EDGECAST

Magic

data

Size

471
Hash

8599a4074c25a6359eb715e91a046f57

cb426e238d56da7728e62255bbff724ca46c07aa

1bb9776f8b64c0d3b6be8d81c1e3b0cefdeb7af27c0fcfb201bab70e361969de

HTTP Headers

                                        POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2386
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 07:59:42 GMT
Last-Modified: Sun, 08 Jan 2023 07:19:57 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329

URL HTTP/2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP

35.241.9.150:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with very long lines (329), with no line terminators

Size

329
Hash

0333b0655111aa68de771adfcc4db243

63f295a144ac87a7c8e23417626724eeca68a7eb

60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

                                        GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 08 Jan 2023 07:17:21 GMT
age: 2541
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471

URL HTTP/1.1

ocsp.digicert.com/
IP

93.184.220.29:0
ASN

#15133 EDGECAST

Magic

data

Size

471
Hash

8589b6a84dd5a09ec546aff38bbd2515

1c3a3d8a69ae7a3ebda64292caf0e0f5968e81f7

f013da155203f0509d56e8174c2ae5ed23aad413b4391f276efd388519743b17

HTTP Headers

                                        POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3336
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 07:59:42 GMT
Last-Modified: Sun, 08 Jan 2023 07:04:06 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

btconnect-1051043746btconnect.weebly.com/

199.34.228.53

200 OK

7544

URL HTTP/1.1

btconnect-1051043746btconnect.weebly.com/
IP

199.34.228.53:0
ASN

#27647 WEEBLY

Magic

HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2437), with CRLF, LF line terminators

Size

7544
Hash

7cdbfec5372418d223cd79d4cc6de295

f69b07d5148d82997cbcdb9d6a4dd3a2df70298b

98c46cfc52d832908d7588a1e84babe8458ea9f34d7ea1327995ce9c0d5a8d94

Detections

Analyzer	Verdict	Alert
openphish	BT Group plc
fortinet	Phishing

HTTP Headers

                                        GET / HTTP/1.1
Host: btconnect-1051043746btconnect.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                        HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 07:59:42 GMT
Server: Apache
Vary: X-W-SSL,Accept-Encoding,User-Agent
Set-Cookie: is_mobile=0; path=/; domain=btconnect-1051043746btconnect.weebly.com
language=en; expires=Sun, 22-Jan-2023 07:59:42 GMT; Max-Age=1209600; path=/
Cache-Control: private
ETag: W/"566d1f07e6b356768ffd46de135933ad-gzip"
Content-Encoding: gzip
X-Host: grn63.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 7544
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

cdn2.editmysite.com/css/sites.css?buildTime=1667842284

151.101.193.46

200 OK

29746

URL HTTP/2

cdn2.editmysite.com/css/sites.css?buildTime=1667842284
IP

151.101.193.46:0
ASN

#54113 FASTLY

Magic

ASCII text, with very long lines (65536), with no line terminators

Size

29746
Hash

d10158b22b553f723d99dc78eaee6390

80f2d6670cfb0d01cd20c471cf8e3e6465ddd3f6

939c7a8e1ad74a44e0c847e38533e69e36454b6805d25acf3fb0cb5c472d245e

HTTP Headers

                                        GET /css/sites.css?buildTime=1667842284 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://btconnect-1051043746btconnect.weebly.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Fri, 16 Dec 2022 19:54:14 GMT
etag: W/"639ccce6-347ac"
expires: Mon, 02 Jan 2023 17:31:45 GMT
cache-control: max-age=1209600
x-host: blu75.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 08 Jan 2023 07:59:43 GMT
age: 484076
x-served-by: cache-sjc10081-SJC, cache-bma1681-BMA
x-cache: HIT, HIT
x-cache-hits: 46, 1
x-timer: S1673164783.145726,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 29746
X-Firefox-Spdy: h2

cdn2.editmysite.com/js/site/footerSignup.js?buildTime=1673052315

151.101.193.46

200 OK

1372

URL HTTP/2

cdn2.editmysite.com/js/site/footerSignup.js?buildTime=1673052315
IP

151.101.193.46:0
ASN

#54113 FASTLY

Magic

ASCII text, with very long lines (3600), with no line terminators

Size

1372
Hash

121a5b9688d8e70ee7bb06cc79491f76

3a28220baa7d8879270c8311bed7dddefa7e43e9

181716c84474c9eb6685a809d69dda5d49ce44dfbf64c5dee89a3091e23def40

HTTP Headers

                                        GET /js/site/footerSignup.js?buildTime=1673052315 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://btconnect-1051043746btconnect.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Sat, 07 Jan 2023 00:20:51 GMT
etag: "63b8bae3-e10"
expires: Sat, 21 Jan 2023 00:48:21 GMT
cache-control: max-age=1209600
x-host: blu62.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 08 Jan 2023 07:59:43 GMT
age: 112281
x-served-by: cache-sjc10064-SJC, cache-bma1681-BMA
x-cache: HIT, HIT
x-cache-hits: 34, 327
x-timer: S1673164783.149828,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1372
X-Firefox-Spdy: h2

cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1667842284&

151.101.193.46

200 OK

32800

URL HTTP/2

cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1667842284&
IP

151.101.193.46:0
ASN

#54113 FASTLY

Magic

ASCII text, with very long lines (65024)

Size

32800
Hash

58a9c1c02a5743ff2107715d041d28b7

619d9394e8b3afce9f9cc066b924ddb5d3265265

98b8090e2292b69bb8ad0ef4082f55458b891130ee6b3d9c6fce5075eec64dbf

HTTP Headers

                                        GET /js/lang/en/stl.js?buildTime=1667842284& HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://btconnect-1051043746btconnect.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Fri, 16 Dec 2022 19:53:10 GMT
etag: "639ccca6-2c22a"
expires: Tue, 10 Jan 2023 09:13:32 GMT
cache-control: max-age=1209600
x-host: grn8.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 08 Jan 2023 07:59:43 GMT
age: 1032371
x-served-by: cache-sjc10047-SJC, cache-bma1681-BMA
x-cache: HIT, HIT
x-cache-hits: 57, 1
x-timer: S1673164783.149495,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 32800
X-Firefox-Spdy: h2

cdn2.editmysite.com/fonts/Karla/font.css?2

151.101.193.46

200 OK

322

URL HTTP/2

cdn2.editmysite.com/fonts/Karla/font.css?2
IP

151.101.193.46:0
ASN

#54113 FASTLY

Magic

ASCII text

Size

322
Hash

d71cf3f7d1a0aeba7d9f9af0aec9eeef

0df230495adb47cd3d83ae78d6fd695f826b55e5

da2980fa5103aadeafa7f1d903e44567f97d612ce52e17e4f03074ae4c7bccb6

HTTP Headers

                                        GET /fonts/Karla/font.css?2 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://btconnect-1051043746btconnect.weebly.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Fri, 16 Dec 2022 19:50:31 GMT
etag: "639ccc07-6ae"
expires: Tue, 03 Jan 2023 09:24:24 GMT
cache-control: max-age=1209600
x-host: grn71.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 08 Jan 2023 07:59:43 GMT
age: 426918
x-served-by: cache-sjc10062-SJC, cache-bma1681-BMA
x-cache: HIT, HIT
x-cache-hits: 309, 2
x-timer: S1673164783.157295,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 322
X-Firefox-Spdy: h2

cdn2.editmysite.com/fonts/Oswald/font.css?2

151.101.193.46

200 OK

300

URL HTTP/2

cdn2.editmysite.com/fonts/Oswald/font.css?2
IP

151.101.193.46:0
ASN

#54113 FASTLY

Magic

ASCII text

Size

300
Hash

b4e1fa8edbbb593aefc47d16b3254da7

f9b4e2c9b0df700a2a892be0c0853f92211a5656

ddb677f162840a44ef4cdf085c35379f76e5b88162205a32cdf584acd826b1c3

HTTP Headers

                                        GET /fonts/Oswald/font.css?2 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://btconnect-1051043746btconnect.weebly.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Fri, 16 Dec 2022 19:50:32 GMT
etag: "639ccc08-4f0"
expires: Fri, 13 Jan 2023 10:28:23 GMT
cache-control: max-age=1209600
x-host: blu13.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 08 Jan 2023 07:59:43 GMT
age: 768680
x-served-by: cache-sjc10054-SJC, cache-bma1681-BMA
x-cache: HIT, HIT
x-cache-hits: 2225, 2
x-timer: S1673164783.160018,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 300
X-Firefox-Spdy: h2

cdn2.editmysite.com/css/social-icons.css?buildtime=1667842284

151.101.193.46

200 OK

1638

URL HTTP/2

cdn2.editmysite.com/css/social-icons.css?buildtime=1667842284
IP

151.101.193.46:0
ASN

#54113 FASTLY

Magic

ASCII text, with very long lines (13080)

Size

1638
Hash

03f309e96ce0dd83ba8f7754ff3cf854

778de49f4961a2b63912c3aebc2f45444df76b63

6f5dfae580d7ee9bb236fca05f0562f1e6a5fa5362c6607a0aab3e1c2d483192

HTTP Headers

                                        GET /css/social-icons.css?buildtime=1667842284 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://btconnect-1051043746btconnect.weebly.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Fri, 16 Dec 2022 19:54:14 GMT
etag: W/"639ccce6-3319"
expires: Mon, 02 Jan 2023 13:36:01 GMT
cache-control: max-age=1209600
x-host: grn42.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 08 Jan 2023 07:59:43 GMT
age: 498219
x-served-by: cache-sjc10070-SJC, cache-bma1681-BMA
x-cache: HIT, HIT
x-cache-hits: 12, 1
x-timer: S1673164783.159789,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1638
X-Firefox-Spdy: h2

cdn2.editmysite.com/js/site/main.js?buildTime=1667842284

151.101.193.46

200 OK

146400

URL HTTP/2

cdn2.editmysite.com/js/site/main.js?buildTime=1667842284
IP

151.101.193.46:0
ASN

#54113 FASTLY

Magic

ASCII text, with very long lines (32147)

Size

146400
Hash

81b8673c5d3aa3ab8c0574f2a8f0e3b4

2e0661bc7907d9e2703b3347c3fec579f0aef5d6

0e981f4de6287406ce261fddea24aa05ded4b6a8c4c07283c363c1502071cf40

HTTP Headers

                                        GET /js/site/main.js?buildTime=1667842284 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://btconnect-1051043746btconnect.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Fri, 16 Dec 2022 19:54:38 GMT
etag: "639cccfe-74804"
expires: Tue, 03 Jan 2023 11:17:42 GMT
cache-control: max-age=1209600
x-host: blu61.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 08 Jan 2023 07:59:43 GMT
age: 420119
x-served-by: cache-sjc10020-SJC, cache-bma1681-BMA
x-cache: HIT, HIT
x-cache-hits: 45, 1
x-timer: S1673164783.149699,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 146400
X-Firefox-Spdy: h2

cdn2.editmysite.com/images/site/footer/footer-toast-published-image-1.png

151.101.193.46

200 OK

9677

URL HTTP/2

cdn2.editmysite.com/images/site/footer/footer-toast-published-image-1.png
IP

151.101.193.46:0
ASN

#54113 FASTLY

Magic

PNG image data, 199 x 97, 8-bit colormap, non-interlaced\012- data

Size

9677
Hash

6e0f7ad31bf187e0d88fc5787573ba71

14e8b85cc32a01c8901e4ac0160582d29a45e9e6

580ef6409e067a4ec4a427400c7d6216184869e2da53343df20753cc1f8a46cd

HTTP Headers

                                        GET /images/site/footer/footer-toast-published-image-1.png HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://btconnect-1051043746btconnect.weebly.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        HTTP/2 200 OK
x-guploader-uploadid: ADPycdujQNpHaXULXK5hWOudOsrFbrCOJBmkXkf6lNHnzHxB1q3PphW4yFVZQbxms7rfGEwEu0IdDaAyLbpAPqDN6NvCrqCgiKDD
cache-control: public, max-age=86400, s-maxage=259200
expires: Thu, 06 Oct 2022 22:59:09 GMT
last-modified: Tue, 12 Feb 2019 18:19:08 GMT
etag: "6e0f7ad31bf187e0d88fc5787573ba71"
x-goog-generation: 1549995548326466
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 9677
content-type: image/png
x-goog-hash: crc32c=QhrKCw==, md5=bg960xvxh+DYj8V4dXO6cQ==
x-goog-storage-class: STANDARD
server: UploadServer
accept-ranges: bytes
date: Sun, 08 Jan 2023 07:59:43 GMT
via: 1.1 varnish
age: 32249
x-served-by: cache-bma1681-BMA
x-cache: HIT
x-cache-hits: 55
x-timer: S1673164783.154478,VS0,VE0
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 9677
X-Firefox-Spdy: h2

cdn2.editmysite.com/css/old/fancybox.css?1667842284

151.101.193.46

200 OK

1218

URL HTTP/2

cdn2.editmysite.com/css/old/fancybox.css?1667842284
IP

151.101.193.46:0
ASN

#54113 FASTLY

Magic

ASCII text, with very long lines (3910)

Size

1218
Hash

b644e92258f4c7c0b4270047652d1e60

93734d52ee9e86a768159e514076051813c39cd9

29199496fb817668f887938571046abcdfb49063d0207d571b361f221f467907

HTTP Headers

                                        GET /css/old/fancybox.css?1667842284 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://btconnect-1051043746btconnect.weebly.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Fri, 16 Dec 2022 19:54:20 GMT
etag: "639cccec-f47"
expires: Mon, 02 Jan 2023 17:31:47 GMT
cache-control: max-age=1209600
x-host: blu42.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 08 Jan 2023 07:59:43 GMT
age: 484074
x-served-by: cache-sjc10066-SJC, cache-bma1681-BMA
x-cache: HIT, HIT
x-cache-hits: 38, 1
x-timer: S1673164783.157347,VS0,VE14
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1218
X-Firefox-Spdy: h2

cdn2.editmysite.com/js/jquery-1.8.3.min.js

151.101.193.46

200 OK

33467

URL HTTP/2

cdn2.editmysite.com/js/jquery-1.8.3.min.js
IP

151.101.193.46:0
ASN

#54113 FASTLY

Magic

ASCII text, with very long lines (65483)

Size

33467
Hash

67a5a77f65f13559b3d723829f2e0108

5e861ec7c2993abffc3591d6132c47bc7cdc3e98

ac4ffabaed7382810a3829d812e1a45c77984a1dbfaf7d172c8bc19b3cf68ca6

HTTP Headers

                                        GET /js/jquery-1.8.3.min.js HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://btconnect-1051043746btconnect.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Fri, 16 Dec 2022 19:54:04 GMT
etag: "639cccdc-16dc4"
expires: Tue, 10 Jan 2023 23:08:14 GMT
cache-control: max-age=1209600
x-host: grn127.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 08 Jan 2023 07:59:43 GMT
age: 982290
x-served-by: cache-sjc10032-SJC, cache-bma1681-BMA
x-cache: HIT, HIT
x-cache-hits: 19, 1828
x-timer: S1673164783.162805,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 33467
X-Firefox-Spdy: h2

btconnect-1051043746btconnect.weebly.com/files/theme/MutationObserver.js

199.34.228.53

200 OK

6842

URL HTTP/1.1

btconnect-1051043746btconnect.weebly.com/files/theme/MutationObserver.js
IP

199.34.228.53:0
ASN

#27647 WEEBLY

Magic

ASCII text

Size

6842
Hash

a502a64ac17dab318a72b5c6f667e5d6

9b623c5cdc2c288649ff13504131ea2c382e700d

b0d53c00940847c4638accf26f204ef4569affa4a686ebcc5d3cc87d1697aa9d

Detections

Analyzer	Verdict	Alert
openphish	BT Group plc
fortinet	Phishing

HTTP Headers

                                        GET /files/theme/MutationObserver.js HTTP/1.1
Host: btconnect-1051043746btconnect.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://btconnect-1051043746btconnect.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Server: nginx
Date: Sun, 08 Jan 2023 07:59:43 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 17 May 2022 14:16:26 GMT
x-rgw-object-type: Normal
ETag: W/"e52201e96af18dd02c85eb627c843491"
x-amz-request-id: tx000000000000001b8b3ed-0062847bc3-b9fbc29-sfo1
X-Storage-Bucket: z3974
X-Storage-Object: 397452d9f6a2ea6a2135b45c9e40139c68ac6661f3bab4413e7299586ccb408a
X-Host: grn14.sf2p.intern.weebly.net
Content-Encoding: gzip

push.services.mozilla.com/

44.236.232.139

101 Switching Protocols

URL HTTP/1.1

push.services.mozilla.com/
IP

44.236.232.139:0
ASN

#16509 AMAZON-02

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

                                        GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /EDIQijwnobeS9RLV+cAww==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                        HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: J/5bwSPxlY+ISZKioox9zkF0FWs=

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472

URL HTTP/1.1

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

472
Hash

63bccc1f66ce9e92e4b40dfb3d397e96

b256695f795919c1fa3d0de461cf4d44fb7573f3

739ed63c77b8f2f8ae1e929d2e6ce784986ea0d3230d2a65cc9f733837c8a581

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 07:59:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

btconnect-1051043746btconnect.weebly.com/files/main_style.css?1667894572

199.34.228.53

200 OK

7199

URL HTTP/1.1

btconnect-1051043746btconnect.weebly.com/files/main_style.css?1667894572
IP

199.34.228.53:0
ASN

#27647 WEEBLY

Magic

assembler source, ASCII text, with very long lines (815)

Size

7199
Hash

706bf8813cc7df12027294abe3368244

0c01acc154ab31b7566edef7e0a1a32429866e5f

1485425d908baaf254100756d10f0783c20782be6fe44590fe5b30be4d501ec7

Detections

Analyzer	Verdict	Alert
openphish	BT Group plc
fortinet	Phishing

HTTP Headers

                                        GET /files/main_style.css?1667894572 HTTP/1.1
Host: btconnect-1051043746btconnect.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://btconnect-1051043746btconnect.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Server: nginx
Date: Sun, 08 Jan 2023 07:59:43 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
X-Host: grn72.sf2p.intern.weebly.net
Content-Encoding: gzip

cdn2.editmysite.com/fonts/Karla/bold.woff2

151.101.193.46

200 OK

11384

URL HTTP/2

cdn2.editmysite.com/fonts/Karla/bold.woff2
IP

151.101.193.46:0
ASN

#54113 FASTLY

Magic

Web Open Font Format (Version 2), TrueType, length 11384, version 1.0\012- data

Size

11384
Hash

feb6c980c7d633c192a19b13047270b8

9ca9a681147d49ad3ba857e740d2a335e6f61812

8749b48067af37c72625416cc5da9fdde06df26bff1f471461dec1bbdaf43f78

HTTP Headers

                                        GET /fonts/Karla/bold.woff2 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://btconnect-1051043746btconnect.weebly.com
Connection: keep-alive
Referer: https://cdn2.editmysite.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-type: font/woff2
last-modified: Fri, 16 Dec 2022 19:50:31 GMT
etag: "639ccc07-2c78"
expires: Tue, 03 Jan 2023 07:51:59 GMT
cache-control: max-age=1209600
x-host: grn112.sf2p.intern.weebly.net
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 08 Jan 2023 07:59:43 GMT
age: 432465
x-served-by: cache-sjc10056-SJC, cache-bma1662-BMA
x-cache: HIT, HIT
x-cache-hits: 48, 1
x-timer: S1673164784.594436,VS0,VE1
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 11384
X-Firefox-Spdy: h2

btconnect-1051043746btconnect.weebly.com/uploads/1/4/3/7/143777581/down-aol-yahoo-and-all_orig.png

199.34.228.53

200 OK

4783

URL HTTP/1.1

btconnect-1051043746btconnect.weebly.com/uploads/1/4/3/7/143777581/down-aol-yahoo-and-all_orig.png
IP

199.34.228.53:0
ASN

#27647 WEEBLY

Magic

PNG image data, 259 x 164, 8-bit/color RGBA, non-interlaced\012- data

Size

4783
Hash

7a57e8e9030bfe4551c75f58e87da61e

742d6916a573f06fb5df69a236db25fb647462b5

edd8b0668c9caae8e29d5680f045e4fbf7f4d6afa1adc4cf8366fa45c716ddcb

Detections

Analyzer	Verdict	Alert
openphish	BT Group plc

HTTP Headers

                                        GET /uploads/1/4/3/7/143777581/down-aol-yahoo-and-all_orig.png HTTP/1.1
Host: btconnect-1051043746btconnect.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://btconnect-1051043746btconnect.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Server: nginx
Date: Sun, 08 Jan 2023 07:59:43 GMT
Content-Type: image/png
Content-Length: 4783
Connection: keep-alive
Last-Modified: Tue, 12 Oct 2021 23:49:28 GMT
x-rgw-object-type: Normal
ETag: "7a57e8e9030bfe4551c75f58e87da61e"
x-amz-request-id: tx000000000000026a60a89-006362aa8b-c67eadd-sfo1
X-Storage-Bucket: zedd8
X-Storage-Object: edd8b0668c9caae8e29d5680f045e4fbf7f4d6afa1adc4cf8366fa45c716ddcb
X-Host: grn82.sf2p.intern.weebly.net
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471

URL HTTP/1.1

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

471
Hash

294742535da40d02498d9e1c865d4014

99d45ec581ccba41915745f22da696aa9c5758ea

645f09beffda2d924626cedd5aa832a5a0e1b136ddf3fdc0b65fd9526f8b5531

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 07:59:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/robotomono/v22/L0xTDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_3vrtSM1J-gEPT5Ese6hmHSh0mQ.woff2

142.250.74.35

200 OK

22168

URL HTTP/2

fonts.gstatic.com/s/robotomono/v22/L0xTDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_3vrtSM1J-gEPT5Ese6hmHSh0mQ.woff2
IP

142.250.74.35:0
ASN

#15169 GOOGLE

Magic

Web Open Font Format (Version 2), TrueType, length 22168, version 1.0\012- data

Size

22168
Hash

aecf4656f9d639613cf46bf25e28a08b

b51fb5207f34b7283474875e2493591784c09947

f39f934bc7f7b1b4dfa532f4b38dac960a3a7ad6bb9789a412f03bdcb4abd9f5

HTTP Headers

                                        GET /s/robotomono/v22/L0xTDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_3vrtSM1J-gEPT5Ese6hmHSh0mQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://btconnect-1051043746btconnect.weebly.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22168
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 07 Jan 2023 14:25:50 GMT
expires: Sun, 07 Jan 2024 14:25:50 GMT
cache-control: public, max-age=31536000
age: 63233
last-modified: Mon, 11 Jul 2022 18:56:28 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471

URL HTTP/1.1

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

471
Hash

294742535da40d02498d9e1c865d4014

99d45ec581ccba41915745f22da696aa9c5758ea

645f09beffda2d924626cedd5aa832a5a0e1b136ddf3fdc0b65fd9526f8b5531

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 07:59:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

btconnect-1051043746btconnect.weebly.com/files/theme/jquery.pxuMenu.js?1667858160

199.34.228.53

200 OK

3697

URL HTTP/1.1

btconnect-1051043746btconnect.weebly.com/files/theme/jquery.pxuMenu.js?1667858160
IP

199.34.228.53:0
ASN

#27647 WEEBLY

Magic

HTML document, ASCII text

Size

3697
Hash

ac373d716afe4270df40f60417b0f418

aba148148c771bb66b0b4aeab6eac8eb40352745

f75570c56743e8c705cb06f5f1f9b1f8f2cc13119f5e2acda2f3bb8d987de94a

Detections

Analyzer	Verdict	Alert
openphish	BT Group plc
fortinet	Phishing

HTTP Headers

                                        GET /files/theme/jquery.pxuMenu.js?1667858160 HTTP/1.1
Host: btconnect-1051043746btconnect.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://btconnect-1051043746btconnect.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Server: nginx
Date: Sun, 08 Jan 2023 07:59:43 GMT
Content-Type: application/javascript
Content-Length: 3697
Connection: keep-alive
Last-Modified: Mon, 25 Apr 2022 13:50:18 GMT
x-rgw-object-type: Normal
ETag: "ac373d716afe4270df40f60417b0f418"
x-amz-request-id: tx000000000000001b8b3f3-0062847bc3-b9fbc29-sfo1
X-Storage-Bucket: zf755
X-Storage-Object: f75570c56743e8c705cb06f5f1f9b1f8f2cc13119f5e2acda2f3bb8d987de94a
X-Host: grn14.sf2p.intern.weebly.net
Accept-Ranges: bytes

btconnect-1051043746btconnect.weebly.com/files/theme/plugins.js?1667858160

199.34.228.53

200 OK

15721

URL HTTP/1.1

btconnect-1051043746btconnect.weebly.com/files/theme/plugins.js?1667858160
IP

199.34.228.53:0
ASN

#27647 WEEBLY

Magic

ASCII text

Size

15721
Hash

43e6b0bb6eb6524188831a282f7656d7

44e73fe367fc1fb8efee7eefac557b7d76ef0f44

9001fcfe93ceab40de4bb3535fc61335318c56d4440b53070cac27a26fef42bb

Detections

Analyzer	Verdict	Alert
openphish	BT Group plc
fortinet	Phishing

HTTP Headers

                                        GET /files/theme/plugins.js?1667858160 HTTP/1.1
Host: btconnect-1051043746btconnect.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://btconnect-1051043746btconnect.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Server: nginx
Date: Sun, 08 Jan 2023 07:59:43 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 24 Apr 2022 01:56:38 GMT
x-rgw-object-type: Normal
ETag: W/"2b8d85f1ea01d2c3e8b962eac8d76a5c"
x-amz-request-id: tx000000000000001b40535-0062847a75-b9fbc64-sfo1
X-Storage-Bucket: zb635
X-Storage-Object: b6353ca52760aba4e7547ae9861db68158dc2af0f4febece55e5c775ee4449f5
X-Host: blu61.sf2p.intern.weebly.net
Content-Encoding: gzip

btconnect-1051043746btconnect.weebly.com/files/theme/jquery.trend.js?1667858160

199.34.228.53

200 OK

3775

URL HTTP/1.1

btconnect-1051043746btconnect.weebly.com/files/theme/jquery.trend.js?1667858160
IP

199.34.228.53:0
ASN

#27647 WEEBLY

Magic

ASCII text

Size

3775
Hash

4beccebe0a060b2b2c43de5c2d4512ef

250a779dd017877b9f360b264cf072d9e87974ff

446f48f512ecc0b771af3c21a3036de3a1c5740d1e6bdbb61448834326d0c738

HTTP Headers

                                        GET /files/theme/jquery.trend.js?1667858160 HTTP/1.1
Host: btconnect-1051043746btconnect.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://btconnect-1051043746btconnect.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Server: nginx
Date: Sun, 08 Jan 2023 07:59:43 GMT
Content-Type: application/javascript
Content-Length: 3775
Connection: keep-alive
Last-Modified: Thu, 10 Feb 2022 08:22:06 GMT
x-rgw-object-type: Normal
ETag: "4beccebe0a060b2b2c43de5c2d4512ef"
x-amz-request-id: tx000000000000001b11728-0062847b79-b9fbc20-sfo1
X-Storage-Bucket: z446f
X-Storage-Object: 446f48f512ecc0b771af3c21a3036de3a1c5740d1e6bdbb61448834326d0c738
X-Host: blu84.sf2p.intern.weebly.net
Accept-Ranges: bytes

btconnect-1051043746btconnect.weebly.com/files/theme/jquery.revealer.js?1667858160

199.34.228.53

200 OK

2828

URL HTTP/1.1

btconnect-1051043746btconnect.weebly.com/files/theme/jquery.revealer.js?1667858160
IP

199.34.228.53:0
ASN

#27647 WEEBLY

Magic

ASCII text

Size

2828
Hash

c22ab67199a33d876512504cda4ff55b

36e96eae4644b6028532974fe5186a072792cb37

c4cd233d3d6b0f184e99d5017e521b4c6f9106d3e546864a8ba516189b934311

HTTP Headers

                                        GET /files/theme/jquery.revealer.js?1667858160 HTTP/1.1
Host: btconnect-1051043746btconnect.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://btconnect-1051043746btconnect.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Server: nginx
Date: Sun, 08 Jan 2023 07:59:43 GMT
Content-Type: application/javascript
Content-Length: 2828
Connection: keep-alive
Last-Modified: Tue, 26 Oct 2021 13:57:33 GMT
x-rgw-object-type: Normal
ETag: "c22ab67199a33d876512504cda4ff55b"
x-amz-request-id: tx000000000000000dccc36-0061a71c42-a9f1ce7-sfo1
X-Storage-Bucket: zc4cd
X-Storage-Object: c4cd233d3d6b0f184e99d5017e521b4c6f9106d3e546864a8ba516189b934311
X-Host: blu68.sf2p.intern.weebly.net
Accept-Ranges: bytes

btconnect-1051043746btconnect.weebly.com/files/theme/custom-1.js?1667858160

199.34.228.53

200 OK

4097

URL HTTP/1.1

btconnect-1051043746btconnect.weebly.com/files/theme/custom-1.js?1667858160
IP

199.34.228.53:0
ASN

#27647 WEEBLY

Magic

ASCII text

Size

4097
Hash

9f3b0abe72c25dcd381cb41900970422

559cf4346ff62e549e9b5d9856fb6d1d1139eb8b

297782594ab453c80e206ae349690e2580655f5b6700c32b2a9a8a167917ffb6

Detections

Analyzer	Verdict	Alert
openphish	BT Group plc
fortinet	Phishing

HTTP Headers

                                        GET /files/theme/custom-1.js?1667858160 HTTP/1.1
Host: btconnect-1051043746btconnect.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://btconnect-1051043746btconnect.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Server: nginx
Date: Sun, 08 Jan 2023 07:59:43 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 26 Oct 2021 13:57:32 GMT
x-rgw-object-type: Normal
ETag: W/"214dde43cebf15418cdcc76f9677ee46"
x-amz-request-id: tx000000000000001863e14-0061a7a986-a9f3e81-sfo1
X-Storage-Bucket: zcfbf
X-Storage-Object: cfbf67a85c039719090cff2c4718de99203b1ced78cfb8fae5f7240d2f1570b7
X-Host: grn77.sf2p.intern.weebly.net
Content-Encoding: gzip

btconnect-1051043746btconnect.weebly.com/files/theme/images/arrow-light.svg?1667894572

199.34.228.53

200 OK

886

URL HTTP/1.1

btconnect-1051043746btconnect.weebly.com/files/theme/images/arrow-light.svg?1667894572
IP

199.34.228.53:0
ASN

#27647 WEEBLY

Magic

SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text

Size

886
Hash

552eb2e04260fc0733e5633d15c6aeaa

0a9efcc3b0ebabb23a49a00061fd8200eded1613

705ff3240de004523ff9d628b28aad705ad3f0ceb046312495265a4042c67570

Detections

Analyzer	Verdict	Alert
openphish	BT Group plc
fortinet	Phishing

HTTP Headers

                                        GET /files/theme/images/arrow-light.svg?1667894572 HTTP/1.1
Host: btconnect-1051043746btconnect.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://btconnect-1051043746btconnect.weebly.com/files/main_style.css?1667894572
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Server: nginx
Date: Sun, 08 Jan 2023 07:59:43 GMT
Content-Type: image/svg+xml; charset=us-ascii
Content-Length: 886
Connection: keep-alive
Last-Modified: Sat, 19 Mar 2022 04:38:52 GMT
x-rgw-object-type: Normal
ETag: "552eb2e04260fc0733e5633d15c6aeaa"
x-amz-request-id: tx0000000000000020357da-006284ce25-b9fbc7f-sfo1
X-Storage-Bucket: z705f
X-Storage-Object: 705ff3240de004523ff9d628b28aad705ad3f0ceb046312495265a4042c67570
Content-Disposition: attachment
X-Host: blu146.sf2p.intern.weebly.net
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472

URL HTTP/1.1

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

472
Hash

f3bf71643ae5219a72dda1da70667cf6

00e3e8da4828280fa90ad6f8550b32a1afe9eda7

a62b2beef5db6770d7caefcc77a94da89d1d64e3de538b47926c8b6dee469137

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 07:59:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/recaptcha/api.js?_=1673164771791

216.58.207.228

200 OK

552

URL HTTP/2

www.google.com/recaptcha/api.js?_=1673164771791
IP

216.58.207.228:0
ASN

#15169 GOOGLE

Magic

ASCII text, with very long lines (850), with no line terminators

Size

552
Hash

760f8751978f13903fbb5b593bea05c7

3c463f9d47be6cafa5acd0c828a42054054debd3

ba7b03872b122ab1d52e67ee1d6ad77d7749c5504b0c733bd90392d16c509410

HTTP Headers

                                        GET /recaptcha/api.js?_=1673164771791 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://btconnect-1051043746btconnect.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
expires: Sun, 08 Jan 2023 07:59:44 GMT
date: Sun, 08 Jan 2023 07:59:44 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 552
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472

URL HTTP/1.1

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

472
Hash

910d902590c4dce2c5fde148d455a94c

05617b6a2fd1a7eb4fcb098a7ce48011d3f835bc

3bfd7cff0474a36458748e4cc6dfa647fdd7bd8b4fa792079042a04c7dffe0b1

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 07:59:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

btconnect-1051043746btconnect.weebly.com/uploads/1/4/3/7/143777581/background-images/102736504.jpg

199.34.228.53

200 OK

74265

Report Overview

URL

IP

ASN

Submitted

Access

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (29)

#1 JS:Script (size: 62)

#2 JS:Script (size: 0)

#3 JS:Script (size: 1756)

#4 JS:Script (size: 67465)

#5 JS:Script (size: 3775)

#6 JS:Script (size: 75006)

#7 JS:Script (size: 46274)

#8 JS:Script (size: 180778)

#9 JS:Script (size: 263)

#10 JS:Script (size: 2828)

#11 JS:Script (size: 15719)

#12 JS:Script (size: 266)

#13 JS:Script (size: 22)

#14 JS:Script (size: 3600)

#15 JS:Script (size: 6086)

#16 JS:Script (size: 3697)

#17 JS:Script (size: 412950)

#18 JS:Script (size: 93636)

#19 JS:Script (size: 117)

#20 JS:Script (size: 24573)

#21 JS:Script (size: 76)

#22 JS:Script (size: 62)

#23 JS:Script (size: 188)

#24 JS:Script (size: 2256)

#25 JS:Script (size: 850)

#26 JS:Script (size: 35)

#27 JS:Script (size: 32)

#28 JS:Script (size: 664)

#29 JS:Script (size: 1157)

HTTP Transactions (61)

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

Detections

HTTP Headers

URL HTTP/1.1

IP

ASN

Magic

Size