Report - con-fidentialdocs12.weebly.com/

Report Overview

Visited public
2023-12-06 16:51:55
Tags
URL
con-fidentialdocs12.weebly.com/
Finishing URL
con-fidentialdocs12.weebly.com/
IP / ASN
199.34.228.53
#27647 WEEBLY
Title
File Docs - File Doc

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-12-06 07:08:39	1.5 kB	200 kB	142.250.74.106
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-12-06 07:50:48	1.7 kB	78 kB	216.58.207.227
www.google.com	7	1997-09-15	2015-05-10 13:11:19	2023-11-19 18:48:38	448 B	5.3 kB	142.250.74.164
www.gstatic.com	unknown	2008-02-11	2016-07-26 11:37:06	2023-12-06 07:25:37	524 B	477 kB	142.250.74.35
con-fidentialdocs12.weebly.com	unknown	unknown	No data	No data	6.9 kB	73 kB	199.34.228.53
cdn2.editmysite.com	11564	1999-09-10	2012-10-02 20:27:39	2023-12-05 16:50:26	5.2 kB	450 kB	151.101.65.46
ajax.googleapis.com	12905	2005-01-25	2013-08-16 11:51:31	2023-12-06 08:09:09	457 B	95 kB	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-12-06	medium	con-fidentialdocs12.weebly.com/	Microsoft OneDrive
2023-12-06	medium	con-fidentialdocs12.weebly.com/	Microsoft OneDrive
2023-12-06	medium	con-fidentialdocs12.weebly.com/	Microsoft OneDrive
2023-12-06	medium	con-fidentialdocs12.weebly.com/	Microsoft OneDrive
2023-12-06	medium	con-fidentialdocs12.weebly.com/	Microsoft OneDrive
2023-12-06	medium	con-fidentialdocs12.weebly.com/	Microsoft OneDrive
2023-12-06	medium	con-fidentialdocs12.weebly.com/	Microsoft OneDrive
2023-12-06	medium	con-fidentialdocs12.weebly.com/	Microsoft OneDrive
2023-12-06	medium	con-fidentialdocs12.weebly.com/	Microsoft OneDrive
2023-12-06	medium	con-fidentialdocs12.weebly.com/	Microsoft OneDrive

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (38)

	URL	From	Size	First Seen	Last Seen
	con-fidentialdocs12.weebly.com/files/theme/jquery.revealer.js?1656323120	ScriptElement	2.8 kB	2023-03-07	2025-05-07
Pretty URL con-fidentialdocs12.weebly.com/files/theme/jquery.revealer.js?1656323120 IP 199.34.228.54 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31 Last Seen2025-05-07 00:34 Times Seen3387 Hash c22ab67199a33d876512504cda4ff55b 36e96eae4644b6028532974fe5186a072792cb37 c4cd233d3d6b0f184e99d5017e521b4c6f9106d3e546864a8ba516189b934311 Loading...

	con-fidentialdocs12.weebly.com/	ScriptElement	117 B	2023-03-07	2025-05-07
Pretty URL con-fidentialdocs12.weebly.com/ IP 199.34.228.53 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-05-07 21:47 Times Seen7489 Hash ef142665f07ac27f698aa34d471c4439 b9e0d81f97054a9a0a68f57096d992ba58f33184 fbfd3b11452dce82b76e405100aece37dcfe12df4c71fb8f2bc2fe2166e9f07f Loading...

	unknown	Function	636 B	2023-04-11	2025-05-08
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:38 Last Seen2025-05-08 21:37 Times Seen32468 Hash a59aaa8925f1d6db41fb89bb017255c0 07ab4c2f735e6116f0fd5009b8c758ec2e772334 0044c6e874feb009378c626cd206b98f114070caf5b3c4ca1e3cec6923756466 Loading...

	con-fidentialdocs12.weebly.com/sandbox%20eval%20code		148 B	2023-04-11	2025-05-09
Pretty URL con-fidentialdocs12.weebly.com/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:38 Last Seen2025-05-09 04:25 Times Seen24807 Hash 64fe6fe97a487c82c5be70158b71aa87 b93ba17d1796e404b0ca1ef6f262bbbb0c427366 3ec8a12103cf9c2e91b9be1329d1e9f1c53043e38a641070650d1b8d07dbbcd2 Loading...

	cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1656093173&	ScriptElement	182 kB	2023-11-05	2024-08-20
Pretty URL cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1656093173& IP 151.101.65.46 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-05 12:49 Last Seen2024-08-20 20:49 Times Seen409 Hash 5925dea9d02b39d0e66e7ccc20371e80 79723f4fdf3c06cbc6a7b44fcc78cb1de7793be0 3b7805a3f0e4750ab90d4c40f0d1efdf11c5deb485ef9ed12b9c89b000f87f82 Loading...

	con-fidentialdocs12.weebly.com/files/theme/jquery.trend.js?1656323120	ScriptElement	3.8 kB	2023-03-07	2025-05-07
Pretty URL con-fidentialdocs12.weebly.com/files/theme/jquery.trend.js?1656323120 IP 199.34.228.54 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31 Last Seen2025-05-07 00:34 Times Seen3387 Hash 4beccebe0a060b2b2c43de5c2d4512ef 250a779dd017877b9f360b264cf072d9e87974ff 446f48f512ecc0b771af3c21a3036de3a1c5740d1e6bdbb61448834326d0c738 Loading...

	con-fidentialdocs12.weebly.com/files/theme/custom-1.js?1656323120	ScriptElement	16 kB	2023-03-07	2025-05-05
Pretty URL con-fidentialdocs12.weebly.com/files/theme/custom-1.js?1656323120 IP 199.34.228.54 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09 Last Seen2025-05-05 17:41 Times Seen2922 Hash 214dde43cebf15418cdcc76f9677ee46 6e93acebfa271d3fce9626034d03f942d3b628a8 cfbf67a85c039719090cff2c4718de99203b1ced78cfb8fae5f7240d2f1570b7 Loading...

	con-fidentialdocs12.weebly.com/	ScriptElement	1.8 kB	2023-03-07	2025-05-07
Pretty URL con-fidentialdocs12.weebly.com/ IP 199.34.228.53 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-05-07 21:47 Times Seen7470 Hash 563cec0ace2baea4e867b491f66cd6b0 fc4451f8fa76c5d1e3714e9008510633cffaa4f7 e4538493fc4f43f93806d0239acac9b38b0453c8440dc5ba4fcb47eae6ab2556 Loading...

	con-fidentialdocs12.weebly.com/	ScriptElement	66 B	2024-08-20	2024-08-20
Pretty URL con-fidentialdocs12.weebly.com/ IP 199.34.228.53 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:34 Last Seen2024-08-20 16:34 Times Seen1 Hash d696e269875743bad8109bc5dedfa98f 7a6f792c3da2439fb5bda0887ca295a0fd139b2a 851d1cb5113496209ac6833c312a9828edd4bee63f5b98dbf2d02a1c9253c060 Loading...

	con-fidentialdocs12.weebly.com/	ScriptElement	266 B	2024-08-20	2024-08-20
Pretty URL con-fidentialdocs12.weebly.com/ IP 199.34.228.53 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:34 Last Seen2024-08-20 16:34 Times Seen1 Hash 8dc6108b733522d3b5ac2468e4a59487 a2aeb218aecbbb8b72d0e84541265176ae32e9b8 b2eba3cb28be24cfe620cdf9cdd32afcf2f554238e863861bbfcf51198369fd2 Loading...

	unknown	Function	496 B	2023-04-11	2025-05-08
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:38 Last Seen2025-05-08 21:37 Times Seen32466 Hash c1db72e213146c75189f4b6a82fc7f3c 3867c5fecc075a70965a96c23c59e7351b6da0d6 4d286bfbd53979af2cd45d0286d0400b8ae4da5f06b116dcc30db452b71481c1 Loading...

	www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js	ScriptElement	476 kB	2023-11-14	2024-08-20
Pretty URL www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-14 09:02 Last Seen2024-08-20 19:39 Times Seen12206 Hash 23b9dd721490a4062ba8d01454ef6ba9 efdbb7331585411f7d397dacbf51fd3e95f3031d 4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7 Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js	ScriptElement	94 kB	2023-03-07	2025-05-08
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js IP 142.250.74.106 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-08 22:28 Times Seen13901 Hash 3576a6e73c9dccdbbc4a2cf8ff544ad7 06e872300088b9ba8a08427d28ed0efcdf9c6ff5 61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf Loading...

	con-fidentialdocs12.weebly.com/	ScriptElement	35 B	2023-03-07	2025-05-07
Pretty URL con-fidentialdocs12.weebly.com/ IP 199.34.228.53 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-05-07 21:47 Times Seen7515 Hash 13385ea3f3e6184de3bfa80f08fe938b 6f859a2fd4b7e15ed74990516d97a52e7b4eeb20 5e87d85ec57af5d97b6c0d4c6e766afd2b53d077102827d19625a37d8cd11c2d Loading...

	con-fidentialdocs12.weebly.com/	ScriptElement	32 B	2023-03-07	2025-05-07
Pretty URL con-fidentialdocs12.weebly.com/ IP 199.34.228.53 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-05-07 21:47 Times Seen7524 Hash 1bca01edca83d94091a2bb38d7ef8183 d05117e4ab3b3461be3855e95813a5c607e3ca95 fcf1cbf5cfad6d605868f42d38a0a937f5e6eaa91b05dcfbbbc95e4c3e23e528 Loading...

	unknown	Function	804 B	2023-04-11	2025-05-08
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:38 Last Seen2025-05-08 21:37 Times Seen32465 Hash 05875b1ff70334890bde3d10abb7285c f92d9ebd14575493e8bcc646a4e3c51049c938c3 473ddf16120d811a56d372dfc3bacb4e5dee2e244d4a5760e32ab16a1a1ca839 Loading...

	con-fidentialdocs12.weebly.com/files/theme/MutationObserver.js	ScriptElement	25 kB	2023-03-07	2025-05-05
Pretty URL con-fidentialdocs12.weebly.com/files/theme/MutationObserver.js IP 199.34.228.53 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:32 Last Seen2025-05-05 17:41 Times Seen3204 Hash e52201e96af18dd02c85eb627c843491 5bcdd1480b9bebcddb0d82083bdf03a7435d59a1 397452d9f6a2ea6a2135b45c9e40139c68ac6661f3bab4413e7299586ccb408a Loading...

	cdn2.editmysite.com/js/site/main.js?buildTime=1656093173	ScriptElement	477 kB	2023-06-07	2024-08-21
Pretty URL cdn2.editmysite.com/js/site/main.js?buildTime=1656093173 IP 151.101.65.46 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-07 01:20 Last Seen2024-08-21 09:41 Times Seen2506 Hash 0de029f7ed3fd4cbfdcef31b834138e3 224512b5c840e885cd0732822af53301681ec799 593fec175b00a1f118f77bb8ed378e857e9f1225f0fc019fcea508b27da53cf0 Loading...

	ssl.google-analytics.com/ga.js	ScriptElement	3.4 kB	0001-01-01	2025-05-09
Pretty URL ssl.google-analytics.com/ga.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-05-09 04:25 Times Seen24797 Hash b6f6d7efd99960ab916ee096e061f2e7 e21f1b5b99444ed4e4f62308cf616edd93ee852e bbb1ca9c206e0ed72478ea72f3ca038cf739fd540d5d1c2da19620c942e4c4f4 Loading...

	con-fidentialdocs12.weebly.com/	ScriptElement	22 B	2023-03-07	2025-05-07
Pretty URL con-fidentialdocs12.weebly.com/ IP 199.34.228.53 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-05-07 21:47 Times Seen5841 Hash 9a33cbad7c996ea8903a3eb3332a125c 8efed109b301f8aa0f3768dcd824d669d0129741 5d3b8f4578ca89904a46d014a8433346ca2773e8691f6cc9d09b2b30f0802dbc Loading...

	con-fidentialdocs12.weebly.com/	ScriptElement	62 B	2023-03-07	2025-05-07
Pretty URL con-fidentialdocs12.weebly.com/ IP 199.34.228.53 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-05-07 21:47 Times Seen7472 Hash 461bd236ddeca3b8b6e3cca8599ccb43 73c74d3281452e483c11f944d798738afc7f5b89 aebd4ac1ead5b4987d8b975cafa889ca1a6831175bc206ca9552863e390bc0f1 Loading...

	con-fidentialdocs12.weebly.com/files/theme/jquery.pxuMenu.js?1656323120	ScriptElement	3.7 kB	2023-03-07	2025-05-05
Pretty URL con-fidentialdocs12.weebly.com/files/theme/jquery.pxuMenu.js?1656323120 IP 199.34.228.54 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:32 Last Seen2025-05-05 17:41 Times Seen3200 Hash ac373d716afe4270df40f60417b0f418 aba148148c771bb66b0b4aeab6eac8eb40352745 f75570c56743e8c705cb06f5f1f9b1f8f2cc13119f5e2acda2f3bb8d987de94a Loading...

	cdn2.editmysite.com/js/wsnbn/snowday262.js	ScriptElement	75 kB	0001-01-01	2025-05-07
Pretty URL cdn2.editmysite.com/js/wsnbn/snowday262.js IP 151.101.65.46 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-05-07 21:47 Times Seen31808 Hash 99bbe560926e583b8e99036251deb783 8d81b73ae06f664f9d9e53dd5829a799bf434491 648e766bf519673f9a90cc336cbecede80dcbe3419b43d36ecbb25d88f5584a3 Loading...

	www.google.com/recaptcha/api.js?_=1701881503199	ScriptElement	850 B	2023-11-14	2024-08-20
Pretty URL www.google.com/recaptcha/api.js?_=1701881503199 IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-14 09:30 Last Seen2024-08-20 19:39 Times Seen3579 Hash 57e10dcd72dd2953878092014eae522b 95ba7e48825c26c5d9395ef2edb73e790bce6fa7 c7b54326365940d062bce26ed41579eebcb4946a86ba280790b603926692bd59 Loading...

	con-fidentialdocs12.weebly.com/	ScriptElement	6.1 kB	2024-08-20	2024-08-20
Pretty URL con-fidentialdocs12.weebly.com/ IP 199.34.228.53 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:34 Last Seen2024-08-20 16:34 Times Seen1 Hash 23c49754622ea59bcf974346b5d5d2c7 2905188d419fb314a1fbdcb0eaadea6b7cdf28e0 7b3745d353cacf66f090b26941a3547c7549d8e82263106179028deffb9ef3c5 Loading...

	con-fidentialdocs12.weebly.com/files/theme/plugins.js?1656323120	ScriptElement	68 kB	2023-03-07	2025-05-06
Pretty URL con-fidentialdocs12.weebly.com/files/theme/plugins.js?1656323120 IP 199.34.228.54 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06 Last Seen2025-05-06 14:39 Times Seen4176 Hash 2b8d85f1ea01d2c3e8b962eac8d76a5c 936987a7e08daa4a916c77d86937edee42d657da b6353ca52760aba4e7547ae9861db68158dc2af0f4febece55e5c775ee4449f5 Loading...

	cdn2.editmysite.com/js/site/footerSignup.js?buildTime=1701878478	ScriptElement	3.6 kB	2023-03-07	2025-05-07
Pretty URL cdn2.editmysite.com/js/site/footerSignup.js?buildTime=1701878478 IP 151.101.65.46 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-07 18:44 Times Seen6472 Hash 40b81b2d52ba9d2e2c64c31ff6a24cd7 6b5689250661646ecbb841f2475f1556a113373c e06baca13f25df9c7d684fc1b1fdfbbbb95070a1d5a9cd648632da7bccc90b96 Loading...

	con-fidentialdocs12.weebly.com/	ScriptElement	263 B	2024-08-20	2024-08-20
Pretty URL con-fidentialdocs12.weebly.com/ IP 199.34.228.53 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:34 Last Seen2024-08-20 16:34 Times Seen1 Hash 0f3bc071537fc0862a82f9503b67ad56 6d27a7ea7da1cc5a85b13271843c97175d460820 aad6cacaf40add056eceb3bb09787d6e5d49c6b9a7ef690fc5f40045b1fbe903 Loading...

	con-fidentialdocs12.weebly.com/	ScriptElement	123 B	2023-03-07	2025-04-12
Pretty URL con-fidentialdocs12.weebly.com/ IP 199.34.228.53 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:24 Last Seen2025-04-12 17:27 Times Seen31 Hash 42154c0330bdc6b5337c792af92ad054 4d32fcb3992e5bb340f1f04ef6730f8b86eb5f98 3675aca46a5042aac3e4a849f96d1c6ed1b99c0c157dd8c4fa8779ad23ce6825 Loading...

	con-fidentialdocs12.weebly.com/	ScriptElement	664 B	2023-03-07	2025-05-07
Pretty URL con-fidentialdocs12.weebly.com/ IP 199.34.228.53 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-05-07 21:47 Times Seen7450 Hash fdd0b895b9cf69a9a4f4817533aa51f5 afc67ab62c3c91df626260407845fc41bf5d895e a50f8a487c23d76460681440220a85a28cdb09912ef451d59aa2b4f47c32aea0 Loading...

	unknown	Function	956 B	2023-04-11	2025-05-08
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:38 Last Seen2025-05-08 21:37 Times Seen32467 Hash 03846f9824e92f5e7d3f62e8713d47c6 213d679fcd16aea7b17f05a04f4c72cbfdaaae35 217d8cf03eb4f191f072659dce350b80bc23d97219a4b55dae7f1eb96cbf16fc Loading...

	con-fidentialdocs12.weebly.com/	ScriptElement	2.3 kB	2024-08-20	2024-08-20
Pretty URL con-fidentialdocs12.weebly.com/ IP 199.34.228.53 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:34 Last Seen2024-08-20 16:34 Times Seen1 Hash bcd16903284948317ea1ef9de6a6fca8 2d13f79d87c4195f8e24f07001eed2791fb4a517 0f9e72fda2cd1bff03fbcaf5bff6c6feb6f103a9b19fe10762c9b1d5414e3c0f Loading...

	con-fidentialdocs12.weebly.com/	ScriptElement	1.2 kB	0001-01-01	2025-05-07
Pretty URL con-fidentialdocs12.weebly.com/ IP 199.34.228.53 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-07 21:47 Times Seen7438 Hash 24449345e209b8641a813eaef44a5244 21617897e4d35717e2e41b766501fbd883a8f16d 3e72636c6cf854c8657ccbf9e03f7af05bd4836066c329417a4f8251bb5d18c1 Loading...

	cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1656093173	ScriptElement	534 kB	2023-06-05	2024-08-21
Pretty URL cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1656093173 IP 151.101.65.46 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-05 21:48 Last Seen2024-08-21 09:41 Times Seen1339 Hash 477945f3201c7b0c701a23b373cadb2a ac7582e7ab946ce51cb94431cb026ebe6dbce9c2 207ec261a8530654204ada78a03b0cc6c129c09bac87013c3a8bb3bedfe84be6 Loading...

	unknown	Function	1.1 kB	2023-04-11	2025-05-07
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:38 Last Seen2025-05-07 21:47 Times Seen32127 Hash fb1fa750e498ddf325936923cd0d356e b1ab9e64280aef735182b255db6fe273200412a8 3db13173dbd9eb042356058f38b5c9b76a30cf82ed9251c738d23eb6827502b1 Loading...

	unknown	Function	37 B	2023-04-11	2025-05-09
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:31 Last Seen2025-05-09 04:19 Times Seen263283 Hash 29d0c84b9d1d8da446a6062c6a840ad9 6d6b3a6065667c7c50d92f3889c85ed65a9ad784 3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1 Loading...

	con-fidentialdocs12.weebly.com/	ScriptElement	62 B	2023-03-07	2025-05-07
Pretty URL con-fidentialdocs12.weebly.com/ IP 199.34.228.53 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-05-07 18:44 Times Seen7222 Hash 1afa8234115c6f382672d91917a6fb26 e96957cb655865327588927ebc34d1ae376e9e64 45988af53e17c3bc8103bbe22bd47dd6d2d03d4a90c4116dc0621ab24ff87258 Loading...

	con-fidentialdocs12.weebly.com/	ScriptElement	957 B	2023-06-17	2025-05-07
Pretty URL con-fidentialdocs12.weebly.com/ IP 199.34.228.53 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-17 16:12 Last Seen2025-05-07 21:47 Times Seen7337 Hash 5e3e45aaa61bff7141726f86ef0f4cac 3f4d1d6f1eaa2d95f0765b7f0f49e9e60a7e56e8 bfce257e15e925e3be6e00aee1711a9e47d623dff36d8b14390572a77e46829a Loading...

HTTP Transactions (33)

URL IP Response Size

con-fidentialdocs12.weebly.com/

199.34.228.53

200 OK

7.9 kB

URL User Request GET HTTP/1.1
con-fidentialdocs12.weebly.com/
IP
199.34.228.53:443
ASN
#27647 WEEBLY

Certificate
IssuerDigiCert Inc
Subject*.weebly.com
Fingerprint84:B4:09:67:7F:E7:D1:9F:01:07:51:96:4A:72:30:17:A4:A3:94:E6
ValiditySat, 28 Oct 2023 00:00:00 GMT - Fri, 15 Nov 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2439), with CRLF, LF line terminators
Size
7.9 kB (7865 bytes)
Hash
6200170f9ca1ec7de8109012fb1eef56
4fc6d94c8aca78239219580fe4dfc781fcfffcf3
c37d32fd97e2419b84eba9219d93a3e73a73a6d0dea7727b1dfa9158bc3129c8

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Microsoft OneDrive

HTTP Headers

GET / HTTP/1.1
Host: con-fidentialdocs12.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 06 Dec 2023 16:51:35 GMT
Server: Apache
Vary: X-W-SSL,Accept-Encoding,User-Agent
Set-Cookie: is_mobile=0; path=/; domain=con-fidentialdocs12.weebly.com
language=en; expires=Wed, 20-Dec-2023 16:51:35 GMT; Max-Age=1209600; path=/
Cache-Control: private
ETag: W/"6200170f9ca1ec7de8109012fb1eef56-gzip"
Content-Encoding: gzip
X-Host: blu71.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 7865
Keep-Alive: timeout=10, max=65
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

cdn2.editmysite.com/js/site/footerSignup.js?buildTime=1701878478

151.101.65.46

200 OK

1.4 kB

URL GET HTTP/2
cdn2.editmysite.com/js/site/footerSignup.js?buildTime=1701878478
IP
151.101.65.46:443
ASN
#54113 FASTLY

Requested by
https://con-fidentialdocs12.weebly.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.editmysite.com
Fingerprint8D:09:E9:00:22:07:DC:77:D7:9F:B9:55:7D:0A:C1:8A:58:67:20:18
ValidityMon, 12 Jun 2023 23:15:31 GMT - Sat, 13 Jul 2024 23:15:30 GMT

File type
ASCII text, with very long lines (3600), with no line terminators
Size
1.4 kB (1372 bytes)
Hash
40b81b2d52ba9d2e2c64c31ff6a24cd7
6b5689250661646ecbb841f2475f1556a113373c
e06baca13f25df9c7d684fc1b1fdfbbbb95070a1d5a9cd648632da7bccc90b96

HTTP Headers

GET /js/site/footerSignup.js?buildTime=1701878478 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://con-fidentialdocs12.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Wed, 06 Dec 2023 15:26:38 GMT
etag: "657092ae-e10"
expires: Wed, 20 Dec 2023 16:03:38 GMT
cache-control: max-age=1209600
x-host: grn78.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 06 Dec 2023 16:51:35 GMT
age: 2877
x-served-by: cache-sjc1000137-SJC, cache-bma1632-BMA
x-cache: HIT, HIT
x-cache-hits: 56, 8
x-timer: S1701881496.998556,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1372
X-Firefox-Spdy: h2

cdn2.editmysite.com/images/site/footer/footer-toast-published-image-1.png

151.101.65.46

200 OK

9.7 kB

URL GET HTTP/2
cdn2.editmysite.com/images/site/footer/footer-toast-published-image-1.png
IP
151.101.65.46:443
ASN
#54113 FASTLY

Requested by
https://con-fidentialdocs12.weebly.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.editmysite.com
Fingerprint8D:09:E9:00:22:07:DC:77:D7:9F:B9:55:7D:0A:C1:8A:58:67:20:18
ValidityMon, 12 Jun 2023 23:15:31 GMT - Sat, 13 Jul 2024 23:15:30 GMT

File type
PNG image data, 199 x 97, 8-bit colormap, non-interlaced\012- data
Size
9.7 kB (9677 bytes)
Hash
6e0f7ad31bf187e0d88fc5787573ba71
14e8b85cc32a01c8901e4ac0160582d29a45e9e6
580ef6409e067a4ec4a427400c7d6216184869e2da53343df20753cc1f8a46cd

HTTP Headers

GET /images/site/footer/footer-toast-published-image-1.png HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://con-fidentialdocs12.weebly.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-guploader-uploadid: ADPycduBRDjRVf4aujFpQt8U1R0AZRrT0tvE8fm-z8w_U2xex-GMjAJYQnABttdWeDPxN6Xmm0qeYmzq9wQe4BBub96qvpXffxjW
cache-control: public, max-age=86400, s-maxage=259200
expires: Fri, 01 Sep 2023 02:23:15 GMT
last-modified: Tue, 12 Feb 2019 18:19:08 GMT
etag: "6e0f7ad31bf187e0d88fc5787573ba71"
x-goog-generation: 1549995548326466
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 9677
content-type: image/png
x-goog-hash: crc32c=QhrKCw==, md5=bg960xvxh+DYj8V4dXO6cQ==
x-goog-storage-class: STANDARD
server: UploadServer
accept-ranges: bytes
date: Wed, 06 Dec 2023 16:51:35 GMT
via: 1.1 varnish
age: 51183
x-served-by: cache-bma1632-BMA
x-cache: HIT
x-cache-hits: 186
x-timer: S1701881496.999307,VS0,VE0
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 9677
X-Firefox-Spdy: h2

cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1656093173&

151.101.65.46

200 OK

33 kB

URL GET HTTP/3
cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1656093173&
IP
151.101.65.46:443
ASN
#54113 FASTLY

Requested by
https://con-fidentialdocs12.weebly.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.editmysite.com
Fingerprint8D:09:E9:00:22:07:DC:77:D7:9F:B9:55:7D:0A:C1:8A:58:67:20:18
ValidityMon, 12 Jun 2023 23:15:31 GMT - Sat, 13 Jul 2024 23:15:30 GMT

File type
ASCII text, with very long lines (65024)
Size
33 kB (33107 bytes)
Hash
5925dea9d02b39d0e66e7ccc20371e80
79723f4fdf3c06cbc6a7b44fcc78cb1de7793be0
3b7805a3f0e4750ab90d4c40f0d1efdf11c5deb485ef9ed12b9c89b000f87f82

HTTP Headers

GET /js/lang/en/stl.js?buildTime=1656093173& HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://con-fidentialdocs12.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Wed, 22 Nov 2023 22:52:59 GMT
etag: "655e864b-2c90e"
expires: Sat, 09 Dec 2023 03:01:23 GMT
cache-control: max-age=1209600
x-host: grn136.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 06 Dec 2023 16:51:36 GMT
age: 1000212
x-served-by: cache-sjc10035-SJC, cache-bma1632-BMA
x-cache: HIT, HIT
x-cache-hits: 502, 1
x-timer: S1701881496.004637,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 33107
X-Firefox-Spdy: h2

cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1656093173

151.101.65.46

200 OK

159 kB

URL GET HTTP/2
cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1656093173
IP
151.101.65.46:443
ASN
#54113 FASTLY

Requested by
https://con-fidentialdocs12.weebly.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.editmysite.com
Fingerprint8D:09:E9:00:22:07:DC:77:D7:9F:B9:55:7D:0A:C1:8A:58:67:20:18
ValidityMon, 12 Jun 2023 23:15:31 GMT - Sat, 13 Jul 2024 23:15:30 GMT

File type
ASCII text, with very long lines (32029)
Size
159 kB (159104 bytes)
Hash
477945f3201c7b0c701a23b373cadb2a
ac7582e7ab946ce51cb94431cb026ebe6dbce9c2
207ec261a8530654204ada78a03b0cc6c129c09bac87013c3a8bb3bedfe84be6

HTTP Headers

GET /js/site/main-customer-accounts-site.js?buildTime=1656093173 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://con-fidentialdocs12.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Wed, 29 Nov 2023 00:57:12 GMT
etag: "65668c68-826d7"
expires: Wed, 13 Dec 2023 08:44:56 GMT
cache-control: max-age=1209600
x-host: blu153.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 06 Dec 2023 16:51:36 GMT
age: 633999
x-served-by: cache-sjc1000110-SJC, cache-bma1632-BMA
x-cache: HIT, HIT
x-cache-hits: 121, 1
x-timer: S1701881496.998781,VS0,VE2
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 159104
X-Firefox-Spdy: h2

cdn2.editmysite.com/css/social-icons.css?buildtime=1656093173

151.101.65.46

200 OK

1.6 kB

URL GET HTTP/2
cdn2.editmysite.com/css/social-icons.css?buildtime=1656093173
IP
151.101.65.46:443
ASN
#54113 FASTLY

Requested by
https://con-fidentialdocs12.weebly.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.editmysite.com
Fingerprint8D:09:E9:00:22:07:DC:77:D7:9F:B9:55:7D:0A:C1:8A:58:67:20:18
ValidityMon, 12 Jun 2023 23:15:31 GMT - Sat, 13 Jul 2024 23:15:30 GMT

File type
ASCII text, with very long lines (13080)
Size
1.6 kB (1640 bytes)
Hash
7b0a49a5f45c5bd69dd5aecf253d3b1c
2bfd9ce331c46b5b1fd170325a44bf217c56cba5
0cfbd18a308599498691e5c5bcea11d5826b7d039388de71f6c6760797a78037

HTTP Headers

GET /css/social-icons.css?buildtime=1656093173 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://con-fidentialdocs12.weebly.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Wed, 22 Nov 2023 22:54:09 GMT
etag: W/"655e8691-3319"
expires: Sat, 09 Dec 2023 13:33:21 GMT
cache-control: max-age=1209600
x-host: blu101.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 06 Dec 2023 16:51:36 GMT
age: 962294
x-served-by: cache-sjc10028-SJC, cache-bma1632-BMA
x-cache: HIT, HIT
x-cache-hits: 159, 1
x-timer: S1701881496.012070,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1640
X-Firefox-Spdy: h2

cdn2.editmysite.com/css/sites.css?buildTime=1656093173

151.101.65.46

200 OK

30 kB

URL GET HTTP/2
cdn2.editmysite.com/css/sites.css?buildTime=1656093173
IP
151.101.65.46:443
ASN
#54113 FASTLY

Requested by
https://con-fidentialdocs12.weebly.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.editmysite.com
Fingerprint8D:09:E9:00:22:07:DC:77:D7:9F:B9:55:7D:0A:C1:8A:58:67:20:18
ValidityMon, 12 Jun 2023 23:15:31 GMT - Sat, 13 Jul 2024 23:15:30 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
30 kB (29663 bytes)
Hash
251fe9dd065a30efd11ccab9a9613cda
9c8bec2886368f245985ae92222349ba92ac07f7
5b6bd64c8f7d37dd7bd34e3760cfffa93a982937376e2c02708f63c35c645a07

HTTP Headers

GET /css/sites.css?buildTime=1656093173 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://con-fidentialdocs12.weebly.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Wed, 22 Nov 2023 22:54:09 GMT
etag: W/"655e8691-337f6"
expires: Tue, 12 Dec 2023 11:16:55 GMT
cache-control: max-age=1209600
x-host: blu69.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 06 Dec 2023 16:51:36 GMT
age: 711281
x-served-by: cache-sjc10074-SJC, cache-bma1632-BMA
x-cache: HIT, HIT
x-cache-hits: 341, 1
x-timer: S1701881496.018003,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 29663
X-Firefox-Spdy: h2

cdn2.editmysite.com/js/site/main.js?buildTime=1656093173

151.101.65.46

200 OK

146 kB

URL GET HTTP/2
cdn2.editmysite.com/js/site/main.js?buildTime=1656093173
IP
151.101.65.46:443
ASN
#54113 FASTLY

Requested by
https://con-fidentialdocs12.weebly.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.editmysite.com
Fingerprint8D:09:E9:00:22:07:DC:77:D7:9F:B9:55:7D:0A:C1:8A:58:67:20:18
ValidityMon, 12 Jun 2023 23:15:31 GMT - Sat, 13 Jul 2024 23:15:30 GMT

File type
ASCII text, with very long lines (32147)
Size
146 kB (146401 bytes)
Hash
0de029f7ed3fd4cbfdcef31b834138e3
224512b5c840e885cd0732822af53301681ec799
593fec175b00a1f118f77bb8ed378e857e9f1225f0fc019fcea508b27da53cf0

HTTP Headers

GET /js/site/main.js?buildTime=1656093173 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://con-fidentialdocs12.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Wed, 29 Nov 2023 18:54:27 GMT
etag: "656788e3-74804"
expires: Thu, 14 Dec 2023 10:43:54 GMT
cache-control: max-age=1209600
x-host: grn102.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 06 Dec 2023 16:51:36 GMT
age: 540461
x-served-by: cache-sjc1000089-SJC, cache-bma1632-BMA
x-cache: HIT, HIT
x-cache-hits: 316, 1
x-timer: S1701881496.057712,VS0,VE2
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 146401
X-Firefox-Spdy: h2

con-fidentialdocs12.weebly.com/files/theme/MutationObserver.js

199.34.228.53

200 OK

6.8 kB

URL GET HTTP/1.1
con-fidentialdocs12.weebly.com/files/theme/MutationObserver.js
IP
199.34.228.53:443
ASN
#27647 WEEBLY

Requested by
https://con-fidentialdocs12.weebly.com/
Certificate
IssuerDigiCert Inc
Subject*.weebly.com
Fingerprint84:B4:09:67:7F:E7:D1:9F:01:07:51:96:4A:72:30:17:A4:A3:94:E6
ValiditySat, 28 Oct 2023 00:00:00 GMT - Fri, 15 Nov 2024 23:59:59 GMT

File type
ASCII text
Size
6.8 kB (6842 bytes)
Hash
e52201e96af18dd02c85eb627c843491
5bcdd1480b9bebcddb0d82083bdf03a7435d59a1
397452d9f6a2ea6a2135b45c9e40139c68ac6661f3bab4413e7299586ccb408a

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Microsoft OneDrive

HTTP Headers

GET /files/theme/MutationObserver.js HTTP/1.1
Host: con-fidentialdocs12.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://con-fidentialdocs12.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 16:51:35 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 17 May 2022 14:16:26 GMT
x-rgw-object-type: Normal
ETag: W/"e52201e96af18dd02c85eb627c843491"
x-amz-request-id: tx000000000000001e24b3b-006284b0eb-b9fbc77-sfo1
X-Storage-Bucket: z3974
X-Storage-Object: 397452d9f6a2ea6a2135b45c9e40139c68ac6661f3bab4413e7299586ccb408a
X-Host: blu152.sf2p.intern.weebly.net
Content-Encoding: gzip

cdn2.editmysite.com/css/old/fancybox.css?1656093173

151.101.65.46

200 OK

1.2 kB

URL GET HTTP/2
cdn2.editmysite.com/css/old/fancybox.css?1656093173
IP
151.101.65.46:443
ASN
#54113 FASTLY

Requested by
https://con-fidentialdocs12.weebly.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.editmysite.com
Fingerprint8D:09:E9:00:22:07:DC:77:D7:9F:B9:55:7D:0A:C1:8A:58:67:20:18
ValidityMon, 12 Jun 2023 23:15:31 GMT - Sat, 13 Jul 2024 23:15:30 GMT

File type
ASCII text, with very long lines (3910)
Size
1.2 kB (1218 bytes)
Hash
1dcebbb5a1eb8b028310ceeb72a339b3
e254b7a35ac189fd1ce9cf8bd78593bebfe27d7d
865cb87de9fc4d6530edce21f0103107abae6abe45cabdff2ad9af067b3d8e0a

HTTP Headers

GET /css/old/fancybox.css?1656093173 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://con-fidentialdocs12.weebly.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Wed, 29 Nov 2023 00:56:55 GMT
etag: "65668c57-f47"
expires: Wed, 13 Dec 2023 10:22:04 GMT
cache-control: max-age=1209600
x-host: grn136.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 06 Dec 2023 16:51:36 GMT
age: 628172
x-served-by: cache-sjc10040-SJC, cache-bma1632-BMA
x-cache: HIT, HIT
x-cache-hits: 116, 1
x-timer: S1701881496.060594,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1218
X-Firefox-Spdy: h2

con-fidentialdocs12.weebly.com/files/main_style.css?1656324361

199.34.228.53

200 OK

7.2 kB

URL GET HTTP/1.1
con-fidentialdocs12.weebly.com/files/main_style.css?1656324361
IP
199.34.228.53:443
ASN
#27647 WEEBLY

Requested by
https://con-fidentialdocs12.weebly.com/
Certificate
IssuerDigiCert Inc
Subject*.weebly.com
Fingerprint84:B4:09:67:7F:E7:D1:9F:01:07:51:96:4A:72:30:17:A4:A3:94:E6
ValiditySat, 28 Oct 2023 00:00:00 GMT - Fri, 15 Nov 2024 23:59:59 GMT

File type
assembler source, ASCII text, with very long lines (815)
Size
7.2 kB (7199 bytes)
Hash
32f4b6162d68e80a29f09b8c1ad8026d
3eb73a0faaee39cb043227140faa84625ce74cee
df5de01ee8f446f10f26547c98f1f6d75a56204ad2afea6319cf2110fa51a47d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Microsoft OneDrive

HTTP Headers

GET /files/main_style.css?1656324361 HTTP/1.1
Host: con-fidentialdocs12.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://con-fidentialdocs12.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 16:51:36 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
X-Host: grn126.sf2p.intern.weebly.net
Content-Encoding: gzip

ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js

142.250.74.106

200 OK

94 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://con-fidentialdocs12.weebly.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (65483)
Size
94 kB (93636 bytes)
Hash
3576a6e73c9dccdbbc4a2cf8ff544ad7
06e872300088b9ba8a08427d28ed0efcdf9c6ff5
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

HTTP Headers

GET /ajax/libs/jquery/1.8.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://con-fidentialdocs12.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 93636
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 05 Dec 2023 19:19:56 GMT
expires: Wed, 04 Dec 2024 19:19:56 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 77500
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

con-fidentialdocs12.weebly.com/uploads/1/4/2/3/142328606/published/onedrive-logo.png?1656324129

199.34.228.53

200 OK

4.1 kB

URL GET HTTP/1.1
con-fidentialdocs12.weebly.com/uploads/1/4/2/3/142328606/published/onedrive-logo.png?1656324129
IP
199.34.228.53:443
ASN
#27647 WEEBLY

Requested by
https://con-fidentialdocs12.weebly.com/
Certificate
IssuerDigiCert Inc
Subject*.weebly.com
Fingerprint84:B4:09:67:7F:E7:D1:9F:01:07:51:96:4A:72:30:17:A4:A3:94:E6
ValiditySat, 28 Oct 2023 00:00:00 GMT - Fri, 15 Nov 2024 23:59:59 GMT

File type
PNG image data, 156 x 89, 8-bit/color RGB, non-interlaced\012- data
Size
4.1 kB (4059 bytes)
Hash
94fa6c48f37ceb124185e4fa177c6fb5
3abae73fea557894e5b5baed522762a6c2a21a79
c2305ad5bdfccd03cea6b110263a0be997f668e3119ef82db077f1fbd2132d74

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Microsoft OneDrive

HTTP Headers

GET /uploads/1/4/2/3/142328606/published/onedrive-logo.png?1656324129 HTTP/1.1
Host: con-fidentialdocs12.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://con-fidentialdocs12.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 16:51:36 GMT
Content-Type: image/png
Content-Length: 4059
Connection: keep-alive
Last-Modified: Mon, 27 Jun 2022 10:02:09 GMT
x-rgw-object-type: Normal
ETag: "94fa6c48f37ceb124185e4fa177c6fb5"
x-amz-request-id: tx0000053a83be7c54a6578-00657037ab-db1a051-sfo1
X-Storage-Bucket: zc230
X-Storage-Object: c2305ad5bdfccd03cea6b110263a0be997f668e3119ef82db077f1fbd2132d74
X-Host: grn50.sf2p.intern.weebly.net
Accept-Ranges: bytes

con-fidentialdocs12.weebly.com/files/theme/plugins.js?1656323120

199.34.228.54

200 OK

16 kB

URL GET HTTP/1.1
con-fidentialdocs12.weebly.com/files/theme/plugins.js?1656323120
IP
199.34.228.54:443
ASN
#27647 WEEBLY

Requested by
https://con-fidentialdocs12.weebly.com/
Certificate
IssuerDigiCert Inc
Subject*.weebly.com
Fingerprint84:B4:09:67:7F:E7:D1:9F:01:07:51:96:4A:72:30:17:A4:A3:94:E6
ValiditySat, 28 Oct 2023 00:00:00 GMT - Fri, 15 Nov 2024 23:59:59 GMT

File type
ASCII text
Size
16 kB (15721 bytes)
Hash
2b8d85f1ea01d2c3e8b962eac8d76a5c
936987a7e08daa4a916c77d86937edee42d657da
b6353ca52760aba4e7547ae9861db68158dc2af0f4febece55e5c775ee4449f5

HTTP Headers

GET /files/theme/plugins.js?1656323120 HTTP/1.1
Host: con-fidentialdocs12.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://con-fidentialdocs12.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 16:51:36 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 24 Apr 2022 01:56:38 GMT
x-rgw-object-type: Normal
ETag: W/"2b8d85f1ea01d2c3e8b962eac8d76a5c"
x-amz-request-id: tx000000000000001b6b5e9-0062847b2f-b9fbc63-sfo1
X-Storage-Bucket: zb635
X-Storage-Object: b6353ca52760aba4e7547ae9861db68158dc2af0f4febece55e5c775ee4449f5
X-Host: blu33.sf2p.intern.weebly.net
Content-Encoding: gzip

con-fidentialdocs12.weebly.com/files/theme/jquery.pxuMenu.js?1656323120

199.34.228.54

200 OK

3.7 kB

URL GET HTTP/1.1
con-fidentialdocs12.weebly.com/files/theme/jquery.pxuMenu.js?1656323120
IP
199.34.228.54:443
ASN
#27647 WEEBLY

Requested by
https://con-fidentialdocs12.weebly.com/
Certificate
IssuerDigiCert Inc
Subject*.weebly.com
Fingerprint84:B4:09:67:7F:E7:D1:9F:01:07:51:96:4A:72:30:17:A4:A3:94:E6
ValiditySat, 28 Oct 2023 00:00:00 GMT - Fri, 15 Nov 2024 23:59:59 GMT

File type
HTML document, ASCII text
Size
3.7 kB (3697 bytes)
Hash
ac373d716afe4270df40f60417b0f418
aba148148c771bb66b0b4aeab6eac8eb40352745
f75570c56743e8c705cb06f5f1f9b1f8f2cc13119f5e2acda2f3bb8d987de94a

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Microsoft OneDrive

HTTP Headers

GET /files/theme/jquery.pxuMenu.js?1656323120 HTTP/1.1
Host: con-fidentialdocs12.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://con-fidentialdocs12.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 16:51:36 GMT
Content-Type: application/javascript
Content-Length: 3697
Connection: keep-alive
Last-Modified: Mon, 25 Apr 2022 13:50:18 GMT
x-rgw-object-type: Normal
ETag: "ac373d716afe4270df40f60417b0f418"
x-amz-request-id: tx000000000000001d78029-0062849c00-b9fbc63-sfo1
X-Storage-Bucket: zf755
X-Storage-Object: f75570c56743e8c705cb06f5f1f9b1f8f2cc13119f5e2acda2f3bb8d987de94a
X-Host: blu155.sf2p.intern.weebly.net
Accept-Ranges: bytes

con-fidentialdocs12.weebly.com/files/theme/jquery.trend.js?1656323120

199.34.228.54

200 OK

3.8 kB

URL GET HTTP/1.1
con-fidentialdocs12.weebly.com/files/theme/jquery.trend.js?1656323120
IP
199.34.228.54:443
ASN
#27647 WEEBLY

Requested by
https://con-fidentialdocs12.weebly.com/
Certificate
IssuerDigiCert Inc
Subject*.weebly.com
Fingerprint84:B4:09:67:7F:E7:D1:9F:01:07:51:96:4A:72:30:17:A4:A3:94:E6
ValiditySat, 28 Oct 2023 00:00:00 GMT - Fri, 15 Nov 2024 23:59:59 GMT

File type
ASCII text
Size
3.8 kB (3775 bytes)
Hash
4beccebe0a060b2b2c43de5c2d4512ef
250a779dd017877b9f360b264cf072d9e87974ff
446f48f512ecc0b771af3c21a3036de3a1c5740d1e6bdbb61448834326d0c738

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Microsoft OneDrive

HTTP Headers

GET /files/theme/jquery.trend.js?1656323120 HTTP/1.1
Host: con-fidentialdocs12.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://con-fidentialdocs12.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 16:51:36 GMT
Content-Type: application/javascript
Content-Length: 3775
Connection: keep-alive
Last-Modified: Thu, 10 Feb 2022 08:22:06 GMT
x-rgw-object-type: Normal
ETag: "4beccebe0a060b2b2c43de5c2d4512ef"
x-amz-request-id: tx000000000000001ed57e3-006284b3ea-b9fbc64-sfo1
X-Storage-Bucket: z446f
X-Storage-Object: 446f48f512ecc0b771af3c21a3036de3a1c5740d1e6bdbb61448834326d0c738
X-Host: blu22.sf2p.intern.weebly.net
Accept-Ranges: bytes

con-fidentialdocs12.weebly.com/files/theme/custom-1.js?1656323120

199.34.228.54

200 OK

4.1 kB

URL GET HTTP/1.1
con-fidentialdocs12.weebly.com/files/theme/custom-1.js?1656323120
IP
199.34.228.54:443
ASN
#27647 WEEBLY

Requested by
https://con-fidentialdocs12.weebly.com/
Certificate
IssuerDigiCert Inc
Subject*.weebly.com
Fingerprint84:B4:09:67:7F:E7:D1:9F:01:07:51:96:4A:72:30:17:A4:A3:94:E6
ValiditySat, 28 Oct 2023 00:00:00 GMT - Fri, 15 Nov 2024 23:59:59 GMT

File type
ASCII text
Size
4.1 kB (4097 bytes)
Hash
214dde43cebf15418cdcc76f9677ee46
6e93acebfa271d3fce9626034d03f942d3b628a8
cfbf67a85c039719090cff2c4718de99203b1ced78cfb8fae5f7240d2f1570b7

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Microsoft OneDrive

HTTP Headers

GET /files/theme/custom-1.js?1656323120 HTTP/1.1
Host: con-fidentialdocs12.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://con-fidentialdocs12.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 16:51:36 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 26 Oct 2021 13:57:32 GMT
x-rgw-object-type: Normal
ETag: W/"214dde43cebf15418cdcc76f9677ee46"
x-amz-request-id: tx000000000000001f55867-006284b947-b9fbc29-sfo1
X-Storage-Bucket: zcfbf
X-Storage-Object: cfbf67a85c039719090cff2c4718de99203b1ced78cfb8fae5f7240d2f1570b7
X-Host: grn73.sf2p.intern.weebly.net
Content-Encoding: gzip

con-fidentialdocs12.weebly.com/files/theme/jquery.revealer.js?1656323120

199.34.228.54

200 OK

2.8 kB

URL GET HTTP/1.1
con-fidentialdocs12.weebly.com/files/theme/jquery.revealer.js?1656323120
IP
199.34.228.54:443
ASN
#27647 WEEBLY

Requested by
https://con-fidentialdocs12.weebly.com/
Certificate
IssuerDigiCert Inc
Subject*.weebly.com
Fingerprint84:B4:09:67:7F:E7:D1:9F:01:07:51:96:4A:72:30:17:A4:A3:94:E6
ValiditySat, 28 Oct 2023 00:00:00 GMT - Fri, 15 Nov 2024 23:59:59 GMT

File type
ASCII text
Size
2.8 kB (2828 bytes)
Hash
c22ab67199a33d876512504cda4ff55b
36e96eae4644b6028532974fe5186a072792cb37
c4cd233d3d6b0f184e99d5017e521b4c6f9106d3e546864a8ba516189b934311

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Microsoft OneDrive

HTTP Headers

GET /files/theme/jquery.revealer.js?1656323120 HTTP/1.1
Host: con-fidentialdocs12.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://con-fidentialdocs12.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 16:51:36 GMT
Content-Type: application/javascript
Content-Length: 2828
Connection: keep-alive
Last-Modified: Tue, 26 Oct 2021 13:57:33 GMT
x-rgw-object-type: Normal
ETag: "c22ab67199a33d876512504cda4ff55b"
x-amz-request-id: tx000000000000001c59914-006284894e-b9fbc63-sfo1
X-Storage-Bucket: zc4cd
X-Storage-Object: c4cd233d3d6b0f184e99d5017e521b4c6f9106d3e546864a8ba516189b934311
X-Host: blu120.sf2p.intern.weebly.net
Accept-Ranges: bytes

con-fidentialdocs12.weebly.com/uploads/1/4/2/3/142328606/onedrive-logo.png

199.34.228.53

200 OK

4.8 kB

URL GET HTTP/1.1
con-fidentialdocs12.weebly.com/uploads/1/4/2/3/142328606/onedrive-logo.png
IP
199.34.228.53:443
ASN
#27647 WEEBLY

Requested by
https://con-fidentialdocs12.weebly.com/
Certificate
IssuerDigiCert Inc
Subject*.weebly.com
Fingerprint84:B4:09:67:7F:E7:D1:9F:01:07:51:96:4A:72:30:17:A4:A3:94:E6
ValiditySat, 28 Oct 2023 00:00:00 GMT - Fri, 15 Nov 2024 23:59:59 GMT

File type
PNG image data, 176 x 100, 8-bit/color RGB, non-interlaced\012- data
Size
4.8 kB (4752 bytes)
Hash
a2c69a9487080e9efa352789b6f8f45e
be9b3a82437f0ab607ba8be82c0496bd1d5cf069
d29d3b972d438e30fb7165b59fab309d780b7ffeee949d05d6f11dea8e2f0b8f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Microsoft OneDrive

HTTP Headers

GET /uploads/1/4/2/3/142328606/onedrive-logo.png HTTP/1.1
Host: con-fidentialdocs12.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://con-fidentialdocs12.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 16:51:36 GMT
Content-Type: image/png
Content-Length: 4752
Connection: keep-alive
Last-Modified: Sun, 23 May 2021 12:44:47 GMT
x-rgw-object-type: Normal
ETag: "a2c69a9487080e9efa352789b6f8f45e"
x-amz-request-id: tx00000833463383beca84f-00657037bd-db1c716-sfo1
X-Storage-Bucket: zd29d
X-Storage-Object: d29d3b972d438e30fb7165b59fab309d780b7ffeee949d05d6f11dea8e2f0b8f
X-Host: grn121.sf2p.intern.weebly.net
Accept-Ranges: bytes

cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1656093173&

151.101.65.46

200 OK

33 kB

URL GET HTTP/3
cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1656093173&
IP
151.101.65.46:443
ASN
#54113 FASTLY

Requested by
https://con-fidentialdocs12.weebly.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.editmysite.com
Fingerprint8D:09:E9:00:22:07:DC:77:D7:9F:B9:55:7D:0A:C1:8A:58:67:20:18
ValidityMon, 12 Jun 2023 23:15:31 GMT - Sat, 13 Jul 2024 23:15:30 GMT

File type
ASCII text, with very long lines (65024)
Size
33 kB (33107 bytes)
Hash
5925dea9d02b39d0e66e7ccc20371e80
79723f4fdf3c06cbc6a7b44fcc78cb1de7793be0
3b7805a3f0e4750ab90d4c40f0d1efdf11c5deb485ef9ed12b9c89b000f87f82

HTTP Headers

GET /js/lang/en/stl.js?buildTime=1656093173& HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://con-fidentialdocs12.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 33107
server: nginx
content-type: application/javascript
last-modified: Wed, 22 Nov 2023 22:52:59 GMT
etag: "655e864b-2c90e"
expires: Sat, 09 Dec 2023 03:01:23 GMT
cache-control: max-age=1209600
x-host: grn136.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 06 Dec 2023 16:51:36 GMT
age: 1000213
x-served-by: cache-sjc10035-SJC, cache-bma1658-BMA
x-cache: HIT, HIT
x-cache-hits: 502, 1
x-timer: S1701881497.753519,VS0,VE4
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

fonts.googleapis.com/css?family=Karla:400,700|Oswald:700|Roboto+Mono:400,400i,700,700i

142.250.74.106

200 OK

1.4 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Karla:400,700|Oswald:700|Roboto+Mono:400,400i,700,700i
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://con-fidentialdocs12.weebly.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
gzip compressed data, max compression\012- data
Size
1.4 kB (1427 bytes)
Hash
c1c4b89eabf34b65e5e9a2e0285da31d
a73561e35e2098113bb4193bfc4ecc2a1c6abe77
801c7fb40697cac93d6573e4472fcb7ab7f1e5037e51b079b63ee9465d7c05ea

HTTP Headers

GET /css?family=Karla:400,700|Oswald:700|Roboto+Mono:400,400i,700,700i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://con-fidentialdocs12.weebly.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 06 Dec 2023 16:51:36 GMT
date: Wed, 06 Dec 2023 16:51:36 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/robotomono/v23/L0xTDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_3vrtSM1J-gEPT5Ese6hmHSh0mQ.woff2

216.58.207.227

200 OK

23 kB

URL GET HTTP/2
fonts.gstatic.com/s/robotomono/v23/L0xTDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_3vrtSM1J-gEPT5Ese6hmHSh0mQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://con-fidentialdocs12.weebly.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 22736, version 1.0\012- data
Size
23 kB (22736 bytes)
Hash
6030466e3ea9779f8596076c6438a7b6
77d1cbe94004d6cf224466754f43cc12b87491e8
c7dd144163721cef3b11282607dffe203646a44ac7275874c7fe09669f76ea02

HTTP Headers

GET /s/robotomono/v23/L0xTDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_3vrtSM1J-gEPT5Ese6hmHSh0mQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://con-fidentialdocs12.weebly.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22736
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 04 Dec 2023 20:29:53 GMT
expires: Tue, 03 Dec 2024 20:29:53 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:53:33 GMT
content-type: font/woff2
age: 159703
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/oswald/v53/TK3iWkUHHAIjg752GT8G.woff2

216.58.207.227

200 OK

28 kB

URL GET HTTP/2
fonts.gstatic.com/s/oswald/v53/TK3iWkUHHAIjg752GT8G.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://con-fidentialdocs12.weebly.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 28512, version 1.0\012- data
Size
28 kB (28512 bytes)
Hash
16cba75f4b9969077ff30bea2f494e12
71b32a3bbcc6157da9d52accf124660a3cfc66dc
241ced7f220982f5679a64cc6db34ed42cd21274508cc5814616d9efe374afde

HTTP Headers

GET /s/oswald/v53/TK3iWkUHHAIjg752GT8G.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://con-fidentialdocs12.weebly.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28512
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:37:36 GMT
expires: Thu, 28 Nov 2024 21:37:36 GMT
cache-control: public, max-age=31536000
age: 587640
last-modified: Tue, 15 Aug 2023 18:44:12 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

con-fidentialdocs12.weebly.com/files/theme/images/arrow-light.svg?1656324361

199.34.228.54

200 OK

886 B

URL GET HTTP/1.1
con-fidentialdocs12.weebly.com/files/theme/images/arrow-light.svg?1656324361
IP
199.34.228.54:443
ASN
#27647 WEEBLY

Requested by
https://con-fidentialdocs12.weebly.com/
Certificate
IssuerDigiCert Inc
Subject*.weebly.com
Fingerprint84:B4:09:67:7F:E7:D1:9F:01:07:51:96:4A:72:30:17:A4:A3:94:E6
ValiditySat, 28 Oct 2023 00:00:00 GMT - Fri, 15 Nov 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
886 B (886 bytes)
Hash
552eb2e04260fc0733e5633d15c6aeaa
0a9efcc3b0ebabb23a49a00061fd8200eded1613
705ff3240de004523ff9d628b28aad705ad3f0ceb046312495265a4042c67570

HTTP Headers

GET /files/theme/images/arrow-light.svg?1656324361 HTTP/1.1
Host: con-fidentialdocs12.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://con-fidentialdocs12.weebly.com/files/main_style.css?1656324361
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 16:51:36 GMT
Content-Type: image/svg+xml; charset=us-ascii
Content-Length: 886
Connection: keep-alive
Last-Modified: Sat, 19 Mar 2022 04:38:52 GMT
x-rgw-object-type: Normal
ETag: "552eb2e04260fc0733e5633d15c6aeaa"
x-amz-request-id: tx0000000000000020357da-006284ce25-b9fbc7f-sfo1
X-Storage-Bucket: z705f
X-Storage-Object: 705ff3240de004523ff9d628b28aad705ad3f0ceb046312495265a4042c67570
Content-Disposition: attachment
X-Host: grn47.sf2p.intern.weebly.net
Accept-Ranges: bytes

fonts.gstatic.com/s/karla/v31/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bmMurHFyTg.woff2

216.58.207.227

200 OK

24 kB

URL GET HTTP/2
fonts.gstatic.com/s/karla/v31/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bmMurHFyTg.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://con-fidentialdocs12.weebly.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 24268, version 1.0\012- data
Size
24 kB (24268 bytes)
Hash
ce45428c52deaaf02c471e03e17373c1
0b4b3b06b6de7306dab70256212d265097a31bf0
7aea46836300bb50c651155f8dd79da6d90f36ec895615d60b2c8f7fe49fc5bc

HTTP Headers

GET /s/karla/v31/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bmMurHFyTg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://con-fidentialdocs12.weebly.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24268
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 05 Dec 2023 13:34:18 GMT
expires: Wed, 04 Dec 2024 13:34:18 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Sep 2023 15:41:07 GMT
content-type: font/woff2
age: 98239
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn2.editmysite.com/js/wsnbn/snowday262.js

151.101.65.46

200 OK

26 kB

URL GET HTTP/3
cdn2.editmysite.com/js/wsnbn/snowday262.js
IP
151.101.65.46:443
ASN
#54113 FASTLY

Requested by
https://con-fidentialdocs12.weebly.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.editmysite.com
Fingerprint8D:09:E9:00:22:07:DC:77:D7:9F:B9:55:7D:0A:C1:8A:58:67:20:18
ValidityMon, 12 Jun 2023 23:15:31 GMT - Sat, 13 Jul 2024 23:15:30 GMT

File type
ASCII text, with very long lines (2512)
Size
26 kB (25752 bytes)
Hash
99bbe560926e583b8e99036251deb783
8d81b73ae06f664f9d9e53dd5829a799bf434491
648e766bf519673f9a90cc336cbecede80dcbe3419b43d36ecbb25d88f5584a3

HTTP Headers

GET /js/wsnbn/snowday262.js HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://con-fidentialdocs12.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 25752
server: nginx
content-type: application/javascript
last-modified: Wed, 22 Nov 2023 22:54:01 GMT
etag: "655e8689-124fe"
expires: Thu, 07 Dec 2023 08:49:33 GMT
cache-control: max-age=1209600
x-host: blu145.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 06 Dec 2023 16:51:37 GMT
age: 1152123
x-served-by: cache-sjc10061-SJC, cache-bma1658-BMA
x-cache: HIT, HIT
x-cache-hits: 52, 9448
x-timer: S1701881497.070525,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

cdn2.editmysite.com/css/free-footer-v3.css?buildtime=1701878478

151.101.65.46

200 OK

886 B

URL GET HTTP/3
cdn2.editmysite.com/css/free-footer-v3.css?buildtime=1701878478
IP
151.101.65.46:443
ASN
#54113 FASTLY

Requested by
https://con-fidentialdocs12.weebly.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.editmysite.com
Fingerprint8D:09:E9:00:22:07:DC:77:D7:9F:B9:55:7D:0A:C1:8A:58:67:20:18
ValidityMon, 12 Jun 2023 23:15:31 GMT - Sat, 13 Jul 2024 23:15:30 GMT

File type
ASCII text, with very long lines (2632)
Size
886 B (886 bytes)
Hash
b09e83d2aeac55c0d3b67186cd5009ff
fa87cec84cc36fc2e70804867da24578ea331999
251a983a1b4b2cc76542aa398ae6b3499978a788860b54a8081d35d7a843303c

HTTP Headers

GET /css/free-footer-v3.css?buildtime=1701878478 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://con-fidentialdocs12.weebly.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 886
server: nginx
content-type: text/css
last-modified: Wed, 06 Dec 2023 15:26:12 GMT
etag: "65709294-a49"
expires: Wed, 20 Dec 2023 16:03:39 GMT
cache-control: max-age=1209600
x-host: blu110.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 06 Dec 2023 16:51:37 GMT
age: 2878
x-served-by: cache-sjc10069-SJC, cache-bma1658-BMA
x-cache: HIT, HIT
x-cache-hits: 53, 7
x-timer: S1701881497.127169,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

fonts.googleapis.com/css?family=Karla:400,700,400italic,700italic&subset=latin,latin-ext

142.250.74.106

200 OK

191 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Karla:400,700,400italic,700italic&subset=latin,latin-ext
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://con-fidentialdocs12.weebly.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (563)
Size
191 kB (191179 bytes)
Hash
230b0fe19fc0bc41ac14c610a0becdf9
e07172ba607b50f374d06ac8227eb4bad3c49f00
18a15e803aa4c09b200cc71ab95b46b5cf648ad6710672c420ea7dc0d22651d0

HTTP Headers

GET /css?family=Karla:400,700,400italic,700italic&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://con-fidentialdocs12.weebly.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 06 Dec 2023 16:51:36 GMT
date: Wed, 06 Dec 2023 16:51:36 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/recaptcha/api.js?_=1701881503199

142.250.74.164

200 OK

4.8 kB

URL GET HTTP/2
www.google.com/recaptcha/api.js?_=1701881503199
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://con-fidentialdocs12.weebly.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintB0:8E:97:10:7E:30:90:F6:42:A1:32:63:5C:78:27:D3:A8:F1:05:D1
ValidityMon, 23 Oct 2023 11:24:57 GMT - Mon, 15 Jan 2024 11:24:56 GMT

File type
gzip compressed data\012- data
Size
4.8 kB (4841 bytes)
Hash
8ff2882d65827b2bc088785d4a104469
2f69a7bd2da610aa2556cbc8f446b502736e90a7
64e4db92a1a6072d4e4e87e45f679d21e4ac38e80c0abba6905af4583a72ae1f

HTTP Headers

GET /recaptcha/api.js?_=1701881503199 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://con-fidentialdocs12.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Wed, 06 Dec 2023 16:51:37 GMT
date: Wed, 06 Dec 2023 16:51:37 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

con-fidentialdocs12.weebly.com/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]

199.34.228.53

200 OK

348 B

URL POST HTTP/1.1
con-fidentialdocs12.weebly.com/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]
IP
199.34.228.53:443
ASN
#27647 WEEBLY

Requested by
https://con-fidentialdocs12.weebly.com/
Certificate
IssuerDigiCert Inc
Subject*.weebly.com
Fingerprint84:B4:09:67:7F:E7:D1:9F:01:07:51:96:4A:72:30:17:A4:A3:94:E6
ValiditySat, 28 Oct 2023 00:00:00 GMT - Fri, 15 Nov 2024 23:59:59 GMT

File type
JSON data\012- , ASCII text, with very long lines (348), with no line terminators
Size
348 B (348 bytes)
Hash
a944dd688c99d2901d6719be713271c0
4f5454d5d434829baf46671638610791758725d9
adb97e1bc686c58b4286f1208d2bd969687c6cf3e2fc468697dfd956d260de49

HTTP Headers

POST /ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails] HTTP/1.1
Host: con-fidentialdocs12.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 83
Origin: https://con-fidentialdocs12.weebly.com
DNT: 1
Connection: keep-alive
Referer: https://con-fidentialdocs12.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 06 Dec 2023 16:51:37 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: blu17.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 348
Keep-Alive: timeout=10, max=34
Connection: Keep-Alive
Content-Type: application/json

con-fidentialdocs12.weebly.com/favicon.ico

199.34.228.54

200 OK

4.3 kB

URL GET HTTP/1.1
con-fidentialdocs12.weebly.com/favicon.ico
IP
199.34.228.54:443
ASN
#27647 WEEBLY

Requested by
https://con-fidentialdocs12.weebly.com/
Certificate
IssuerDigiCert Inc
Subject*.weebly.com
Fingerprint84:B4:09:67:7F:E7:D1:9F:01:07:51:96:4A:72:30:17:A4:A3:94:E6
ValiditySat, 28 Oct 2023 00:00:00 GMT - Fri, 15 Nov 2024 23:59:59 GMT

File type
MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Size
4.3 kB (4286 bytes)
Hash
4d27526198ac873ccec96935198e0fb9
b98d8b73ad6a0f7477c3397561b4aab37bf262aa
40a2146151863bcf46c786d596e81a308d1b0d26d74635be441e92656f29b1b4

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Microsoft OneDrive

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: con-fidentialdocs12.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://con-fidentialdocs12.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 16:51:37 GMT
Content-Type: image/x-icon
Content-Length: 4286
Connection: keep-alive
Last-Modified: Fri, 24 Sep 2021 21:48:12 GMT
x-rgw-object-type: Normal
ETag: "4d27526198ac873ccec96935198e0fb9"
x-amz-request-id: tx000000000000001aecdb2-00628475f6-b9fbc64-sfo1
X-Storage-Bucket: z40a2
X-Storage-Object: 40a2146151863bcf46c786d596e81a308d1b0d26d74635be441e92656f29b1b4
X-Host: blu152.sf2p.intern.weebly.net
Accept-Ranges: bytes

www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js

142.250.74.35

200 OK

476 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://con-fidentialdocs12.weebly.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (563)
Size
476 kB (476095 bytes)
Hash
23b9dd721490a4062ba8d01454ef6ba9
efdbb7331585411f7d397dacbf51fd3e95f3031d
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7

HTTP Headers

GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://con-fidentialdocs12.weebly.com
DNT: 1
Connection: keep-alive
Referer: https://con-fidentialdocs12.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 190682
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 06 Dec 2023 14:51:29 GMT
expires: Thu, 05 Dec 2024 14:51:29 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 7208
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Oswald:400,300,700&subset=latin,latin-ext

142.250.74.106

200 OK

5.0 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Oswald:400,300,700&subset=latin,latin-ext
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://con-fidentialdocs12.weebly.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (5082), with no line terminators
Size
5.0 kB (4962 bytes)
Hash
ea7ed2c0faf95d97cbe79ca49d46c1b7
2db12eacb1dd4e1749ce1e1a6ca752859a7a8d0f
25408c02dcff275a42f2dd94a442baafd28475eccb5ec1b28d58a93c6a477b2b

HTTP Headers

GET /css?family=Oswald:400,300,700&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://con-fidentialdocs12.weebly.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 06 Dec 2023 16:51:36 GMT
date: Wed, 06 Dec 2023 16:51:36 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (38)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash