Report - att-103616-106404.square.site/

Report Overview

Submitted URL
att-103616-106404.square.site/
IP
74.115.51.5
ASN
#27647 WEEBLY
Submitted
2024-04-25 16:57:25
Access
public
Website Title
404 - Page Not Found
Final URL
att-103616-106404.square.site/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
att-103616-106404.square.site	unknown	unknown	No data	No data	3.2 kB	3.3 kB	74.115.51.5

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-25	medium	att-103616-106404.square.site/	AT&T Inc.
2024-04-25	medium	att-103616-106404.square.site/	AT&T Inc.

PhishTank

Scan Date	Severity	Indicator	Alert
2024-04-25	medium	att-103616-106404.square.site/	Other
2024-04-25	medium	att-103616-106404.square.site/favicon.ico	Other

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (2)

URL IP Response Size

att-103616-106404.square.site/

74.115.51.5

302 Found

394 B

URL User Request GET HTTP/1.1
att-103616-106404.square.site/
IP
74.115.51.5:80
ASN
#27647 WEEBLY

File type
HTML document, ASCII text
Size
394 B (394 bytes)
Hash
766613dd924e15097912eeb829c6a113
c7e979f970dd04fca1f627d4c993ef08f48612d0
e296f8845d67cbc04ad8e0e68dedb89aee2ba789628fca156caeb0f04dc5f714

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	AT&T Inc.
PhishTank	phishing	Other

HTTP Headers

GET / HTTP/1.1
Host: att-103616-106404.square.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: publishedsite-xsrf=eyJpdiI6Im9IZTV4cDVKK3dzNThiVGtJK0NBQlE9PSIsInZhbHVlIjoibnJiTXBHS3piS1hMNHdoeWNIZDNTSHVQTlRMT09GTTVvaXgwVVdQZVVjc3pNWDJDenFCaWRUY1ZLZEJIZHd6MTJNOThCSnNtUTVDTCt5NTlWcndmVFZkbDZKMW5pbzFmZmVOTys1bmJZelIybzFlc1dic1VIZ0xnUTZMNE1McXIiLCJtYWMiOiI1MmNhZjUwZmJmOGJiM2I5MjIzZmM2NGVmZDdmMGJhZjcwMjZlOWM2YzUwZDA0NGY2ZmZiYzBlYjRiZmI1NmU3IiwidGFnIjoiIn0%3D; XSRF-TOKEN=eyJpdiI6IlpxTzF4SlcycnZoTmY5YWFOR3lmZ2c9PSIsInZhbHVlIjoidWVDbVA0US9qeUJlZHlDSjVxVUtCNmsyNkdtN1IxT1NiMW8xMkFRLzhaaWtvdE5mTkIvQnVtUmhFSTBzTzhNN3dFOUVuR3dIcTkyYUN6N0RWazNLTFp1NC82WnEvOGhjZzE1d0tRUjJOMWM1QTNVNUplZzJYSkE3d3JUckQxSWoiLCJtYWMiOiJjMGIyOTg2ZDY5NDFmM2RmZTE5OTE4ZDljYTBhMjQ1MDViNTVhZDI5NWQ2NDUxZjU3NmJmNDJiODk4MmQxYWM4IiwidGFnIjoiIn0%3D; PublishedSiteSession=eyJpdiI6IkZ1b3YxcXo0RDlJYmFjaXdaZWVTbVE9PSIsInZhbHVlIjoidERNYm5jdkVIY2M5YVRzOUFnZC9DSG1lbEQ1RHF3dmloay8ySG5ESFRUQ2c0bUFrQUpCZnNORnRvWXJyNGhscFIwaG9SQmlSSkRzZVp1TmJxOGlmWmJWUVJZaWRVVGNrdHRMMS9HN3hGdTFCMGZyNXBMTTZPMGJWbzUzTzN1c1UiLCJtYWMiOiJkMzlkMWZlNTI1NGQ0ZTc2NDY1MjMxOGQxZWViY2M1YTI1ZjAxNjVlNjVhNDU3ZmFiMjcyZDY0YWQ3OGM0MzQ1IiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Thu, 25 Apr 2024 16:57:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://att-103616-106404.square.site
CF-Ray: 879fdea63c151c06-OSL
CF-Cache-Status: DYNAMIC
Cache-Control: no-cache, private
X-Host: blu82.sf2p.intern.weebly.net
X-Request-ID: 8336b05d7d76eccb8ed5afae9dff3538
X-Revision: bbed425ad33677ed971fa0e46290776cd9bad534
Set-Cookie: publishedsite-xsrf=eyJpdiI6InZwMTlla2MrNXhUTkluS1liTWpEYmc9PSIsInZhbHVlIjoiWHNDNmpCVkJRenFUSmNVdld4OWZPdW9XTnhZbHQzcUlhN2xENHM3dXJDQkg3bU82V2dKRVhQZDI2WVc2VnNGRDl0YldwMTROVk90N3hCWklDdWJDcTJiMTlLcTIrWEYzQnJwVHNPbFh3eW1nNVdyRytrRDhqQksvU0o4SmxnNzUiLCJtYWMiOiJkNTc2NzFiODllZGYxYmNlM2Y2ZGRhYjIyNjgzYTc2OGM0YjUxZmFlZjQzZmZhZmIxMjVkMTVkZmIzNWY3YzkxIiwidGFnIjoiIn0%3D; expires=Thu, 09-May-2024 16:57:02 GMT; Max-Age=1209600; path=/; samesite=lax
XSRF-TOKEN=eyJpdiI6Ik5Gc3VhamtNUFcwZG1YUFU3SWVwZEE9PSIsInZhbHVlIjoic2VLb2cvcEpmbkhaYk9ES25Ic05LY2k5RDZUdFF2VExOV3pITk5PM09ndmhySDVIcWNja0JaU0tSc0FGYzgvS2RnNlkvRmIzMUxWaFoxazVNd1RWZXROeXh4SHNPd1U1czdLdXVqR2VJVmZVbVlXYnpURVBaVUhVWHNadkdROVUiLCJtYWMiOiIyZjQwMDk4NTVlYmY4Nzk5MmE5MWJiZjM1YTM5NGQ3YmE4NjllNmE2MjI0MzI3Nzg2OWFkNDI1NzA1ZmE0ZmE3IiwidGFnIjoiIn0%3D; expires=Thu, 09-May-2024 16:57:02 GMT; Max-Age=1209600; path=/; samesite=lax
PublishedSiteSession=eyJpdiI6IjVDVzZBMXFsMzBweHptQ3VWNHF5Rnc9PSIsInZhbHVlIjoiOHZGaTFiTU11REVBQXBsS3JIOHNUVENqRXd3QkRsaU1RL0JqbVFWNmFlZ2RxSXNlMDR6ODJpKzdIbFU1bzdldDBSVmhNQVlncW5rK0c3TzNkaFRFcmxCUVg3TFBiN2hXQWxvTWFUUkorcThuVEkxcjVrRU9PTzl3eU9uWEdpMzciLCJtYWMiOiI0OGFiNWQ2MTNjNjg5MjhlMTIyODU2ODljNTU0ODYyMzIxNmMxNzYxOWM5Mzc5ZjUzYjdlYTYwNjE3MGZmODUzIiwidGFnIjoiIn0%3D; expires=Thu, 09-May-2024 16:57:02 GMT; Max-Age=1209600; path=/; httponly; samesite=lax
__cf_bm=KxgH4z4FM6l4i5fysPmzqCl7qIzt4SybqJhWdBXlUA0-1714064222-1.0.1.1-qqGo6th3BC9V_Fpk.kAJaEGngOHQucmVWkjnmErQo0epYfGiyhgLySxn4dTJ6UVO.QEHpzxIxXI9q.4T_BWaWQ; path=/; expires=Thu, 25-Apr-24 17:27:02 GMT; domain=.square.site; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare

att-103616-106404.square.site/favicon.ico

74.115.51.5

200 OK

1 B

URL GET HTTP/2
att-103616-106404.square.site/favicon.ico
IP
74.115.51.5:443
ASN
#27647 WEEBLY

Requested by
https://att-103616-106404.square.site/
Certificate
IssuerLet's Encrypt
Subjectsquare.site
Fingerprint52:97:AC:6B:DF:39:22:E7:27:37:98:58:0F:73:67:A2:E1:35:05:34
ValidityMon, 01 Apr 2024 00:25:07 GMT - Sun, 30 Jun 2024 00:25:06 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	AT&T Inc.
PhishTank	phishing	Other

