Report - britishtelecommunications45267.weebly.com/

Report Overview

Submitted URL
britishtelecommunications45267.weebly.com/
IP
199.34.228.53
ASN
#27647 WEEBLY
Submitted
2023-03-20 03:55:15
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
42

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-26T05:10:29Z	606 B	127 B	35.164.100.136
ec.editmysite.com	12806	2017-01-29T22:50:35Z	2023-03-25T08:46:31Z	1.1 kB	791 B	50.112.171.161
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-26T05:10:41Z	4.5 kB	9.6 kB	142.250.74.163
cdn2.editmysite.com	11564	2012-10-02T20:27:39Z	2023-03-26T05:10:54Z	3.1 kB	386 kB	151.101.65.46
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-26T06:22:54Z	463 B	1.6 kB	142.250.74.138
www.gstatic.com	unknown	2016-07-26T11:37:06Z	2023-03-26T05:56:25Z	493 B	166 kB	142.250.74.67
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-25T18:14:26Z	782 B	2.4 kB	35.241.9.150
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-25T18:12:03Z	2.0 kB	5.3 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-26T05:11:12Z	413 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-26T05:11:59Z	333 B	391 B	34.117.237.239
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-26T05:09:32Z	368 B	1.9 kB	104.18.20.226
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-25T22:19:37Z	2.1 kB	94 kB	216.58.207.227
www.google.com	7	2015-05-10T13:11:19Z	2023-03-25T21:05:45Z	408 B	1.1 kB	216.58.211.4
ocsp.r2m01.amazontrust.com	unknown	2022-10-12T22:43:53Z	2023-03-26T05:22:59Z	700 B	2.0 kB	54.230.80.227
britishtelecommunications45267.weebly.com	unknown	2023-01-29T19:50:39Z	2023-03-02T18:22:40Z	7.7 kB	98 kB	199.34.228.53
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-26T05:09:08Z	3.2 kB	55 kB	34.120.237.76
ssl.google-analytics.com	275	2012-10-02T06:58:30Z	2023-03-26T07:28:12Z	391 B	18 kB	142.250.74.168
ajax.googleapis.com	12905	2013-08-16T11:51:31Z	2023-03-26T06:17:09Z	417 B	984 B	142.250.74.42
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-26T05:18:47Z	341 B	760 B	192.229.221.95

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-03-19	medium	britishtelecommunications45267.weebly.com/	BT Group plc
2023-03-19	medium	britishtelecommunications45267.weebly.com/	BT Group plc
2023-03-19	medium	britishtelecommunications45267.weebly.com/	BT Group plc
2023-03-19	medium	britishtelecommunications45267.weebly.com/	BT Group plc
2023-03-19	medium	britishtelecommunications45267.weebly.com/	BT Group plc
2023-03-19	medium	britishtelecommunications45267.weebly.com/	BT Group plc
2023-03-19	medium	britishtelecommunications45267.weebly.com/	BT Group plc
2023-03-19	medium	britishtelecommunications45267.weebly.com/	BT Group plc
2023-03-19	medium	britishtelecommunications45267.weebly.com/	BT Group plc
2023-03-19	medium	britishtelecommunications45267.weebly.com/	BT Group plc
2023-03-19	medium	britishtelecommunications45267.weebly.com/	BT Group plc
2023-03-19	medium	britishtelecommunications45267.weebly.com/	BT Group plc

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-03-20	medium	britishtelecommunications45267.weebly.com/	Phishing
2023-03-20	medium	britishtelecommunications45267.weebly.com/	Phishing
2023-03-20	medium	britishtelecommunications45267.weebly.com/files/theme/MutationObserver.js	Phishing
2023-03-20	medium	britishtelecommunications45267.weebly.com/files/theme/jquery.revealer.js?1620305019	Phishing
2023-03-20	medium	britishtelecommunications45267.weebly.com/files/theme/plugins.js?1620305019	Phishing
2023-03-20	medium	britishtelecommunications45267.weebly.com/files/theme/jquery.trend.js?1620305019	Phishing
2023-03-20	medium	britishtelecommunications45267.weebly.com/files/theme/images/arrow-light.svg?1620307063	Phishing
2023-03-20	medium	britishtelecommunications45267.weebly.com/uploads/1/3/7/5/137517998/published/screenshot-2021-01-11-email-login-page.png?1620305545	Phishing
2023-03-20	medium	britishtelecommunications45267.weebly.com/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (28)

	URL	Size	First Seen	Last Seen
	britishtelecommunications45267.weebly.com/	35 B	2023-03-07	2024-04-23
Pretty URL britishtelecommunications45267.weebly.com/ IP 199.34.228.53 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:45 Last Seen2024-04-23 17:56:26 Times Seen2928 Hash 13385ea3f3e6184de3bfa80f08fe938b 6f859a2fd4b7e15ed74990516d97a52e7b4eeb20 5e87d85ec57af5d97b6c0d4c6e766afd2b53d077102827d19625a37d8cd11c2d Loading...

	britishtelecommunications45267.weebly.com/	62 B	2023-03-07	2024-04-23
Pretty URL britishtelecommunications45267.weebly.com/ IP 199.34.228.53 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:44 Last Seen2024-04-23 17:56:26 Times Seen2923 Hash 461bd236ddeca3b8b6e3cca8599ccb43 73c74d3281452e483c11f944d798738afc7f5b89 aebd4ac1ead5b4987d8b975cafa889ca1a6831175bc206ca9552863e390bc0f1 Loading...

	ssl.google-analytics.com/ga.js	46 kB	2023-03-07	2024-04-16
Pretty URL ssl.google-analytics.com/ga.js IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:00 Last Seen2024-04-16 23:24:27 Times Seen3495 Hash e9372f0ebbcf71f851e3d321ef2a8e5a 2c7d19d1af7d97085c977d1b69dcb8b84483d87c 1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f Loading...

	cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1620154490&	181 kB	2023-03-14	2023-03-26
Pretty URL cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1620154490& IP 151.101.65.46 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 15:08:20 Last Seen2023-03-26 14:31:19 Times Seen44 Hash 3eb2d361a06e364f977422526473c31f 72c74c942409ed303502d29a52cde21bcf581e5b f52d98f8135437938aaabe14e7cdc29e53e75ca1d6b292905c09f5f89faab20f Loading...

	cdn2.editmysite.com/js/site/footerSignup.js?buildTime=1679077400	3.6 kB	2023-03-07	2024-04-22
Pretty URL cdn2.editmysite.com/js/site/footerSignup.js?buildTime=1679077400 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:45 Last Seen2024-04-22 19:53:09 Times Seen4318 Hash 40b81b2d52ba9d2e2c64c31ff6a24cd7 6b5689250661646ecbb841f2475f1556a113373c e06baca13f25df9c7d684fc1b1fdfbbbb95070a1d5a9cd648632da7bccc90b96 Loading...

	britishtelecommunications45267.weebly.com/	664 B	2023-03-07	2024-04-23
Pretty URL britishtelecommunications45267.weebly.com/ IP 199.34.228.53 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:44 Last Seen2024-04-23 17:56:27 Times Seen2882 Hash fdd0b895b9cf69a9a4f4817533aa51f5 afc67ab62c3c91df626260407845fc41bf5d895e a50f8a487c23d76460681440220a85a28cdb09912ef451d59aa2b4f47c32aea0 Loading...

	cdn2.editmysite.com/js/wsnbn/snowday262.js	75 kB	2023-03-07	2024-04-23
Pretty URL cdn2.editmysite.com/js/wsnbn/snowday262.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:13 Last Seen2024-04-23 22:33:12 Times Seen28334 Hash 99bbe560926e583b8e99036251deb783 8d81b73ae06f664f9d9e53dd5829a799bf434491 648e766bf519673f9a90cc336cbecede80dcbe3419b43d36ecbb25d88f5584a3 Loading...

	www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/recaptcha__en.js	414 kB	2023-03-26	2023-05-26
Pretty URL www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/recaptcha__en.js IP 142.250.74.67 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 07:49:14 Last Seen2023-05-26 08:52:16 Times Seen2778 Hash 3e73dbef941895dfc538a9d6a69ed927 dac57a54b2635c1d5e1e6ae44e95d12d0a547ad3 d9d91ff5b9a775b5ce8c6c81e51e71c27194d11ac8690353727d23c91f7b317c Loading...

	britishtelecommunications45267.weebly.com/	32 B	2023-03-07	2024-04-23
Pretty URL britishtelecommunications45267.weebly.com/ IP 199.34.228.53 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:45 Last Seen2024-04-23 17:56:26 Times Seen2937 Hash 1bca01edca83d94091a2bb38d7ef8183 d05117e4ab3b3461be3855e95813a5c607e3ca95 fcf1cbf5cfad6d605868f42d38a0a937f5e6eaa91b05dcfbbbc95e4c3e23e528 Loading...

	britishtelecommunications45267.weebly.com/files/theme/jquery.pxuMenu.js?1620305019	3.7 kB	2023-03-07	2024-04-20
Pretty URL britishtelecommunications45267.weebly.com/files/theme/jquery.pxuMenu.js?1620305019 IP 199.34.228.53 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:32:42 Last Seen2024-04-20 18:04:27 Times Seen1435 Hash ac373d716afe4270df40f60417b0f418 aba148148c771bb66b0b4aeab6eac8eb40352745 f75570c56743e8c705cb06f5f1f9b1f8f2cc13119f5e2acda2f3bb8d987de94a Loading...

	britishtelecommunications45267.weebly.com/	2.3 kB	2023-03-13	2023-09-05
Pretty URL britishtelecommunications45267.weebly.com/ IP 199.34.228.53 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:33:14 Last Seen2023-09-05 16:07:57 Times Seen7 Hash 6e329641b1894bd64b1ffe247d6bced0 47473214ab9caabada7dfda827b8224644bcc00e 798ac2d07cc6c6369f931509619dd12294a241ae19e831cf0d2a4325238b1431 Loading...

	britishtelecommunications45267.weebly.com/	62 B	2023-03-07	2024-04-22
Pretty URL britishtelecommunications45267.weebly.com/ IP 199.34.228.53 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:44 Last Seen2024-04-22 19:53:09 Times Seen2687 Hash 1afa8234115c6f382672d91917a6fb26 e96957cb655865327588927ebc34d1ae376e9e64 45988af53e17c3bc8103bbe22bd47dd6d2d03d4a90c4116dc0621ab24ff87258 Loading...

	britishtelecommunications45267.weebly.com/	1.2 kB	2023-03-07	2024-04-23
Pretty URL britishtelecommunications45267.weebly.com/ IP 199.34.228.53 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:44 Last Seen2024-04-23 17:56:27 Times Seen2888 Hash 24449345e209b8641a813eaef44a5244 21617897e4d35717e2e41b766501fbd883a8f16d 3e72636c6cf854c8657ccbf9e03f7af05bd4836066c329417a4f8251bb5d18c1 Loading...

	britishtelecommunications45267.weebly.com/	77 B	2023-03-13	2023-09-05
Pretty URL britishtelecommunications45267.weebly.com/ IP 199.34.228.53 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:33:14 Last Seen2023-09-05 16:07:57 Times Seen7 Hash 929a92dacdafc124759cbf9d7fc97182 4ef670766d3b5fe6a368f85aad22d61223f0fe31 c325d198f0d090916a42d48c340c4f066ec78e418bcc7570bc1616a6b2451215 Loading...

	britishtelecommunications45267.weebly.com/	22 B	2023-03-07	2024-04-23
Pretty URL britishtelecommunications45267.weebly.com/ IP 199.34.228.53 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:45 Last Seen2024-04-23 17:56:26 Times Seen2262 Hash 9a33cbad7c996ea8903a3eb3332a125c 8efed109b301f8aa0f3768dcd824d669d0129741 5d3b8f4578ca89904a46d014a8433346ca2773e8691f6cc9d09b2b30f0802dbc Loading...

	britishtelecommunications45267.weebly.com/files/theme/plugins.js?1620305019	68 kB	2023-03-07	2024-04-23
Pretty URL britishtelecommunications45267.weebly.com/files/theme/plugins.js?1620305019 IP 199.34.228.53 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:30 Last Seen2024-04-23 17:56:27 Times Seen2636 Hash 2b8d85f1ea01d2c3e8b962eac8d76a5c 936987a7e08daa4a916c77d86937edee42d657da b6353ca52760aba4e7547ae9861db68158dc2af0f4febece55e5c775ee4449f5 Loading...

	www.google.com/recaptcha/api.js?_=1679284506553	850 B	2023-03-26	2023-03-29
Pretty URL www.google.com/recaptcha/api.js?_=1679284506553 IP 216.58.211.4 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 07:49:14 Last Seen2023-03-29 21:37:14 Times Seen679 Hash dc06c3119dddfbf05587300ac8ed33b1 4b1f693198d49ff46bc137de1dde821a6d0e2c96 8d8172236c099b083eb385a86781096526ef00b93215bd3a8a223725978cd04e Loading...

	britishtelecommunications45267.weebly.com/	266 B	2023-03-13	2023-03-26
Pretty URL britishtelecommunications45267.weebly.com/ IP 199.34.228.53 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:33:14 Last Seen2023-03-26 11:12:30 Times Seen2 Hash fc0e729391010787dd75aacb6cc368f5 9c46ef01ac3ac86827d0780779d60a7f480e667c d673f1b78784f8c12205b05a674571a932ad829907e5a3a7c9815ad51172b501 Loading...

	britishtelecommunications45267.weebly.com/	6.1 kB	2023-03-13	2023-09-05
Pretty URL britishtelecommunications45267.weebly.com/ IP 199.34.228.53 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:33:14 Last Seen2023-09-05 16:07:57 Times Seen7 Hash 9e8b638343d7b55e6600e326903ea83d de375b33930c8f905e73c24c66135370171831f0 d315673d4b80477b18721e4131b6e700fc421c427d458a9d835360f7364b7393 Loading...

	britishtelecommunications45267.weebly.com/files/theme/MutationObserver.js	25 kB	2023-03-07	2024-04-20
Pretty URL britishtelecommunications45267.weebly.com/files/theme/MutationObserver.js IP 199.34.228.53 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:32:42 Last Seen2024-04-20 18:04:27 Times Seen1570 Hash e52201e96af18dd02c85eb627c843491 5bcdd1480b9bebcddb0d82083bdf03a7435d59a1 397452d9f6a2ea6a2135b45c9e40139c68ac6661f3bab4413e7299586ccb408a Loading...

	britishtelecommunications45267.weebly.com/	117 B	2023-03-07	2024-04-23
Pretty URL britishtelecommunications45267.weebly.com/ IP 199.34.228.53 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:44 Last Seen2024-04-23 17:56:26 Times Seen2914 Hash ef142665f07ac27f698aa34d471c4439 b9e0d81f97054a9a0a68f57096d992ba58f33184 fbfd3b11452dce82b76e405100aece37dcfe12df4c71fb8f2bc2fe2166e9f07f Loading...

	britishtelecommunications45267.weebly.com/	1.8 kB	2023-03-07	2024-04-23
Pretty URL britishtelecommunications45267.weebly.com/ IP 199.34.228.53 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:44 Last Seen2024-04-23 17:56:26 Times Seen2911 Hash 563cec0ace2baea4e867b491f66cd6b0 fc4451f8fa76c5d1e3714e9008510633cffaa4f7 e4538493fc4f43f93806d0239acac9b38b0453c8440dc5ba4fcb47eae6ab2556 Loading...

	britishtelecommunications45267.weebly.com/	263 B	2023-03-26	2023-03-26
Pretty URL britishtelecommunications45267.weebly.com/ IP 199.34.228.53 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 09:19:39 Last Seen2023-03-26 12:02:58 Times Seen21 Hash 7d6d5443ba9267d97b2760eae3eedd31 1ac3014a94e49d1d2993aa6d7f2fff8121586a83 9361bb142bd4c75463dc0238c9469805f5969b86bb081def90b74fe55bbf6147 Loading...

	britishtelecommunications45267.weebly.com/files/theme/jquery.trend.js?1620305019	3.8 kB	2023-03-07	2024-04-20
Pretty URL britishtelecommunications45267.weebly.com/files/theme/jquery.trend.js?1620305019 IP 199.34.228.53 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:59 Last Seen2024-04-20 18:50:29 Times Seen1614 Hash 4beccebe0a060b2b2c43de5c2d4512ef 250a779dd017877b9f360b264cf072d9e87974ff 446f48f512ecc0b771af3c21a3036de3a1c5740d1e6bdbb61448834326d0c738 Loading...

	britishtelecommunications45267.weebly.com/files/theme/custom-1.js?1620305019	16 kB	2023-03-07	2024-04-20
Pretty URL britishtelecommunications45267.weebly.com/files/theme/custom-1.js?1620305019 IP 199.34.228.53 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:30 Last Seen2024-04-20 18:04:27 Times Seen1326 Hash 214dde43cebf15418cdcc76f9677ee46 6e93acebfa271d3fce9626034d03f942d3b628a8 cfbf67a85c039719090cff2c4718de99203b1ced78cfb8fae5f7240d2f1570b7 Loading...

	unknown	0 B	2023-03-07	2024-04-24
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-24 00:22:10 Times Seen37027495 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	britishtelecommunications45267.weebly.com/files/theme/jquery.revealer.js?1620305019	2.8 kB	2023-03-07	2024-04-20
Pretty URL britishtelecommunications45267.weebly.com/files/theme/jquery.revealer.js?1620305019 IP 199.34.228.53 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:58 Last Seen2024-04-20 18:50:29 Times Seen1614 Hash c22ab67199a33d876512504cda4ff55b 36e96eae4644b6028532974fe5186a072792cb37 c4cd233d3d6b0f184e99d5017e521b4c6f9106d3e546864a8ba516189b934311 Loading...

	britishtelecommunications45267.weebly.com/	193 B	2023-03-07	2024-04-17
Pretty URL britishtelecommunications45267.weebly.com/ IP 199.34.228.53 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:35 Last Seen2024-04-17 06:45:18 Times Seen17 Hash dd9e781a0e49f035fb90a7ee61b0c38b d4a2c693b48e3db26ae59479c23646ca7efede30 3d608ae0453536424bb4a96a5f649a71d3ad94a24133f9122129c9fa191b283b Loading...

HTTP Transactions (67)

URL IP Response Size

britishtelecommunications45267.weebly.com/

199.34.228.53

301 Moved Permanently

446 B

URL HTTP/1.1
britishtelecommunications45267.weebly.com/
IP
199.34.228.53:0
ASN
#27647 WEEBLY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
446 B (446 bytes)
Hash
49522f89e237e0dd295d39698b1673ea
2f9af2ef81371ac643e9816a25aa8ef6fafe1e25
a854f80a95b44a53021ffa4bc06a8d101ed840c234d6b0f0c3e0631e5d373347

Detections

Analyzer	Verdict	Alert
openphish	BT Group plc
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: britishtelecommunications45267.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Mon, 20 Mar 2023 03:55:04 GMT
Server: Apache
Set-Cookie: is_mobile=0; path=/; domain=britishtelecommunications45267.weebly.com
Vary: X-W-SSL,User-Agent
Location: https://britishtelecommunications45267.weebly.com/
X-Host: blu50.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 446
Keep-Alive: timeout=10, max=68
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2857be6f18459c7a4a7f00f6cd6076f1
570609086d72a9be57cde7bfefd25663c1035fba
bd8abb8f420d1e31462fca1d6a7caadf1e2bba6fc7db05684b5811e00e84107f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD8ABB8F420D1E31462FCA1D6A7CAADF1E2BBA6FC7DB05684B5811E00E84107F"
Last-Modified: Fri, 17 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9861
Expires: Mon, 20 Mar 2023 06:39:25 GMT
Date: Mon, 20 Mar 2023 03:55:04 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
00e304a3fc0c2f01af0e94fcefe0ca40
833969e75e5e13e823c8d97ee59a9821eb157ee3
c2b7f7ae4861f2dd16867de54c7e47d95582de77887f523841d9683a369d20a7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2B7F7AE4861F2DD16867DE54C7E47D95582DE77887F523841D9683A369D20A7"
Last-Modified: Sun, 19 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16453
Expires: Mon, 20 Mar 2023 08:29:17 GMT
Date: Mon, 20 Mar 2023 03:55:04 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 20 Mar 2023 03:27:10 GMT
content-type: application/json
age: 1675
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
eddc2a353d39e5ce5c30d7e90b3ed6a5
305e86e4b966344c135c50af9a6509ffd3a83e9e
bd775c38c2e11f1baedde5d92ab17ceaf4c2067f8ea996595a66801758a71813

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD775C38C2E11F1BAEDDE5D92AB17CEAF4C2067F8EA996595A66801758A71813"
Last-Modified: Fri, 17 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12547
Expires: Mon, 20 Mar 2023 07:24:12 GMT
Date: Mon, 20 Mar 2023 03:55:05 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: LR9lTtJKlv5hz6m+CCSA4gji0V2eQlNZuEQ9kzrh2whFhVJXMcK5z+QcAifwJi9NhpOlvvAYt4A=
x-amz-request-id: EZEWGA00KSJNEC1S
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 20 Mar 2023 03:52:37 GMT
age: 148
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 20 Mar 2023 03:55:05 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

192.229.221.95

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
192.229.221.95:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d3643254234b0d9f16333cdf3b78face
7b40279993f933e5f4c32be28288c842e7c741bf
7be8ae0ce504374fa5109e5602bbd53a18840c2eec5d1a8b9fb42682ae7a0ab2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 597
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 03:55:05 GMT
Etag: "641680a1-1d7"
Last-Modified: Mon, 20 Mar 2023 03:45:08 GMT
Server: ECAcc (amb/6B0A)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Pragma, Content-Type, Content-Length, Cache-Control, Expires, Backoff, Alert, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 20 Mar 2023 03:14:32 GMT
age: 2433
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4c195a3fc0c2abb831630cef1dcfa770
eda338de3063640556177b9db364c33193d7f6dc
c22eb0537cd79666b82fe61dd77fe9b0b3c059a4c65d405412acfc2c6800b444

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C22EB0537CD79666B82FE61DD77FE9B0B3C059A4C65D405412ACFC2C6800B444"
Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12542
Expires: Mon, 20 Mar 2023 07:24:07 GMT
Date: Mon, 20 Mar 2023 03:55:05 GMT
Connection: keep-alive

britishtelecommunications45267.weebly.com/

199.34.228.53

200 OK

7.7 kB

URL HTTP/1.1
britishtelecommunications45267.weebly.com/
IP
199.34.228.53:0
ASN
#27647 WEEBLY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2439), with CRLF, LF line terminators
Size
7.7 kB (7695 bytes)
Hash
6aca24c78c7998a6bfdb1540b48885c3
9d64ae29e5e0b51b7eccd6231b2a7ef62cfb708c
397a90ed9a2e39a8c871ec043fdd4ff7c06479595e3926e418f6acb66e814dc4

Detections

Analyzer	Verdict	Alert
openphish	BT Group plc
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: britishtelecommunications45267.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Date: Mon, 20 Mar 2023 03:55:05 GMT
Server: Apache
Vary: X-W-SSL,Accept-Encoding,User-Agent
Set-Cookie: is_mobile=0; path=/; domain=britishtelecommunications45267.weebly.com
language=en; expires=Mon, 03-Apr-2023 03:55:05 GMT; Max-Age=1209600; path=/
Cache-Control: private
ETag: W/"46b312068c96d025a00b38db4cca300f-gzip"
Content-Encoding: gzip
X-Host: grn106.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 7695
Keep-Alive: timeout=10, max=69
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

cdn2.editmysite.com/images/site/footer/footer-toast-published-image-1.png

151.101.65.46

200 OK

9.7 kB

URL HTTP/2
cdn2.editmysite.com/images/site/footer/footer-toast-published-image-1.png
IP
151.101.65.46:0
ASN
#54113 FASTLY

File type
PNG image data, 199 x 97, 8-bit colormap, non-interlaced\012- data
Size
9.7 kB (9677 bytes)
Hash
6e0f7ad31bf187e0d88fc5787573ba71
14e8b85cc32a01c8901e4ac0160582d29a45e9e6
580ef6409e067a4ec4a427400c7d6216184869e2da53343df20753cc1f8a46cd

HTTP Headers

GET /images/site/footer/footer-toast-published-image-1.png HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://britishtelecommunications45267.weebly.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-guploader-uploadid: ADPycdu4hZDlDVT5VQqfrfLQ-eVMM_KlAjuFaJereZl_VqnMXxRJa5G9sQU1SKLabnH2GNa-4JETx6R48Ew-AfGOg3hsYQ
cache-control: public, max-age=86400, s-maxage=259200
expires: Fri, 10 Mar 2023 01:59:19 GMT
last-modified: Tue, 12 Feb 2019 18:19:08 GMT
etag: "6e0f7ad31bf187e0d88fc5787573ba71"
x-goog-generation: 1549995548326466
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 9677
content-type: image/png
x-goog-hash: crc32c=QhrKCw==, md5=bg960xvxh+DYj8V4dXO6cQ==
x-goog-storage-class: STANDARD
server: UploadServer
accept-ranges: bytes
date: Mon, 20 Mar 2023 03:55:05 GMT
via: 1.1 varnish
age: 93255
x-served-by: cache-bma1679-BMA
x-cache: HIT
x-cache-hits: 316
x-timer: S1679284506.937888,VS0,VE0
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 9677
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7b9696c5a484fe48a260ec0ac6f4c2dc
5fa72a6aae12370de4d88d0aa205f293e5a85c5b
578156cb0f02ebb0d6472976aa7186f70b49dfad8623edd5595b740ff1559d2c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 03:55:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn2.editmysite.com/css/old/fancybox.css?1620154490

151.101.65.46

200 OK

1.2 kB

URL HTTP/2
cdn2.editmysite.com/css/old/fancybox.css?1620154490
IP
151.101.65.46:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (3910)
Size
1.2 kB (1218 bytes)
Hash
b644e92258f4c7c0b4270047652d1e60
93734d52ee9e86a768159e514076051813c39cd9
29199496fb817668f887938571046abcdfb49063d0207d571b361f221f467907

HTTP Headers

GET /css/old/fancybox.css?1620154490 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://britishtelecommunications45267.weebly.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Mon, 06 Mar 2023 19:31:00 GMT
etag: "64063f74-f47"
expires: Tue, 21 Mar 2023 12:16:43 GMT
cache-control: max-age=1209600
x-host: blu148.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 20 Mar 2023 03:55:05 GMT
age: 1093103
x-served-by: cache-sjc10060-SJC, cache-bma1679-BMA
x-cache: HIT, HIT
x-cache-hits: 487, 1
x-timer: S1679284506.943406,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1218
X-Firefox-Spdy: h2

cdn2.editmysite.com/css/sites.css?buildTime=1620154490

151.101.65.46

200 OK

30 kB

URL HTTP/2
cdn2.editmysite.com/css/sites.css?buildTime=1620154490
IP
151.101.65.46:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65536), with no line terminators
Size
30 kB (29746 bytes)
Hash
d10158b22b553f723d99dc78eaee6390
80f2d6670cfb0d01cd20c471cf8e3e6465ddd3f6
939c7a8e1ad74a44e0c847e38533e69e36454b6805d25acf3fb0cb5c472d245e

HTTP Headers

GET /css/sites.css?buildTime=1620154490 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://britishtelecommunications45267.weebly.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Mon, 06 Mar 2023 19:30:56 GMT
etag: W/"64063f70-347ac"
expires: Tue, 21 Mar 2023 09:43:40 GMT
cache-control: max-age=1209600
x-host: grn75.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 20 Mar 2023 03:55:05 GMT
age: 1102285
x-served-by: cache-sjc10035-SJC, cache-bma1679-BMA
x-cache: HIT, HIT
x-cache-hits: 33, 1
x-timer: S1679284506.937248,VS0,VE2
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 29746
X-Firefox-Spdy: h2

cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1620154490

151.101.65.46

200 OK

159 kB

URL HTTP/2
cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1620154490
IP
151.101.65.46:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (32007)
Size
159 kB (159030 bytes)
Hash
40bd6b3520e6770db22d841b9009be3f
5d863c1e1b29700dc2f3546228e0e195ec235587
4157f51e5e61cce428bcbcbea0ec28c41bdc836531ca17333855b7c2a24919a8

HTTP Headers

GET /js/site/main-customer-accounts-site.js?buildTime=1620154490 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://britishtelecommunications45267.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Mon, 06 Mar 2023 19:31:24 GMT
etag: "64063f8c-825b0"
expires: Tue, 21 Mar 2023 13:37:46 GMT
cache-control: max-age=1209600
x-host: grn62.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 20 Mar 2023 03:55:05 GMT
age: 1088239
x-served-by: cache-sjc10036-SJC, cache-bma1679-BMA
x-cache: HIT, HIT
x-cache-hits: 67, 1
x-timer: S1679284506.937477,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 159030
X-Firefox-Spdy: h2

push.services.mozilla.com/

35.164.100.136

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.164.100.136:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: TUKL+G6EZOFk/g5BH6SKqg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: qveHI1F21virxsKoZyntGi0u2Qs=

cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1620154490&

151.101.65.46

200 OK

33 kB

URL HTTP/2
cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1620154490&
IP
151.101.65.46:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65024)
Size
33 kB (32876 bytes)
Hash
9df320c449a155de8e2854d820888021
deccaa79af0b3f2cd446597c39f385c084326c8a
dc9aef4c943e2eee19742a9369fe18b47a9f6ef0f56a111ca826351a6a09fddb

HTTP Headers

GET /js/lang/en/stl.js?buildTime=1620154490& HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://britishtelecommunications45267.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Mon, 06 Mar 2023 19:29:38 GMT
etag: "64063f22-2c38c"
expires: Tue, 21 Mar 2023 10:06:12 GMT
cache-control: max-age=1209600
x-host: blu70.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 20 Mar 2023 03:55:05 GMT
age: 1100934
x-served-by: cache-sjc10083-SJC, cache-bma1679-BMA
x-cache: HIT, HIT
x-cache-hits: 15, 1
x-timer: S1679284506.949740,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 32876
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7b9696c5a484fe48a260ec0ac6f4c2dc
5fa72a6aae12370de4d88d0aa205f293e5a85c5b
578156cb0f02ebb0d6472976aa7186f70b49dfad8623edd5595b740ff1559d2c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 03:55:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

britishtelecommunications45267.weebly.com/files/theme/MutationObserver.js

199.34.228.53

200 OK

6.8 kB

URL HTTP/1.1
britishtelecommunications45267.weebly.com/files/theme/MutationObserver.js
IP
199.34.228.53:0
ASN
#27647 WEEBLY

File type
ASCII text
Size
6.8 kB (6842 bytes)
Hash
a502a64ac17dab318a72b5c6f667e5d6
9b623c5cdc2c288649ff13504131ea2c382e700d
b0d53c00940847c4638accf26f204ef4569affa4a686ebcc5d3cc87d1697aa9d

Detections

Analyzer	Verdict	Alert
openphish	BT Group plc
fortinet	Phishing

HTTP Headers

GET /files/theme/MutationObserver.js HTTP/1.1
Host: britishtelecommunications45267.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://britishtelecommunications45267.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 20 Mar 2023 03:55:05 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 17 May 2022 14:16:26 GMT
x-rgw-object-type: Normal
ETag: W/"e52201e96af18dd02c85eb627c843491"
x-amz-request-id: tx000000000000001e24b3b-006284b0eb-b9fbc77-sfo1
X-Storage-Bucket: z3974
X-Storage-Object: 397452d9f6a2ea6a2135b45c9e40139c68ac6661f3bab4413e7299586ccb408a
X-Host: blu149.sf2p.intern.weebly.net
Content-Encoding: gzip

cdn2.editmysite.com/css/social-icons.css?buildtime=1620154490

151.101.65.46

200 OK

1.6 kB

URL HTTP/2
cdn2.editmysite.com/css/social-icons.css?buildtime=1620154490
IP
151.101.65.46:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (13080)
Size
1.6 kB (1640 bytes)
Hash
0d5dc1fb6962d6e90469d86a22d556f7
56257e3555575865bf4d5c8995184e5195c1e39a
52f55725b5bf98b9e009fe6d3804281844663e074c0a7d36d5d39f44217be75d

HTTP Headers

GET /css/social-icons.css?buildtime=1620154490 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://britishtelecommunications45267.weebly.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Mon, 13 Mar 2023 19:49:41 GMT
etag: W/"640f7e55-3319"
expires: Tue, 28 Mar 2023 13:28:23 GMT
cache-control: max-age=1209600
x-host: blu42.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 20 Mar 2023 03:55:05 GMT
age: 484002
x-served-by: cache-sjc10025-SJC, cache-bma1679-BMA
x-cache: HIT, HIT
x-cache-hits: 28, 1
x-timer: S1679284506.953932,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1640
X-Firefox-Spdy: h2

cdn2.editmysite.com/js/site/main.js?buildTime=1620154490

151.101.65.46

200 OK

146 kB

URL HTTP/2
cdn2.editmysite.com/js/site/main.js?buildTime=1620154490
IP
151.101.65.46:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (32147)
Size
146 kB (146400 bytes)
Hash
81b8673c5d3aa3ab8c0574f2a8f0e3b4
2e0661bc7907d9e2703b3347c3fec579f0aef5d6
0e981f4de6287406ce261fddea24aa05ded4b6a8c4c07283c363c1502071cf40

HTTP Headers

GET /js/site/main.js?buildTime=1620154490 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://britishtelecommunications45267.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Mon, 13 Mar 2023 19:50:04 GMT
etag: "640f7e6c-74804"
expires: Tue, 28 Mar 2023 08:02:52 GMT
cache-control: max-age=1209600
x-host: grn121.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 20 Mar 2023 03:55:05 GMT
age: 503533
x-served-by: cache-sjc10049-SJC, cache-bma1679-BMA
x-cache: HIT, HIT
x-cache-hits: 25, 1
x-timer: S1679284506.940372,VS0,VE17
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 146400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7b9696c5a484fe48a260ec0ac6f4c2dc
5fa72a6aae12370de4d88d0aa205f293e5a85c5b
578156cb0f02ebb0d6472976aa7186f70b49dfad8623edd5595b740ff1559d2c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 03:55:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3

104.18.20.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
0e9a55c5385a2270fb372e9f23549631
2ad6a5320dc89ea80e727b0dba78c12fc1632ac9
db6aa9a1e850d7e2d8d10dce76edb30ee96043fc66c4192c1afc99f4b8da4f6c

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q3 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 20 Mar 2023 03:55:06 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "719A83203EF216F23F851CD782BA91C06C89A4AC"
Expires: Mon, 20 Mar 2023 15:00:00 GMT
Last-Modified: Mon, 20 Mar 2023 03:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7aab0482d86a0afe-OSL

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7b9696c5a484fe48a260ec0ac6f4c2dc
5fa72a6aae12370de4d88d0aa205f293e5a85c5b
578156cb0f02ebb0d6472976aa7186f70b49dfad8623edd5595b740ff1559d2c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 03:55:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7b9696c5a484fe48a260ec0ac6f4c2dc
5fa72a6aae12370de4d88d0aa205f293e5a85c5b
578156cb0f02ebb0d6472976aa7186f70b49dfad8623edd5595b740ff1559d2c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 03:55:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

britishtelecommunications45267.weebly.com/files/main_style.css?1620307063

199.34.228.53

200 OK

7.2 kB

URL HTTP/1.1
britishtelecommunications45267.weebly.com/files/main_style.css?1620307063
IP
199.34.228.53:0
ASN
#27647 WEEBLY

File type
assembler source, ASCII text, with very long lines (815)
Size
7.2 kB (7199 bytes)
Hash
6aaf9eb84c7515a46cd3bddd456690d4
38d1253817f29351586ce57ac9c235e389cc1acf
ab31ff41ca02bb35bda4d19fe7081552cee4027a90135613aacf0a9daed4a75f

HTTP Headers

GET /files/main_style.css?1620307063 HTTP/1.1
Host: britishtelecommunications45267.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://britishtelecommunications45267.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 20 Mar 2023 03:55:06 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
X-Host: grn28.sf2p.intern.weebly.net
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
55ad4123e19b3babc18ece16b13ff042
97d003194e3a29a4f64596b981b5a4a730e263c9
3dc00b98beb78092083878847d238f0784a7e720f82e524bde4fa115cbf34078

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 03:55:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css?family=Karla:400,700,400italic,700italic&subset=latin,latin-ext

142.250.74.138

200 OK

940 B

URL HTTP/2
fonts.googleapis.com/css?family=Karla:400,700,400italic,700italic&subset=latin,latin-ext
IP
142.250.74.138:0
ASN
#15169 GOOGLE

File type
data
Size
940 B (940 bytes)
Hash
bcfb7f791c9448fcd10937b846046b7b
1af5e5c08aa583e1461de53ea470a440118690ff
a6ba7a9528ee77e7c5fc138a8c41bb8afeafe30f1a2f1a1d59e4e6b22805f122

HTTP Headers

GET /css?family=Karla:400,700,400italic,700italic&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://britishtelecommunications45267.weebly.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 20 Mar 2023 03:55:06 GMT
date: Mon, 20 Mar 2023 03:55:06 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/karla/v23/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bg.woff2

216.58.207.227

200 OK

21 kB

URL HTTP/2
fonts.gstatic.com/s/karla/v23/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bg.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 21248, version 1.0\012- data
Size
21 kB (21248 bytes)
Hash
481105857aba99f91faa3cd9a360e8e1
a2d8dcb59555878d359c2bebbc8be6985d26d7d2
f8c2240958cb1fff47d921ca0f3097f9e7403ada01af2382477ef42c404c38d4

HTTP Headers

GET /s/karla/v23/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://britishtelecommunications45267.weebly.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21248
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Mar 2023 17:41:38 GMT
expires: Fri, 15 Mar 2024 17:41:38 GMT
cache-control: public, max-age=31536000
age: 296008
last-modified: Mon, 11 Jul 2022 20:38:57 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

britishtelecommunications45267.weebly.com/uploads/1/3/7/5/137517998/badru-bt.png

199.34.228.53

200 OK

3.8 kB

URL HTTP/1.1
britishtelecommunications45267.weebly.com/uploads/1/3/7/5/137517998/badru-bt.png
IP
199.34.228.53:0
ASN
#27647 WEEBLY

File type
PNG image data, 225 x 225, 8-bit colormap, non-interlaced\012- data
Size
3.8 kB (3808 bytes)
Hash
df491817199c2696610581066b686999
6293e55b94bb325e4ac4f365016343396852cf49
cb53687b51450bde654ff04428fd3563b85e4fe0cf74ab0b67bb4679670ea01b

Detections

Analyzer	Verdict	Alert
openphish	BT Group plc

HTTP Headers

GET /uploads/1/3/7/5/137517998/badru-bt.png HTTP/1.1
Host: britishtelecommunications45267.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://britishtelecommunications45267.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 20 Mar 2023 03:55:06 GMT
Content-Type: image/png
Content-Length: 3808
Connection: keep-alive
Last-Modified: Thu, 03 Sep 2020 08:37:43 GMT
x-rgw-object-type: Normal
ETag: "df491817199c2696610581066b686999"
x-amz-request-id: tx00000000000007f5ef4c1-0063fe62af-c67eadd-sfo1
X-Storage-Bucket: zcb53
X-Storage-Object: cb53687b51450bde654ff04428fd3563b85e4fe0cf74ab0b67bb4679670ea01b
X-Host: grn136.sf2p.intern.weebly.net
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

1.0 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
gzip compressed data, max compression\012- data
Size
1.0 kB (1015 bytes)
Hash
4b01f6b79bc6fcec6dcf8ef983ef9bdc
e68a4a153244ba803a21168fb4f69dd0e300f5d5
0d5ea07783838475ca75e58fe46b8454ac8fac4e2a9f6cae765b45fff76331ce

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 03:55:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
55ad4123e19b3babc18ece16b13ff042
97d003194e3a29a4f64596b981b5a4a730e263c9
3dc00b98beb78092083878847d238f0784a7e720f82e524bde4fa115cbf34078

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 03:55:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2

216.58.207.227

200 OK

25 kB

URL HTTP/2
fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 25372, version 1.0\012- data
Size
25 kB (25372 bytes)
Hash
fe424f96cb627d8b835cb001af17f56e
c5b4368fed99812a99036fba86d01367b5549505
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1

HTTP Headers

GET /s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://britishtelecommunications45267.weebly.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25372
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 15 Mar 2023 13:03:53 GMT
expires: Thu, 14 Mar 2024 13:03:53 GMT
cache-control: public, max-age=31536000
age: 399073
last-modified: Mon, 18 Jul 2022 19:24:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/karla/v23/qkB_XvYC6trAT7RQNNK2EG7SIwPWMNlCVytER0IPh7KX59Z0CnSKbGkv.woff2

216.58.207.227

200 OK

22 kB

URL HTTP/2
fonts.gstatic.com/s/karla/v23/qkB_XvYC6trAT7RQNNK2EG7SIwPWMNlCVytER0IPh7KX59Z0CnSKbGkv.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 21712, version 1.0\012- data
Size
22 kB (21712 bytes)
Hash
76e3377255ab63429783bbcaebbce708
c626af02b36481299a90249ead5f484f107991f3
2b5074b9993e266faff0c7be6f5c65cc79b6f5d55b62d130788861ab3a88c86c

HTTP Headers

GET /s/karla/v23/qkB_XvYC6trAT7RQNNK2EG7SIwPWMNlCVytER0IPh7KX59Z0CnSKbGkv.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://britishtelecommunications45267.weebly.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21712
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 15 Mar 2023 12:54:27 GMT
expires: Thu, 14 Mar 2024 12:54:27 GMT
cache-control: public, max-age=31536000
age: 399639
last-modified: Mon, 11 Jul 2022 20:34:17 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/robotomono/v22/L0xTDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_3vrtSM1J-gEPT5Ese6hmHSh0mQ.woff2

216.58.207.227

200 OK

22 kB

URL HTTP/2
fonts.gstatic.com/s/robotomono/v22/L0xTDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_3vrtSM1J-gEPT5Ese6hmHSh0mQ.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 22168, version 1.0\012- data
Size
22 kB (22168 bytes)
Hash
aecf4656f9d639613cf46bf25e28a08b
b51fb5207f34b7283474875e2493591784c09947
f39f934bc7f7b1b4dfa532f4b38dac960a3a7ad6bb9789a412f03bdcb4abd9f5

HTTP Headers

GET /s/robotomono/v22/L0xTDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_3vrtSM1J-gEPT5Ese6hmHSh0mQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://britishtelecommunications45267.weebly.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22168
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 18 Mar 2023 20:17:38 GMT
expires: Sun, 17 Mar 2024 20:17:38 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 18:56:28 GMT
content-type: font/woff2
age: 113848
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
55ad4123e19b3babc18ece16b13ff042
97d003194e3a29a4f64596b981b5a4a730e263c9
3dc00b98beb78092083878847d238f0784a7e720f82e524bde4fa115cbf34078

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 03:55:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

britishtelecommunications45267.weebly.com/files/theme/jquery.revealer.js?1620305019

199.34.228.53

200 OK

2.8 kB

URL HTTP/1.1
britishtelecommunications45267.weebly.com/files/theme/jquery.revealer.js?1620305019
IP
199.34.228.53:0
ASN
#27647 WEEBLY

File type
ASCII text
Size
2.8 kB (2828 bytes)
Hash
c22ab67199a33d876512504cda4ff55b
36e96eae4644b6028532974fe5186a072792cb37
c4cd233d3d6b0f184e99d5017e521b4c6f9106d3e546864a8ba516189b934311

Detections

Analyzer	Verdict	Alert
openphish	BT Group plc
fortinet	Phishing

HTTP Headers

GET /files/theme/jquery.revealer.js?1620305019 HTTP/1.1
Host: britishtelecommunications45267.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://britishtelecommunications45267.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 20 Mar 2023 03:55:06 GMT
Content-Type: application/javascript
Content-Length: 2828
Connection: keep-alive
Last-Modified: Tue, 26 Oct 2021 13:57:33 GMT
x-rgw-object-type: Normal
ETag: "c22ab67199a33d876512504cda4ff55b"
x-amz-request-id: tx000000000000001b8091d-0062847b2f-b9fbc29-sfo1
X-Storage-Bucket: zc4cd
X-Storage-Object: c4cd233d3d6b0f184e99d5017e521b4c6f9106d3e546864a8ba516189b934311
X-Host: blu154.sf2p.intern.weebly.net
Accept-Ranges: bytes

britishtelecommunications45267.weebly.com/files/theme/plugins.js?1620305019

199.34.228.53

200 OK

16 kB

URL HTTP/1.1
britishtelecommunications45267.weebly.com/files/theme/plugins.js?1620305019
IP
199.34.228.53:0
ASN
#27647 WEEBLY

File type
ASCII text
Size
16 kB (15721 bytes)
Hash
43e6b0bb6eb6524188831a282f7656d7
44e73fe367fc1fb8efee7eefac557b7d76ef0f44
9001fcfe93ceab40de4bb3535fc61335318c56d4440b53070cac27a26fef42bb

Detections

Analyzer	Verdict	Alert
openphish	BT Group plc
fortinet	Phishing

HTTP Headers

GET /files/theme/plugins.js?1620305019 HTTP/1.1
Host: britishtelecommunications45267.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://britishtelecommunications45267.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 20 Mar 2023 03:55:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 24 Apr 2022 01:56:38 GMT
x-rgw-object-type: Normal
ETag: W/"2b8d85f1ea01d2c3e8b962eac8d76a5c"
x-amz-request-id: tx000000000000001ac621f-00628479bc-b9fbc77-sfo1
X-Storage-Bucket: zb635
X-Storage-Object: b6353ca52760aba4e7547ae9861db68158dc2af0f4febece55e5c775ee4449f5
X-Host: blu31.sf2p.intern.weebly.net
Content-Encoding: gzip

britishtelecommunications45267.weebly.com/files/theme/jquery.pxuMenu.js?1620305019

199.34.228.53

200 OK

3.7 kB

URL HTTP/1.1
britishtelecommunications45267.weebly.com/files/theme/jquery.pxuMenu.js?1620305019
IP
199.34.228.53:0
ASN
#27647 WEEBLY

File type
HTML document, ASCII text
Size
3.7 kB (3697 bytes)
Hash
ac373d716afe4270df40f60417b0f418
aba148148c771bb66b0b4aeab6eac8eb40352745
f75570c56743e8c705cb06f5f1f9b1f8f2cc13119f5e2acda2f3bb8d987de94a

HTTP Headers

GET /files/theme/jquery.pxuMenu.js?1620305019 HTTP/1.1
Host: britishtelecommunications45267.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://britishtelecommunications45267.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 20 Mar 2023 03:55:06 GMT
Content-Type: application/javascript
Content-Length: 3697
Connection: keep-alive
Last-Modified: Mon, 25 Apr 2022 13:50:18 GMT
x-rgw-object-type: Normal
ETag: "ac373d716afe4270df40f60417b0f418"
x-amz-request-id: tx000000000000001e53eb5-006284b0eb-b9fbc20-sfo1
X-Storage-Bucket: zf755
X-Storage-Object: f75570c56743e8c705cb06f5f1f9b1f8f2cc13119f5e2acda2f3bb8d987de94a
X-Host: grn135.sf2p.intern.weebly.net
Accept-Ranges: bytes

britishtelecommunications45267.weebly.com/files/theme/jquery.trend.js?1620305019

199.34.228.53

200 OK

3.8 kB

URL HTTP/1.1
britishtelecommunications45267.weebly.com/files/theme/jquery.trend.js?1620305019
IP
199.34.228.53:0
ASN
#27647 WEEBLY

File type
ASCII text
Size
3.8 kB (3775 bytes)
Hash
4beccebe0a060b2b2c43de5c2d4512ef
250a779dd017877b9f360b264cf072d9e87974ff
446f48f512ecc0b771af3c21a3036de3a1c5740d1e6bdbb61448834326d0c738

Detections

Analyzer	Verdict	Alert
openphish	BT Group plc
fortinet	Phishing

HTTP Headers

GET /files/theme/jquery.trend.js?1620305019 HTTP/1.1
Host: britishtelecommunications45267.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://britishtelecommunications45267.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 20 Mar 2023 03:55:06 GMT
Content-Type: application/javascript
Content-Length: 3775
Connection: keep-alive
Last-Modified: Thu, 10 Feb 2022 08:22:06 GMT
x-rgw-object-type: Normal
ETag: "4beccebe0a060b2b2c43de5c2d4512ef"
x-amz-request-id: tx000000000000001b11728-0062847b79-b9fbc20-sfo1
X-Storage-Bucket: z446f
X-Storage-Object: 446f48f512ecc0b771af3c21a3036de3a1c5740d1e6bdbb61448834326d0c738
X-Host: grn28.sf2p.intern.weebly.net
Accept-Ranges: bytes

britishtelecommunications45267.weebly.com/files/theme/custom-1.js?1620305019

199.34.228.53

200 OK

4.1 kB

URL HTTP/1.1
britishtelecommunications45267.weebly.com/files/theme/custom-1.js?1620305019
IP
199.34.228.53:0
ASN
#27647 WEEBLY

File type
ASCII text
Size
4.1 kB (4097 bytes)
Hash
9f3b0abe72c25dcd381cb41900970422
559cf4346ff62e549e9b5d9856fb6d1d1139eb8b
297782594ab453c80e206ae349690e2580655f5b6700c32b2a9a8a167917ffb6

HTTP Headers

GET /files/theme/custom-1.js?1620305019 HTTP/1.1
Host: britishtelecommunications45267.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://britishtelecommunications45267.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 20 Mar 2023 03:55:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 26 Oct 2021 13:57:32 GMT
x-rgw-object-type: Normal
ETag: W/"214dde43cebf15418cdcc76f9677ee46"
x-amz-request-id: tx000000000000001ee52ca-0061a7fb98-a9f41e7-sfo1
X-Storage-Bucket: zcfbf
X-Storage-Object: cfbf67a85c039719090cff2c4718de99203b1ced78cfb8fae5f7240d2f1570b7
X-Host: blu78.sf2p.intern.weebly.net
Content-Encoding: gzip

britishtelecommunications45267.weebly.com/uploads/1/3/7/5/137517998/background-images/1273713537.jpg

199.34.228.53

200 OK

28 kB

URL HTTP/1.1
britishtelecommunications45267.weebly.com/uploads/1/3/7/5/137517998/background-images/1273713537.jpg
IP
199.34.228.53:0
ASN
#27647 WEEBLY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x360, components 3\012- data
Size
28 kB (27533 bytes)
Hash
802c8da623133884ac00c8019349c38f
ccfd7f135d20d0716268f19bd613f37d9f4ae849
c78fb9d62f33cc4fe3c48f35d0626208a1d21e5649e3eed7cfbf4c93cff9ea91

Detections

Analyzer	Verdict	Alert
openphish	BT Group plc

HTTP Headers

GET /uploads/1/3/7/5/137517998/background-images/1273713537.jpg HTTP/1.1
Host: britishtelecommunications45267.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://britishtelecommunications45267.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 20 Mar 2023 03:55:06 GMT
Content-Type: image/jpeg
Content-Length: 27533
Connection: keep-alive
Last-Modified: Tue, 23 Jun 2020 09:05:28 GMT
x-rgw-object-type: Normal
ETag: "802c8da623133884ac00c8019349c38f"
x-amz-request-id: tx000000000000000e8d8be-0064179822-d84b689-sfo1
X-Storage-Bucket: zc78f
X-Storage-Object: c78fb9d62f33cc4fe3c48f35d0626208a1d21e5649e3eed7cfbf4c93cff9ea91
X-Host: blu38.sf2p.intern.weebly.net
Accept-Ranges: bytes

britishtelecommunications45267.weebly.com/files/theme/images/arrow-light.svg?1620307063

199.34.228.53

200 OK

886 B

URL HTTP/1.1
britishtelecommunications45267.weebly.com/files/theme/images/arrow-light.svg?1620307063
IP
199.34.228.53:0
ASN
#27647 WEEBLY

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
886 B (886 bytes)
Hash
552eb2e04260fc0733e5633d15c6aeaa
0a9efcc3b0ebabb23a49a00061fd8200eded1613
705ff3240de004523ff9d628b28aad705ad3f0ceb046312495265a4042c67570

Detections

Analyzer	Verdict	Alert
openphish	BT Group plc
fortinet	Phishing

HTTP Headers

GET /files/theme/images/arrow-light.svg?1620307063 HTTP/1.1
Host: britishtelecommunications45267.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://britishtelecommunications45267.weebly.com/files/main_style.css?1620307063
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 20 Mar 2023 03:55:06 GMT
Content-Type: image/svg+xml; charset=us-ascii
Content-Length: 886
Connection: keep-alive
Last-Modified: Sat, 19 Mar 2022 04:38:52 GMT
x-rgw-object-type: Normal
ETag: "552eb2e04260fc0733e5633d15c6aeaa"
x-amz-request-id: tx000000000000001e47cbc-006284b01e-b9fbc20-sfo1
X-Storage-Bucket: z705f
X-Storage-Object: 705ff3240de004523ff9d628b28aad705ad3f0ceb046312495265a4042c67570
Content-Disposition: attachment
X-Host: blu135.sf2p.intern.weebly.net
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e8fc65c8ed6ea66df6d6f044d7636fe2
da5b32e7c3fb8dddbd1466e4733cab6e35a66f8c
733e51b02cac5aca153e462118e12f623b0be034bb5488eb021c09a4b41744dc

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 03:55:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

britishtelecommunications45267.weebly.com/uploads/1/3/7/5/137517998/published/screenshot-2021-01-11-email-login-page.png?1620305545

199.34.228.53

200 OK

1.8 kB

URL HTTP/1.1
britishtelecommunications45267.weebly.com/uploads/1/3/7/5/137517998/published/screenshot-2021-01-11-email-login-page.png?1620305545
IP
199.34.228.53:0
ASN
#27647 WEEBLY

File type
PNG image data, 231 x 53, 8-bit/color RGBA, non-interlaced\012- data
Size
1.8 kB (1846 bytes)
Hash
85d6be83167d952de221457b66b9892d
581a9d09594be5efc49f30cfda86ecf1b66980a5
183c7f027f5cec11cf4a140a4db7f12349e2c8385f4a7c1ca6714804962969e4

Detections

Analyzer	Verdict	Alert
openphish	BT Group plc
fortinet	Phishing

HTTP Headers

GET /uploads/1/3/7/5/137517998/published/screenshot-2021-01-11-email-login-page.png?1620305545 HTTP/1.1
Host: britishtelecommunications45267.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://britishtelecommunications45267.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 20 Mar 2023 03:55:06 GMT
Content-Type: image/png
Content-Length: 1846
Connection: keep-alive
Last-Modified: Mon, 11 Jan 2021 20:09:13 GMT
x-rgw-object-type: Normal
ETag: "85d6be83167d952de221457b66b9892d"
x-amz-request-id: tx00000000000007f3f3bf9-0063fea9c7-c6aed46-sfo1
X-Storage-Bucket: z183c
X-Storage-Object: 183c7f027f5cec11cf4a140a4db7f12349e2c8385f4a7c1ca6714804962969e4
X-Host: blu78.sf2p.intern.weebly.net
Accept-Ranges: bytes

www.google.com/recaptcha/api.js?_=1679284506553

216.58.211.4

200 OK

554 B

URL HTTP/2
www.google.com/recaptcha/api.js?_=1679284506553
IP
216.58.211.4:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (850), with no line terminators
Size
554 B (554 bytes)
Hash
7a61332e081c1df94aee6da79ccab5cf
9a1b52aef388542cfa62d685399669420b8998ee
3edecdbe2c8dbe6ff85c45d382f9f608ed30a6618fa62b18282e03d866dc6dd7

HTTP Headers

GET /recaptcha/api.js?_=1679284506553 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://britishtelecommunications45267.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
expires: Mon, 20 Mar 2023 03:55:06 GMT
date: Mon, 20 Mar 2023 03:55:06 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 554
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d2b91b87a3060a36d0002f6338924521
b216a0ae0e118f942207ae6c51a5309393fe79f4
835446923abce8bde27c74317de5388462f43f7cbf93293a15891a2a2554e406

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 03:55:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f1619e65eeac4c79d93deb418bb1b740
b1c592a47ab71569364b05c87362caef4dea7c67
7c83a70b21133bb49f5e0f8e9abd1fecb1a814b754d6d26e598e7e4589564c04

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 03:55:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ssl.google-analytics.com/ga.js

142.250.74.168

200 OK

17 kB

URL HTTP/2
ssl.google-analytics.com/ga.js
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1305)
Size
17 kB (17168 bytes)
Hash
01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d

HTTP Headers

GET /ga.js HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://britishtelecommunications45267.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Mon, 20 Mar 2023 03:53:14 GMT
expires: Mon, 20 Mar 2023 05:53:14 GMT
cache-control: public, max-age=7200
age: 112
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f1619e65eeac4c79d93deb418bb1b740
b1c592a47ab71569364b05c87362caef4dea7c67
7c83a70b21133bb49f5e0f8e9abd1fecb1a814b754d6d26e598e7e4589564c04

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 03:55:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/recaptcha__en.js

142.250.74.67

200 OK

165 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/recaptcha__en.js
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (576)
Size
165 kB (164678 bytes)
Hash
f22f07ee02fbeed3958345c90b52b818
2aa44ea19d580589c06c2170103b4d0505e18cdb
dc1eadf37f70bef92766d0c316d1da7af283b84e5c309a4732d8ed35d7bbfb84

HTTP Headers

GET /recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://britishtelecommunications45267.weebly.com
Connection: keep-alive
Referer: https://britishtelecommunications45267.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 164678
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 15 Mar 2023 11:44:52 GMT
expires: Thu, 14 Mar 2024 11:44:52 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 13 Mar 2023 02:02:14 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 403814
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

britishtelecommunications45267.weebly.com/favicon.ico

199.34.228.53

200 OK

4.3 kB

URL HTTP/1.1
britishtelecommunications45267.weebly.com/favicon.ico
IP
199.34.228.53:0
ASN
#27647 WEEBLY

File type
MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Size
4.3 kB (4286 bytes)
Hash
4d27526198ac873ccec96935198e0fb9
b98d8b73ad6a0f7477c3397561b4aab37bf262aa
40a2146151863bcf46c786d596e81a308d1b0d26d74635be441e92656f29b1b4

Detections

Analyzer	Verdict	Alert
openphish	BT Group plc

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: britishtelecommunications45267.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://britishtelecommunications45267.weebly.com/
Cookie: is_mobile=0; language=en; _snow_ses.1a46=*; _snow_id.1a46=8906293e-3390-4ac5-9b20-3c026af6fb62.1679284507.1.1679284507.1679284507.5e65050e-f16c-417a-8331-5a774a69ea0e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 20 Mar 2023 03:55:06 GMT
Content-Type: image/x-icon
Content-Length: 4286
Connection: keep-alive
Last-Modified: Fri, 24 Sep 2021 21:48:12 GMT
x-rgw-object-type: Normal
ETag: "4d27526198ac873ccec96935198e0fb9"
x-amz-request-id: tx000000000000001b2998c-006284778e-b9fbc63-sfo1
X-Storage-Bucket: z40a2
X-Storage-Object: 40a2146151863bcf46c786d596e81a308d1b0d26d74635be441e92656f29b1b4
X-Host: grn132.sf2p.intern.weebly.net
Accept-Ranges: bytes

britishtelecommunications45267.weebly.com/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]

199.34.228.53

200 OK

348 B

URL HTTP/1.1
britishtelecommunications45267.weebly.com/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]
IP
199.34.228.53:0
ASN
#27647 WEEBLY

File type
JSON data\012- , ASCII text, with very long lines (348), with no line terminators
Size
348 B (348 bytes)
Hash
a944dd688c99d2901d6719be713271c0
4f5454d5d434829baf46671638610791758725d9
adb97e1bc686c58b4286f1208d2bd969687c6cf3e2fc468697dfd956d260de49

Detections

Analyzer	Verdict	Alert
openphish	BT Group plc
fortinet	Phishing

HTTP Headers

POST /ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails] HTTP/1.1
Host: britishtelecommunications45267.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 83
Origin: https://britishtelecommunications45267.weebly.com
Connection: keep-alive
Referer: https://britishtelecommunications45267.weebly.com/
Cookie: is_mobile=0; language=en; _snow_ses.1a46=*; _snow_id.1a46=8906293e-3390-4ac5-9b20-3c026af6fb62.1679284507.1.1679284507.1679284507.5e65050e-f16c-417a-8331-5a774a69ea0e
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 20 Mar 2023 03:55:06 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: blu59.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 348
Keep-Alive: timeout=10, max=73
Connection: Keep-Alive
Content-Type: application/json

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12382
Expires: Mon, 20 Mar 2023 07:21:29 GMT
Date: Mon, 20 Mar 2023 03:55:07 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12382
Expires: Mon, 20 Mar 2023 07:21:29 GMT
Date: Mon, 20 Mar 2023 03:55:07 GMT
Connection: keep-alive

ocsp.r2m01.amazontrust.com/

54.230.80.227

200 OK

471 B

URL HTTP/1.1
ocsp.r2m01.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
9bee233a6db92158cdea8ef9b0b2df67
b0327308bc30aa34a06654eae29c45b8277e88bb
a4ede9f3843dea53565460710601077dfe1eb564544cecd338b27f8c366d0c4e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 20 Mar 2023 03:55:07 GMT
Last-Modified: Mon, 20 Mar 2023 02:50:10 GMT
Server: ECAcc (nya/79F3)
X-Cache: Miss from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: mcb5MKXN13Mx--9QxFBxEZ6PAUutRgzPNxA0Y1XNeRFJe8aSSvz20g==
Age: 3897

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fe5aed2-e0b3-446a-8b49-6e9e2197196c.jpeg

34.120.237.76

200 OK

7.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fe5aed2-e0b3-446a-8b49-6e9e2197196c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.8 kB (7816 bytes)
Hash
f2892f63d474ec0b9b0cd8ca15c46d3e
f71cfaf9607c4aa0906e28410842af2dd7092619
d4c7c4bc26c302782bcefb7035d6461942cc675752f19040aa774e11907df805

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fe5aed2-e0b3-446a-8b49-6e9e2197196c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7816
x-amzn-requestid: e86f9c05-a39f-4930-b629-b15446eef173
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDDUKGV2IAMF_8g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64177f4d-1650737e08d7323f6fe11d59;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:31:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: HACqhUHXyt5GEvgzsXO-AhRuMkSFYpShU6LMTZvaFcLUud_zyayXJg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 9adef5b1c5fc9ca80d6f4f8d19e103a2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Mar 2023 21:37:03 GMT
etag: "f71cfaf9607c4aa0906e28410842af2dd7092619"
content-type: image/jpeg
age: 22684
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10338 bytes)
Hash
78453ba98b72eff3879ef163b59c86ed
80519bb3726ee1f9f211344cd433cefaed3a7f2e
61adfeff11af9583355ac7d1500e8a8d97357b2846f151f2421001994fb06655

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10338
x-amzn-requestid: 9f880b5b-056c-44bb-a811-36ea27c232aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BvSgFGENoAMFuVw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640f9799-2318d444248f7610300c658f;Sampled=0
x-amzn-remapped-date: Mon, 13 Mar 2023 21:37:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: K19FG80YIBs-7NnPFJQEodETe4DpifB_BA2FpyYtB0W-sXXjNlLKxw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 21618d080c6bfbcd465fc55a167a8c1a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Mar 2023 07:04:47 GMT
age: 75020
etag: "80519bb3726ee1f9f211344cd433cefaed3a7f2e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59eb1d88-9afd-445f-bf6b-f7edc71a4aff.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9492 bytes)
Hash
20e0cf109126f01b80e30c2d40549641
db5eb3144ed0ac478abdf10d270f43d9cc391bc8
7f6eed19068600b6276764a56214b719bf5ed441515dec178cb692f401d1fc46

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59eb1d88-9afd-445f-bf6b-f7edc71a4aff.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9492
x-amzn-requestid: 296aee48-493a-4ba5-9af8-52f8d670ecd6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDED-FpLIAMF8gQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6417807f-53a2b69421e6086f75a010eb;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:37:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: A_msbmDK7yDsLci6N5voskxrgEqcTXYXNYtccHHjPipABoK4VZMZzA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 b618c0f73dc30c968057784ed0185d7a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Mar 2023 21:37:03 GMT
etag: "db5eb3144ed0ac478abdf10d270f43d9cc391bc8"
content-type: image/jpeg
age: 22684
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5aa7e338-78f3-4b23-ba48-fdcaa290e5d2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.1 kB (7141 bytes)
Hash
84cdc7c4fbca72df6fb4a3672f284b85
6e0f64e9760db6a0270492f79fc93de244708c90
15c7975ad724ff226415225d46a9838ea40bca9fc8d5709bc3097bc8ded2c271

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5aa7e338-78f3-4b23-ba48-fdcaa290e5d2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7141
x-amzn-requestid: 3b661da1-49ae-4c2b-a971-6c690578674b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDEFrHpOIAMFsFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6417808a-70f2ffed0fe3d85f5d75a19d;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: kqVbodW0-hjY9VXiEqhgrHmR7TlkOe4iyrnxRweqjwY1Qf9JqMvo8g==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 1d0860167e2100a6d1cd9c0213c2b8e8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Mar 2023 22:15:42 GMT
age: 20365
etag: "6e0f64e9760db6a0270492f79fc93de244708c90"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.r2m01.amazontrust.com/

54.230.80.227

200 OK

471 B

URL HTTP/1.1
ocsp.r2m01.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
9bee233a6db92158cdea8ef9b0b2df67
b0327308bc30aa34a06654eae29c45b8277e88bb
a4ede9f3843dea53565460710601077dfe1eb564544cecd338b27f8c366d0c4e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=93766
Date: Mon, 20 Mar 2023 03:55:07 GMT
Etag: "641699f0-1d7"
Expires: Tue, 21 Mar 2023 05:57:53 GMT
Last-Modified: Sun, 19 Mar 2023 05:13:20 GMT
Server: ECAcc (nya/1C5E)
X-Cache: Miss from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: CYuv7Ub8uypxARdP-Q2RF3ZkCWEH3TohaoQ993O2XjdzXUdOlZ39Zg==
Age: 2673

34.120.237.76

200 OK

5.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0c284f4-6dbe-4d54-839d-1747301852b2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5939 bytes)
Hash
ea47feee1895f6c6cb45f906381625e2
46da69d0b7dcfa6a0a0a021a963bccdb1070e297
29c5e7ec1337abf050e6d2cd566e0dedbd817ac56a57d4caaa6f92e9c922ded4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0c284f4-6dbe-4d54-839d-1747301852b2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5939
x-amzn-requestid: 3565af03-7d71-4311-9107-c29671636d36
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B9xg1F2zoAMF_FA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641562d1-2f5d0c187406d2d208660a43;Sampled=0
x-amzn-remapped-date: Sat, 18 Mar 2023 07:05:53 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: KqeonLJRyrEhDoTVrot_v8NbFMRjSxmZGWAyWeixNrQxFR5k5lVodQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 0ec9ddba08fcd99386924593dbdbd44a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Mar 2023 07:38:35 GMT
age: 72992
etag: "46da69d0b7dcfa6a0a0a021a963bccdb1070e297"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c02b9c1-0ea5-472c-95e9-5fcd5cf9d11d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7714 bytes)
Hash
08f2d83ce4f0d9158f2414065924955d
76d9b0d87b9ad6f6b5ec225d46eb04154cf113c5
9d11c0726d38515d1f847423ccccbb7b06b14c65e6776741d30d5f4b5bd9cc39

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c02b9c1-0ea5-472c-95e9-5fcd5cf9d11d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7714
x-amzn-requestid: 3c48be36-11d4-4e6d-a376-b73f5836ccaa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDDUuEcXIAMFbUg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64177f51-15606b16594e67e74234c992;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:32:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: EZb5UlE1ggV28LSzY0AauVJaJ69-EuzM9aUSJA-unn2Ys3sQpTNTBg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 82c2ab57bc9900898383f6b70681b9e6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Mar 2023 21:44:17 GMT
age: 22250
etag: "76d9b0d87b9ad6f6b5ec225d46eb04154cf113c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ec.editmysite.com/com.snowplowanalytics.snowplow/tp2

50.112.171.161

200 OK

0 B

URL HTTP/2
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP
50.112.171.161:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://britishtelecommunications45267.weebly.com/
Origin: https://britishtelecommunications45267.weebly.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 20 Mar 2023 03:55:07 GMT
content-length: 0
server: nginx
access-control-allow-origin: https://britishtelecommunications45267.weebly.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 600
X-Firefox-Spdy: h2

ec.editmysite.com/com.snowplowanalytics.snowplow/tp2

50.112.171.161

200 OK

2 B

URL HTTP/2
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP
50.112.171.161:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

HTTP Headers

POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1812
Origin: https://britishtelecommunications45267.weebly.com
Connection: keep-alive
Referer: https://britishtelecommunications45267.weebly.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 20 Mar 2023 03:55:07 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=b5d4c123-61d9-4895-b23a-def8bae32695; Expires=Tue, 19 Mar 2024 03:55:07 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://britishtelecommunications45267.weebly.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js

142.250.74.42

200 OK

0 B

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
IP
142.250.74.42:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /ajax/libs/jquery/1.8.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://britishtelecommunications45267.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33593
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 15 Mar 2023 13:08:21 GMT
expires: Thu, 14 Mar 2024 13:08:21 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 398805
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (28)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML