Report - is.gd/X5F3wl

Report Overview

Visited public
2023-11-30 01:47:58
Tags
URL
is.gd/X5F3wl
Finishing URL
68768zyvnx9976.weebly.com/
IP / ASN
104.25.233.53
#13335 CLOUDFLARENET
Title
404 - Page Not Found

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
68768zyvnx9976.weebly.com	unknown	unknown	No data	No data	1.3 kB	13 kB	199.34.228.54
is.gd	51320	2007-09-12	2014-05-30 19:06:36	2023-11-28 05:10:21	478 B	4.2 kB	104.25.233.53
cdn1.editmysite.com	56529	1999-09-10	2012-05-23 08:23:09	2023-11-29 09:03:22	757 B	5.1 kB	151.101.65.46
cdn2.editmysite.com	11564	1999-09-10	2012-10-02 20:27:39	2023-11-29 11:13:44	1.0 kB	93 kB	151.101.1.46

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-11-30 01:47:44	low	Client IP	Internal IP	ET INFO URL Shortener Service Domain in DNS Lookup (is .gd)
2023-11-30 01:47:44	low	Client IP	Internal IP	ET INFO URL Shortener Service Domain in DNS Lookup (is .gd)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-11-29	medium	68768zyvnx9976.weebly.com/	AT&T Inc.
2023-11-29	medium	68768zyvnx9976.weebly.com/	AT&T Inc.
2023-11-29	medium	is.gd/X5F3wl	AT&T Inc.

PhishTank

Scan Date	Severity	Indicator	Alert
2023-11-29	medium	68768zyvnx9976.weebly.com/	Other
2023-11-29	medium	68768zyvnx9976.weebly.com/	Other
2023-11-29	medium	is.gd/X5F3wl	Other

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (8)

URL IP Response Size

68768zyvnx9976.weebly.com/

199.34.228.54

404 Not Found

3.9 kB

URL User Request GET HTTP/1.1
68768zyvnx9976.weebly.com/
IP
199.34.228.54:80
ASN
#27647 WEEBLY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (368)
Size
3.9 kB (3909 bytes)
Hash
b3778a67b80e0de435eaa57b0f226eac
38f969b123df8b929c78c37dc992fee3a9311938
f2f850049897f515d06831c0bed6b360f6eca44b7edfaeeb738d082011308ab0

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	AT&T Inc.
PhishTank	phishing	Other

HTTP Headers

GET / HTTP/1.1
Host: 68768zyvnx9976.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Thu, 30 Nov 2023 01:47:41 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
Set-Cookie: is_mobile=0; path=/; domain=68768zyvnx9976.weebly.com
language=en; expires=Thu, 14-Dec-2023 01:47:41 GMT; Max-Age=1209600; path=/
Cache-Control: private
X-Host: grn86.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 3909
Keep-Alive: timeout=10, max=73
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

68768zyvnx9976.weebly.com/

199.34.228.53

404 Not Found

3.9 kB

URL User Request GET HTTP/1.1
68768zyvnx9976.weebly.com/
IP
199.34.228.53:80
ASN
#27647 WEEBLY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (368)
Size
3.9 kB (3909 bytes)
Hash
b3778a67b80e0de435eaa57b0f226eac
38f969b123df8b929c78c37dc992fee3a9311938
f2f850049897f515d06831c0bed6b360f6eca44b7edfaeeb738d082011308ab0

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	AT&T Inc.
PhishTank	phishing	Other

HTTP Headers

GET / HTTP/1.1
Host: 68768zyvnx9976.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: is_mobile=0; language=en
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Thu, 30 Nov 2023 01:47:42 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
Set-Cookie: language=en; expires=Thu, 14-Dec-2023 01:47:42 GMT; Max-Age=1209600; path=/
Cache-Control: private
X-Host: blu156.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 3909
Keep-Alive: timeout=10, max=48
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

is.gd/X5F3wl

104.25.233.53

301 Moved Permanently

3.9 kB

URL User Request GET HTTP/2
is.gd/X5F3wl
IP
104.25.233.53:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintFF:A2:BC:F5:85:27:A8:94:26:9A:52:3D:7D:E1:5B:A6:F4:8D:08:A9
ValidityTue, 11 Apr 2023 00:00:00 GMT - Wed, 10 Apr 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (368)
Size
3.9 kB (3909 bytes)
Hash
b3778a67b80e0de435eaa57b0f226eac
38f969b123df8b929c78c37dc992fee3a9311938
f2f850049897f515d06831c0bed6b360f6eca44b7edfaeeb738d082011308ab0

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	AT&T Inc.
PhishTank	phishing	Other

HTTP Headers

GET /X5F3wl HTTP/1.1
Host: is.gd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Thu, 30 Nov 2023 01:47:40 GMT
content-type: text/html; charset=UTF-8
location: https://68768zyvnx9976.weebly.com
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 82df6c7a99ba56a4-OSL
X-Firefox-Spdy: h2

cdn1.editmysite.com/images/weebly-logo-blue.png

151.101.65.46

200 OK

3.7 kB

URL GET HTTP/1.1
cdn1.editmysite.com/images/weebly-logo-blue.png
IP
151.101.65.46:80
ASN
#54113 FASTLY

Requested by
http://68768zyvnx9976.weebly.com/

File type
PNG image data, 174 x 62, 8-bit colormap, non-interlaced\012- data
Size
3.7 kB (3740 bytes)
Hash
6907726ede4fc851beeafb7b9ff6eeb9
86b1e9af4a07e02a426ec9475e37a13dfcedcb3c
2b37ca56c61b7f2f892d75655cc37699ef847dd9139c94171414e5f92ffd97ed

HTTP Headers

GET /images/weebly-logo-blue.png HTTP/1.1
Host: cdn1.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://68768zyvnx9976.weebly.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 3740
Server: nginx
Content-Type: image/png
Last-Modified: Wed, 22 Nov 2023 22:50:34 GMT
ETag: "655e85ba-e9c"
Expires: Fri, 24 Nov 2023 12:30:05 GMT
Cache-Control: max-age=300
X-Host: grn154.sf2p.intern.weebly.net
Access-Control-Allow-Origin: *
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Thu, 30 Nov 2023 01:47:42 GMT
Age: 480157
X-Served-By: cache-sjc10042-SJC, cache-bma1678-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 3639, 1
X-Timer: S1701308862.404659,VS0,VE5
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

cdn1.editmysite.com/developer/none.ico

151.101.65.46

65 B

URL GET
cdn1.editmysite.com/developer/none.ico
IP
151.101.65.46:0
ASN
#54113 FASTLY

Requested by
http://68768zyvnx9976.weebly.com/

File type
MS Windows icon resource - 1 icon, 16x16\012- data
Size
65 B (65 bytes)
Hash
199783f9459a960310d18ee4dd251027
67c08624719a35553c34083112804cafd8ce6ee6
29bd61683747e9288f62407525d5ed4dccf3feaad2684bbb2c2df41f6027e4db

HTTP Headers

GET /developer/none.ico HTTP/1.1
Host: cdn1.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://68768zyvnx9976.weebly.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 65
Server: nginx
Content-Type: image/x-icon
Last-Modified: Wed, 22 Nov 2023 22:50:34 GMT
ETag: "655e85ba-57e"
Expires: Tue, 28 Nov 2023 08:21:53 GMT
Cache-Control: max-age=300
X-Host: grn107.sf2p.intern.weebly.net
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Thu, 30 Nov 2023 01:47:42 GMT
Age: 149448
X-Served-By: cache-sjc10061-SJC, cache-bma1678-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 928
X-Timer: S1701308862.426253,VS0,VE0
Vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

cdn2.editmysite.com/components/ui-framework/fonts/proxima-nova-semibold/31AC96_2_0.woff

151.101.1.46

200 OK

46 kB

URL GET HTTP/1.1
cdn2.editmysite.com/components/ui-framework/fonts/proxima-nova-semibold/31AC96_2_0.woff
IP
151.101.1.46:80
ASN
#54113 FASTLY

Requested by
http://68768zyvnx9976.weebly.com/

File type
Web Open Font Format, TrueType, length 45516, version 0.0\012- data
Size
46 kB (45516 bytes)
Hash
861dfbee66a135b4421ba3f0f3bc297f
1b379173b64e92893538ff39da0b16410dd5f653
abbc659e9c167b41e012d7b7d7f8cf22d4edd74a7ffb85704e213b1418c8b177

HTTP Headers

GET /components/ui-framework/fonts/proxima-nova-semibold/31AC96_2_0.woff HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://68768zyvnx9976.weebly.com
DNT: 1
Connection: keep-alive
Referer: http://68768zyvnx9976.weebly.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 45516
Server: nginx
Content-Type: font/woff
Last-Modified: Wed, 22 Nov 2023 22:52:01 GMT
ETag: "655e8611-b1cc"
Expires: Sun, 10 Dec 2023 21:17:32 GMT
Cache-Control: max-age=1209600
X-Host: grn96.sf2p.intern.weebly.net
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Thu, 30 Nov 2023 01:47:42 GMT
Age: 275410
X-Served-By: cache-sjc1000141-SJC, cache-bma1672-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 52, 1
X-Timer: S1701308862.439970,VS0,VE1
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

cdn2.editmysite.com/components/ui-framework/fonts/proxima-nova-regular/31AC96_1_0.woff

151.101.1.46

200 OK

46 kB

URL GET HTTP/1.1
cdn2.editmysite.com/components/ui-framework/fonts/proxima-nova-regular/31AC96_1_0.woff
IP
151.101.1.46:80
ASN
#54113 FASTLY

Requested by
http://68768zyvnx9976.weebly.com/

File type
Web Open Font Format, TrueType, length 46052, version 0.0\012- data
Size
46 kB (46052 bytes)
Hash
61f3bc4fc6146cc65961a8c8e917855a
02e25e22cf1c0a26d838a477b1f21bf33b71ca38
aabc1a485e0941f1e2927b6a4beed2b368431466977483068bbe367de253a05c

HTTP Headers

GET /components/ui-framework/fonts/proxima-nova-regular/31AC96_1_0.woff HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://68768zyvnx9976.weebly.com
DNT: 1
Connection: keep-alive
Referer: http://68768zyvnx9976.weebly.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 46052
Server: nginx
Content-Type: font/woff
Last-Modified: Wed, 22 Nov 2023 22:52:01 GMT
ETag: "655e8611-b3e4"
Expires: Tue, 12 Dec 2023 14:32:40 GMT
Cache-Control: max-age=1209600
X-Host: blu33.sf2p.intern.weebly.net
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Thu, 30 Nov 2023 01:47:42 GMT
Age: 126902
X-Served-By: cache-sjc1000121-SJC, cache-bma1645-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 87, 4
X-Timer: S1701308862.444638,VS0,VE0
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

68768zyvnx9976.weebly.com/gdpr/gdprscript.js?buildTime=1701293230

199.34.228.53

404 Not Found

3.9 kB

URL GET HTTP/1.1
68768zyvnx9976.weebly.com/gdpr/gdprscript.js?buildTime=1701293230
IP
199.34.228.53:80
ASN
#27647 WEEBLY

Requested by
http://68768zyvnx9976.weebly.com/

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4384), with no line terminators
Size
3.9 kB (3909 bytes)
Hash
65cd677ae79d09d457fda34855993aa8
be6781856f01ed1bd60cdb917c40f4c14b6556c5
603f8af298b7bd1a9b462ba7e7f7c773ab2ddd5d74cc7aaf113bd8d4100921e5

HTTP Headers

GET /gdpr/gdprscript.js?buildTime=1701293230 HTTP/1.1
Host: 68768zyvnx9976.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://68768zyvnx9976.weebly.com/
Cookie: is_mobile=0; language=en
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Thu, 30 Nov 2023 01:47:42 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
Set-Cookie: language=en; expires=Thu, 14-Dec-2023 01:47:42 GMT; Max-Age=1209600; path=/
Cache-Control: private
X-Host: blu64.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 3909
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (8)

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

HTTP Headers