IP 199.34.228.39:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 4ab3afbd307181710d091b0e0b85659d
3319797ce01dc575306a3a715ec73e194ccdf5f5
d3b3704e8166def9d7cfa04fb25502d0844a792904b96b2551b58ef106cd65a2
Analyzer Verdict Alert openphish AT&T Inc.
phishtank Other
GET / HTTP/1.1
Host: nmbvkoeu.square.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Wed, 31 May 2023 13:07:48 GMT
Set-Cookie: publishedsite-xsrf=eyJpdiI6IlEya0lXQ3NMa2JadkdGZTlhWjlvclE9PSIsInZhbHVlIjoiRDFUYS81TmtsU2JUdDZTQ1U4SW5hRmNrd25odzJBUFB3cmNTekVPL0E1SGpnaWkzeno1WkREVWRYOUgydTFrcW05cjhaZmdzT2l1UHhzcFR2b05Gb1F0c2xiR3d3NE0ycVVWYzJzaVNBUm9BM2xZQnM5OTEwQVlCSktKNjQ4N1ciLCJtYWMiOiJhMjEyNjY3MjQ0NWM2MjUwN2QyMTQ1ZWQ0MWY1MzU2OWY5MzA3MTQyYjVmZDc2OTc2MmY5ZmI0YTcwZmQ1YjI3IiwidGFnIjoiIn0%3D; expires=Wed, 14-Jun-2023 13:07:48 GMT; Max-Age=1209600; path=/; samesite=lax
XSRF-TOKEN=eyJpdiI6Im1TTkZQYm5FR01HVUo4Rkt5anhoclE9PSIsInZhbHVlIjoiUERaemxMZldIa0ZRVURzZUdKR21FMHFEa0VUaFRmSHJLUzBENCtPVzJmMXhpU1BtUnFPWWJLbmxPSW9PNEJJODgzNkFaT0VJV2lBaHQzMHFsb1BjY05rM0NsY2RGRDhiU2pBM1FmbS95UmpFdHRGUXRFazFpbHJpVC9wa0tYbW0iLCJtYWMiOiJiMTk3YTk5YTJjMGNkODM1NTgzN2YzMDQ5YmVkZGFhYWY0ZTVhMjg0ZDc0MWFiZWI2YzU3MTQ4MGU3ZGQxNmQ0IiwidGFnIjoiIn0%3D; expires=Wed, 14-Jun-2023 13:07:48 GMT; Max-Age=1209600; path=/; samesite=lax
PublishedSiteSession=eyJpdiI6InMvTGtIVysya21qaGdzVC9rTGhGK2c9PSIsInZhbHVlIjoiN095aDFISGtKVWdORHpzQ2l5UGhrQm9aY2RTMFNuTVcreFJyWUFtWlBwRkJldVdGRFNPN3Yxam9CTlQ2NFpVWWFNUXhJcDdRSU1hOE11VVFURWN1OGluWVJVM0srblR3YVJBc3gvMTUzS0M5Vk9zSkhVcVlrK0UvYnFKMzlLdm0iLCJtYWMiOiJkNjVlNmU1MGZhOGExMmJhNjJiMDE3ODMwMGE4NWU1NjAwMjhiYTE4MDk1OWYyMjQ1NWJiNmNhNjMyNTAwNzhjIiwidGFnIjoiIn0%3D; expires=Wed, 14-Jun-2023 13:07:48 GMT; Max-Age=1209600; path=/; httponly; samesite=lax
X-Host: grn62.sf2p.intern.weebly.net
X-Revision: 8c4d74a243e322c634911b9f36b7882f0f64d5eb
X-Request-ID: 67423697676bca4913e508a7f2d7c26a
Content-Encoding: gzip
nmbvkoeu.square.site/favicon.ico
199.34.228.39 1 B URL nmbvkoeu.square.site/favicon.ico
IP 199.34.228.39:0
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert openphish AT&T Inc.
phishtank Other
GET /favicon.ico HTTP/1.1
Host: nmbvkoeu.square.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nmbvkoeu.square.site/
Cookie: publishedsite-xsrf=eyJpdiI6IlEya0lXQ3NMa2JadkdGZTlhWjlvclE9PSIsInZhbHVlIjoiRDFUYS81TmtsU2JUdDZTQ1U4SW5hRmNrd25odzJBUFB3cmNTekVPL0E1SGpnaWkzeno1WkREVWRYOUgydTFrcW05cjhaZmdzT2l1UHhzcFR2b05Gb1F0c2xiR3d3NE0ycVVWYzJzaVNBUm9BM2xZQnM5OTEwQVlCSktKNjQ4N1ciLCJtYWMiOiJhMjEyNjY3MjQ0NWM2MjUwN2QyMTQ1ZWQ0MWY1MzU2OWY5MzA3MTQyYjVmZDc2OTc2MmY5ZmI0YTcwZmQ1YjI3IiwidGFnIjoiIn0%3D; XSRF-TOKEN=eyJpdiI6Im1TTkZQYm5FR01HVUo4Rkt5anhoclE9PSIsInZhbHVlIjoiUERaemxMZldIa0ZRVURzZUdKR21FMHFEa0VUaFRmSHJLUzBENCtPVzJmMXhpU1BtUnFPWWJLbmxPSW9PNEJJODgzNkFaT0VJV2lBaHQzMHFsb1BjY05rM0NsY2RGRDhiU2pBM1FmbS95UmpFdHRGUXRFazFpbHJpVC9wa0tYbW0iLCJtYWMiOiJiMTk3YTk5YTJjMGNkODM1NTgzN2YzMDQ5YmVkZGFhYWY0ZTVhMjg0ZDc0MWFiZWI2YzU3MTQ4MGU3ZGQxNmQ0IiwidGFnIjoiIn0%3D; PublishedSiteSession=eyJpdiI6InMvTGtIVysya21qaGdzVC9rTGhGK2c9PSIsInZhbHVlIjoiN095aDFISGtKVWdORHpzQ2l5UGhrQm9aY2RTMFNuTVcreFJyWUFtWlBwRkJldVdGRFNPN3Yxam9CTlQ2NFpVWWFNUXhJcDdRSU1hOE11VVFURWN1OGluWVJVM0srblR3YVJBc3gvMTUzS0M5Vk9zSkhVcVlrK0UvYnFKMzlLdm0iLCJtYWMiOiJkNjVlNmU1MGZhOGExMmJhNjJiMDE3ODMwMGE4NWU1NjAwMjhiYTE4MDk1OWYyMjQ1NWJiNmNhNjMyNTAwNzhjIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 31 May 2023 13:07:48 GMT
Content-Type: application/octet-stream
Content-Length: 1
Connection: keep-alive
Last-Modified: Tue, 14 Apr 2020 20:17:36 GMT
x-rgw-object-type: Normal
ETag: "93b885adfe0da089cdf634904fd59f71"
x-amz-meta-s3cmd-attrs: atime:1586895392/ctime:1586718963/gid:0/gname:root/md5:93b885adfe0da089cdf634904fd59f71/mode:33188/mtime:1586718963/uid:0/uname:root
x-amz-request-id: tx000000000000001a88773-00628473fc-b9fbc20-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: grn62.sf2p.intern.weebly.net
X-Revision: 8c4d74a243e322c634911b9f36b7882f0f64d5eb
X-Request-ID: b051918fd676e96246e1d48931fa4cc0
IP 199.34.228.40:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 4ab3afbd307181710d091b0e0b85659d
3319797ce01dc575306a3a715ec73e194ccdf5f5
d3b3704e8166def9d7cfa04fb25502d0844a792904b96b2551b58ef106cd65a2
Analyzer Verdict Alert openphish AT&T Inc.
phishtank Other
GET / HTTP/1.1
Host: nmbvkoeu.square.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Wed, 31 May 2023 13:07:51 GMT
Set-Cookie: publishedsite-xsrf=eyJpdiI6ImUxNTBQMnEzbFBiang1QnYrMkoyYWc9PSIsInZhbHVlIjoiRmYxNmxBMHE2aENaTTUyK0trVElYZmlnQVNvazNVTG9ETGZXNUlCVzVOM3VNVmlYc3ZRbFVRQzRVM1pYcHp6RkFBVStuZTArcnc3UHphazNIekZkVDE5ZWVJckZaRkFZUEhWaTNlSkdsYXZZQ1JlRXdCam1QbkdFVXNmSE43eHEiLCJtYWMiOiJhZjY4ZmRkZTRiYjJhZmM3MjNmZWJlNzhjMTVhZjJlZDc2MjNkZDQxMTU1ZDlhZTQ5ZDU4MTY1MWNlZjMxMzQ0IiwidGFnIjoiIn0%3D; expires=Wed, 14-Jun-2023 13:07:51 GMT; Max-Age=1209600; path=/; samesite=lax
XSRF-TOKEN=eyJpdiI6IjQvOTE0b2pzUk1wRElreENMR3FmZ0E9PSIsInZhbHVlIjoieCszMlRnbkt3NW9CVVBYL0hQNmtITXNOeHVCeFk5UUhlaFhGdDBEcHhtUjFCK3FlSmtRcWYySzh1NFRweXFtMjlnUTE2WnJ5WjBjSEpPSnh4V3FLYmtGdm9teWR6ZkNuMmJaMEhTc3d5enZvT1lrWml0c21zbm5ka1hCWFVlN3MiLCJtYWMiOiIyOTIzNmY5M2I2ZDc3NjU2MmNjNGViZDZlOGM0NDkyNDdkMTgzMjRiZmZkNGExNzlhZjQzYTRmNzc4NTBlOGMzIiwidGFnIjoiIn0%3D; expires=Wed, 14-Jun-2023 13:07:51 GMT; Max-Age=1209600; path=/; samesite=lax
PublishedSiteSession=eyJpdiI6IjcxNjByelRuMWNMaURTMm1yejgwWHc9PSIsInZhbHVlIjoiR25DWkFxZ3ZvNXg4ZlhRaWNyaVBta3lVMnF6L1JZY2NYTnZPQW9aRThsb3hqRE85U3hrOFNlVk5tSHNTMEsrNkp1SDB2WW5rNWJzU1BlOE5BNCs2Nm1Fc1NrMUtQUExkeWlPS0Q3K2pxM2p0OEh5cjNGaXRsemIzLzB6RWJWUTQiLCJtYWMiOiIwMDcyMzA5MzVlYjcxYTgyYTJjM2JmNWJiMWMyMmM5NDZmNTgwOTNiMDYwMDAwY2ZiNjQ5MTM1NzNmYmQwYWZkIiwidGFnIjoiIn0%3D; expires=Wed, 14-Jun-2023 13:07:51 GMT; Max-Age=1209600; path=/; httponly; samesite=lax
X-Host: grn135.sf2p.intern.weebly.net
X-Revision: 8c4d74a243e322c634911b9f36b7882f0f64d5eb
X-Request-ID: 6ac1335334640e5ffb583b6d00380574
Content-Encoding: gzip