302 Found 620 B URL User Request GET HTTP/2 IP
Certificate IssuerGoogle Trust Services LLC
Subjectshorturl.at
Fingerprint61:4A:21:D7:26:F9:4D:8D:15:1B:81:8E:91:CE:0E:3A:25:ED:79:07
ValidityThu, 20 Apr 2023 00:59:49 GMT - Wed, 19 Jul 2023 00:59:48 GMT
File type gzip compressed data, max speed, from Unix\012- data
Hash 609283f0abd216f052c6b32877678dfb
990ea8c9bac587ffc680dfdcaf54706c0ee3288b
2c02a57d702cb0cf240374bb61b7724b408b998b9cd9825bc0e55f74f27cc10d
GET /biADS HTTP/1.1
Host: www.shorturl.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Wed, 31 May 2023 11:54:03 GMT
content-type: text/html; charset=UTF-8
location: https://att-106900.weeblysite.com
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gpzbQkkmhF8m1R3nctDm1d%2B7frKhSYSeOfQIaAC3rSpfyBfQT8qXZX1OoM%2Ff1SnHvG4m1xdVRO5v39QCQoP24ILjYpFbOMeakBPo75cUk0Lo2Hi5YZj5hGCt9vc4WOfw6CA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cff0516be60b529-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
att-106900.weeblysite.com/
302 Found 378 B URL User Request GET HTTP/1.1 att-106900.weeblysite.com/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 017c5837600531bdc942cea31374cd82
321f0fb2ce95f1db832c33735cb61c355c4a3d94
d2d1ec031a634483aeb4ff52e015784f642cdbba554009412232ddc5365c3303
Analyzer Verdict Alert openphish AT&T Inc.
phishtank Other
GET / HTTP/1.1
Host: att-106900.weeblysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: publishedsite-xsrf=eyJpdiI6ImFGWWJqd05pZFgrbHp5YXdQV0Q2ZEE9PSIsInZhbHVlIjoiTDFNclNQcHRkL3pJM2s1bmZ1blByQ2RiZDllU25CV1A1ZnRpclFQbHppSmxTU3JDdysrdVNYaU0ybVRCQ1VVTEQvbHZhQkJFVDQ3YWJjRzJobzd2NCtyTDlHRnNEcFFuNzRzUHZ2T1VwUWF4Zkh0QlcwZGRyVnZjR25PRXUvQkYiLCJtYWMiOiI5MjRiZGJkMWUyMzc4MDIzNDlhN2ZkNTNhOGNiZmYwNjczZTA0MTA2ODViNjJlMTI3YzVkMzNkZDdjODdkZjQ2IiwidGFnIjoiIn0%3D; XSRF-TOKEN=eyJpdiI6ImljWTRWWEMrZTBlbHoyVFRHWmdvVkE9PSIsInZhbHVlIjoiNU03ckh5bmt4QUJnSTZmV00wZHJVamEvcUtGZ2tWWXNCdWNwT1BWOER1bUhONnNMYWpGQi80NnBFbXhHSGpCTE51UjlkUVY4RjZGTyt3UU95RERiQ3VTTEF2ZUk0YjJSSU1jVzFaQStFZmFzNStpdXlpMWZkUXB6TlhlZkx0UmYiLCJtYWMiOiI3ZTFhY2QxYWZkMDY1N2VjMThjMjRjZDI3N2JkZmJjNzRkNzFmZWU4ZWZlM2E1ZWRmNGJmODI2ZjA5ZTYyODVhIiwidGFnIjoiIn0%3D; PublishedSiteSession=eyJpdiI6ImZ3aE9HT0xUWlpiVkxLK3puVWVhU2c9PSIsInZhbHVlIjoidkdTZVo0WUs1TmVtVWdTdTdzQ3NaZGpTM0l5YXZVb1N0QzRLcFllNnVPMDYvbUtxTXR2ekRCdUVHU1VrclM4UVRWYWZ0Y3ZRRGRxVENLT0ZUV08vYTRTSHp4dEtMUXdzTFhxMVZBQWRWM0diWVkxTkk2YmRNc2NNOG9KVEpvTjUiLCJtYWMiOiJjNjQ0MGM4ZjYwMWQyZTIzMzFhZTkyNmMyMzcxMTU2MzM3ZDMxNzEyNmNmNDMzNDRhMDk0YjljNTAxMzA1NTg0IiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, private
Date: Wed, 31 May 2023 11:54:04 GMT
Location: https://att-106900.weeblysite.com
Set-Cookie: publishedsite-xsrf=eyJpdiI6IkxKcVk1UVdwMWRwTHNrSHhsTkdaK0E9PSIsInZhbHVlIjoidFllZ3Mvbm5sd0o3bkQvcGtoSGYza1UyOUxqNFdwbXdDaVAzR0c0a2lVVG1JVE5BSDNSWDUzbmNNT3ZlN1JwU2pkcGR2Y0FLYVFoc1l2RUFUaXhCOWRBTENLZzYzajRrVHlPa1FRQURpSGJQQitIb3ErVWhnZWZLVkJWVVd5OFQiLCJtYWMiOiIxN2Q5ZDY3ZDE4Njk1OWExODE1MDEzNzkyMTUzZDUyNTZkODc2NzAyMTU0Y2QzYTQ2NGJhZmVlNjU4MzFjYzlhIiwidGFnIjoiIn0%3D; expires=Wed, 14-Jun-2023 11:54:04 GMT; Max-Age=1209600; path=/; samesite=lax
XSRF-TOKEN=eyJpdiI6InVRVXhud2tZNnBZeHlaenY2M3lGR3c9PSIsInZhbHVlIjoiencwUG5pRlVrUXNDUUJJYUlVLzh1UzRGcDlFV2o0OE1YWGxkdThadkt0NnVBYnA4U1ZaMmZMNVA0QytLTkVFSEhXclVGa1EzT0FHdkRUOGpDV2lKakpSWXBkcU5Mb0UrdnpzV3U1MUc2MThrZlVQNGJ3blIzTHp3N1pQcm5JZysiLCJtYWMiOiI2YWNhNWMzMzM0ZTAzN2I0NzBmZjA4YzU2NTQ0Nzc3YmM5MWNlNDdhOWZhYjNkM2Y3MmU3MDVlYzZjNjEzMTFjIiwidGFnIjoiIn0%3D; expires=Wed, 14-Jun-2023 11:54:04 GMT; Max-Age=1209600; path=/; samesite=lax
PublishedSiteSession=eyJpdiI6IlFOZEh4Y3ZLWGlpbWlSQmgzWkdQcmc9PSIsInZhbHVlIjoieTdGdDRSeDZXc1hwQko0L2RBeVcxK1dzVkQyWHRma0djTUxjVlNzUFh1K1ErYXlFeDdGOThDMnNMMzkzT1N3WitkUGFIaThpMW4vc1ZmdW1aVFRZVEhQRHFIazBtblVSb0FEZTFveVlUOC9rVlJTVVdobjZJUFZlc1FJZWd3a0siLCJtYWMiOiJhMDljYTRjZDg2Yjg2Yzk1MzZlZTk2MDkyYjliNmYyMDcwODEwNjc4NjcwNTkzNWRkYzY4M2E2ZTFjZjFjYTg4IiwidGFnIjoiIn0%3D; expires=Wed, 14-Jun-2023 11:54:04 GMT; Max-Age=1209600; path=/; httponly; samesite=lax
X-Host: blu144.sf2p.intern.weebly.net
X-Revision: 8c4d74a243e322c634911b9f36b7882f0f64d5eb
X-Request-ID: 0976221c5a0a808a7b7c41fb4465a903
att-106900.weeblysite.com/
302 Found 620 B URL User Request GET HTTP/1.1 att-106900.weeblysite.com/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 4ab3afbd307181710d091b0e0b85659d
3319797ce01dc575306a3a715ec73e194ccdf5f5
d3b3704e8166def9d7cfa04fb25502d0844a792904b96b2551b58ef106cd65a2
Analyzer Verdict Alert openphish AT&T Inc.
phishtank Other
GET / HTTP/1.1
Host: att-106900.weeblysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: publishedsite-xsrf=eyJpdiI6IkxKcVk1UVdwMWRwTHNrSHhsTkdaK0E9PSIsInZhbHVlIjoidFllZ3Mvbm5sd0o3bkQvcGtoSGYza1UyOUxqNFdwbXdDaVAzR0c0a2lVVG1JVE5BSDNSWDUzbmNNT3ZlN1JwU2pkcGR2Y0FLYVFoc1l2RUFUaXhCOWRBTENLZzYzajRrVHlPa1FRQURpSGJQQitIb3ErVWhnZWZLVkJWVVd5OFQiLCJtYWMiOiIxN2Q5ZDY3ZDE4Njk1OWExODE1MDEzNzkyMTUzZDUyNTZkODc2NzAyMTU0Y2QzYTQ2NGJhZmVlNjU4MzFjYzlhIiwidGFnIjoiIn0%3D; XSRF-TOKEN=eyJpdiI6InVRVXhud2tZNnBZeHlaenY2M3lGR3c9PSIsInZhbHVlIjoiencwUG5pRlVrUXNDUUJJYUlVLzh1UzRGcDlFV2o0OE1YWGxkdThadkt0NnVBYnA4U1ZaMmZMNVA0QytLTkVFSEhXclVGa1EzT0FHdkRUOGpDV2lKakpSWXBkcU5Mb0UrdnpzV3U1MUc2MThrZlVQNGJ3blIzTHp3N1pQcm5JZysiLCJtYWMiOiI2YWNhNWMzMzM0ZTAzN2I0NzBmZjA4YzU2NTQ0Nzc3YmM5MWNlNDdhOWZhYjNkM2Y3MmU3MDVlYzZjNjEzMTFjIiwidGFnIjoiIn0%3D; PublishedSiteSession=eyJpdiI6IlFOZEh4Y3ZLWGlpbWlSQmgzWkdQcmc9PSIsInZhbHVlIjoieTdGdDRSeDZXc1hwQko0L2RBeVcxK1dzVkQyWHRma0djTUxjVlNzUFh1K1ErYXlFeDdGOThDMnNMMzkzT1N3WitkUGFIaThpMW4vc1ZmdW1aVFRZVEhQRHFIazBtblVSb0FEZTFveVlUOC9rVlJTVVdobjZJUFZlc1FJZWd3a0siLCJtYWMiOiJhMDljYTRjZDg2Yjg2Yzk1MzZlZTk2MDkyYjliNmYyMDcwODEwNjc4NjcwNTkzNWRkYzY4M2E2ZTFjZjFjYTg4IiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Wed, 31 May 2023 11:54:04 GMT
Set-Cookie: publishedsite-xsrf=eyJpdiI6IndyTkdOOWRJckFPbVhXcmxGWWNnNnc9PSIsInZhbHVlIjoiTWd4SXY2VGlQY1ZlK1E4OGhqamVRcFY4WVVYUkFjbExBdmZreHFNUFdxS29UT1hEcUZzdGpCeTV0a3gvZkh5RHJ5akFlZDFNbUQrT2hmellkZ0RjWXNwMFdLRXlYVlR6aWdGS1VaL0FnQklBZnQrQy9wVGZweHhadklPYTZZL1oiLCJtYWMiOiI5ZjJmZTU4MmEwZTgxNTA5ODQ4MDdkYWI2NDQ1NTIzODVlOTA3OGQ0MmZmMjM0MDU5YTBiZGIwMWIyOTNiNTExIiwidGFnIjoiIn0%3D; expires=Wed, 14-Jun-2023 11:54:04 GMT; Max-Age=1209600; path=/; samesite=lax
XSRF-TOKEN=eyJpdiI6InA0Q2x3elZUMGJ6eDhoZFFoQ21sQlE9PSIsInZhbHVlIjoiYXMvVmF1a0R5dDhDS09pRVhFUFYrSlV1QktFYytDWDNIaWRoZ05iSFhJSFRNcUtteDBjU3RrMk9KR245WnZaUW5vbkFuT3F0WU1YLzV0R2FTMWhWQ2Y2VGJxVVBENHNXUTBGc2liR3pmSEwvdzhGcFhhaTE1LzNPL2xnOCtmM3QiLCJtYWMiOiJiNDg0MGM0MWRhY2EyYmFlNTdhODA2NjViM2I5ZDdkZTIwYjI0NDgyOTNlNzU3MTllNDI5ZDBiMDAzOTlhYTE2IiwidGFnIjoiIn0%3D; expires=Wed, 14-Jun-2023 11:54:04 GMT; Max-Age=1209600; path=/; samesite=lax
PublishedSiteSession=eyJpdiI6IlVDM1BZNE8zaGRSb2FZZ1NSWHQreEE9PSIsInZhbHVlIjoiWXVjVi9rNGt3S3JJeCtWMGw5dE9mRmxVeFpKM0RKQURVamdJbkpRcGsrOURuL1lvYWNlRjZtNHRmbHBKUFRxSGVoZDlHZ1lpek5WUnlQbFIxRUtvTEpHRWZhdnpSc05KTlBNRGlCeVY0RHFpYnBUOFBYbXVCSTZMTGZ1L09mQjgiLCJtYWMiOiJjMWFiZDIyNTBhNjY0MmU1YTU0ZTZiMTE1Nzk5NGNiMTI3ZDcyOTA2ZjVhNzYyOWM4NmFlNDM0MTgwNDRiMTkzIiwidGFnIjoiIn0%3D; expires=Wed, 14-Jun-2023 11:54:04 GMT; Max-Age=1209600; path=/; httponly; samesite=lax
X-Host: grn61.sf2p.intern.weebly.net
X-Revision: 8c4d74a243e322c634911b9f36b7882f0f64d5eb
X-Request-ID: f811a5c23a8ca6b2ba1a6a5381385628
Content-Encoding: gzip
att-106900.weeblysite.com/favicon.ico
200 OK 1 B URL GET HTTP/1.1 att-106900.weeblysite.com/favicon.ico
IP
Requested by https://att-106900.weeblysite.com/
Certificate IssuerDigiCert Inc
Subject*.weebly.com
FingerprintEC:EB:B0:E9:41:98:A4:F2:3D:FD:73:D6:9C:73:6B:17:5E:50:3E:C6
ValidityWed, 09 Nov 2022 00:00:00 GMT - Fri, 10 Nov 2023 23:59:59 GMT
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert openphish AT&T Inc.
phishtank Other
GET /favicon.ico HTTP/1.1
Host: att-106900.weeblysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://att-106900.weeblysite.com/
Cookie: publishedsite-xsrf=eyJpdiI6IndyTkdOOWRJckFPbVhXcmxGWWNnNnc9PSIsInZhbHVlIjoiTWd4SXY2VGlQY1ZlK1E4OGhqamVRcFY4WVVYUkFjbExBdmZreHFNUFdxS29UT1hEcUZzdGpCeTV0a3gvZkh5RHJ5akFlZDFNbUQrT2hmellkZ0RjWXNwMFdLRXlYVlR6aWdGS1VaL0FnQklBZnQrQy9wVGZweHhadklPYTZZL1oiLCJtYWMiOiI5ZjJmZTU4MmEwZTgxNTA5ODQ4MDdkYWI2NDQ1NTIzODVlOTA3OGQ0MmZmMjM0MDU5YTBiZGIwMWIyOTNiNTExIiwidGFnIjoiIn0%3D; XSRF-TOKEN=eyJpdiI6InA0Q2x3elZUMGJ6eDhoZFFoQ21sQlE9PSIsInZhbHVlIjoiYXMvVmF1a0R5dDhDS09pRVhFUFYrSlV1QktFYytDWDNIaWRoZ05iSFhJSFRNcUtteDBjU3RrMk9KR245WnZaUW5vbkFuT3F0WU1YLzV0R2FTMWhWQ2Y2VGJxVVBENHNXUTBGc2liR3pmSEwvdzhGcFhhaTE1LzNPL2xnOCtmM3QiLCJtYWMiOiJiNDg0MGM0MWRhY2EyYmFlNTdhODA2NjViM2I5ZDdkZTIwYjI0NDgyOTNlNzU3MTllNDI5ZDBiMDAzOTlhYTE2IiwidGFnIjoiIn0%3D; PublishedSiteSession=eyJpdiI6IlVDM1BZNE8zaGRSb2FZZ1NSWHQreEE9PSIsInZhbHVlIjoiWXVjVi9rNGt3S3JJeCtWMGw5dE9mRmxVeFpKM0RKQURVamdJbkpRcGsrOURuL1lvYWNlRjZtNHRmbHBKUFRxSGVoZDlHZ1lpek5WUnlQbFIxRUtvTEpHRWZhdnpSc05KTlBNRGlCeVY0RHFpYnBUOFBYbXVCSTZMTGZ1L09mQjgiLCJtYWMiOiJjMWFiZDIyNTBhNjY0MmU1YTU0ZTZiMTE1Nzk5NGNiMTI3ZDcyOTA2ZjVhNzYyOWM4NmFlNDM0MTgwNDRiMTkzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 31 May 2023 11:54:04 GMT
Content-Type: application/octet-stream
Content-Length: 1
Connection: keep-alive
Last-Modified: Tue, 14 Apr 2020 20:17:36 GMT
x-rgw-object-type: Normal
ETag: "93b885adfe0da089cdf634904fd59f71"
x-amz-meta-s3cmd-attrs: atime:1586895392/ctime:1586718963/gid:0/gname:root/md5:93b885adfe0da089cdf634904fd59f71/mode:33188/mtime:1586718963/uid:0/uname:root
x-amz-request-id: tx000000000000001aa7166-00628473fa-b9fbc7f-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: grn147.sf2p.intern.weebly.net
X-Revision: 8c4d74a243e322c634911b9f36b7882f0f64d5eb
X-Request-ID: 24ac87c7ba9805cab6541a6b4d77bfc8
301 Moved Permanently 1.6 kB URL User Request GET HTTP/2 IP
Certificate IssuerGoogle Trust Services LLC
Subjectshorturl.at
Fingerprint00:99:67:07:C3:D5:92:11:D1:76:EE:F2:96:23:06:A3:7C:2A:5F:AF
ValidityThu, 06 Apr 2023 05:47:01 GMT - Wed, 05 Jul 2023 05:47:00 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish AT&T Inc.
phishtank Other
GET /biADS HTTP/1.1
Host: shorturl.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Wed, 31 May 2023 11:54:02 GMT
content-type: text/html; charset=iso-8859-1
location: https://www.shorturl.at/biADS
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w4T0MR2bTJEKc6QAJdCT6lCoUopZS8hXh0Lgt%2FO01FyHenfA8LwcXNJBKtqj1Pn5FwU8EvMOQQqg8harqJKMBIXtut5BC7KDkfMs72zES8qkRgyNFFEx%2Bivg%2FSmDLg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cff0514cf33067b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
104.21.95.58
188.114.96.1
199.34.228.96