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: att-103616-106404.square.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://att-103616-106404.square.site/
Cookie: publishedsite-xsrf=eyJpdiI6Im1MTUxrbjc4Q1BqUVhXQ2U4YUFTbUE9PSIsInZhbHVlIjoiaG9JTEY4RUx1bklPaWFmUEs1azlFcml5Sm1TOWhlMjEzUDZOSHoxZm1HMEdOTk9qL2FKdWdYM2dwdmFCa2ZHRVVZeXNuT01neGphcHdTdlRPMzB4TnlGU3VjaDhSUk4yMU9ram5HdCtBWjFVM1FCZXRCUjhkM2h5KzlPcEpZR0QiLCJtYWMiOiI3YTY4ZWQ1ZTIyMTlmNDVhMTAwZDJlNTE1ZWY0N2NjN2YyYWE3NThlZjhiYTg5ODAyYTEyYzQ4ODM4NmMwNWY0IiwidGFnIjoiIn0%3D; XSRF-TOKEN=eyJpdiI6ImtQSURzRjNzaXdCRGpIMlJUY2RtQmc9PSIsInZhbHVlIjoidHU2N0syM3g3bnlpVUpJZDhDd0p6dmNTZE4vNnUvOHdsNFVuYURPYUxib3NWRVk0S3pQa3AreDVxdXZyWEZJZmhoL3UrclVhcW0vWjl3aHBmQS9vOFVtM3F3dm1wTFZlclp0M0RocnlXWk5FUDh0UDJwT0tUVzZtSFZOaDVrUWciLCJtYWMiOiJkZTE0MjI1ZTg2Y2I1ZTY2ODI5ZDc1OTcyOWQwYjIyMjVhNTU2ZmQyNTE5OWY1YWUyMzgxMDZiYzQzMWNlMDk5IiwidGFnIjoiIn0%3D; PublishedSiteSession=eyJpdiI6IjkrWUs4YTg4UkxRUDZHOUkvemlDUWc9PSIsInZhbHVlIjoiKy83RUZiM1pwQmlRSlFXRHpOQ3ZzZWh3S2tJeU1vNUFad0R3aDQ5cXdvRk9MRVNQeGxXY01rRnpxQW9JSDQxanR0U1czM0NaWnBYMTFsZUZpRDlvVVRicm04Wjg5bkNWQ0dFMHRORjM4NGJPbDRmblhkUlJ6NkJseEdqZTlMbUIiLCJtYWMiOiI2NGRjMTcwZDVkYmE3YTE1Y2Y3ZDEyZmY1ZDk5MjY3ZTViNTY5MWI4ODc1OWI3ZDlmN2EzNmZmMDExODU0NDhmIiwidGFnIjoiIn0%3D; __cf_bm=u8YhnsHwKUvpH2IOQ4nE9.4gO84wHG_DkXwOV7Vyuto-1714064221-1.0.1.1-xFd2fdDSmqItnrU4Yl1uBW5hnQnNx_5pz1oj5d6s1KmNIu5MEcGLLXaZwGVggDSRslC4076_MxnF8tvOLbsk2w
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 25 Apr 2024 16:57:02 GMT
content-type: application/octet-stream
content-length: 1
cf-ray: 879fdeaf2a430b41-OSL
cf-cache-status: DYNAMIC
accept-ranges: bytes
cache-control: max-age=315360000
etag: "93b885adfe0da089cdf634904fd59f71"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 14 Apr 2020 20:17:36 GMT
x-amz-meta-s3cmd-attrs: atime:1586895392/ctime:1586718963/gid:0/gname:root/md5:93b885adfe0da089cdf634904fd59f71/mode:33188/mtime:1586718963/uid:0/uname:root
x-amz-request-id: tx000002c505bc9ee339724-0065d8548c-e9549c7-sfo1
x-host: grn45.sf2p.intern.weebly.net
x-request-id: 96f475c1c30adcacf0f74a9a6d70b09f
x-revision: bbed425ad33677ed971fa0e46290776cd9bad534
x-rgw-object-type: Normal
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (2)

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers