Report - shaw-107692.weeblysite.com/

Report Overview

Visited public
2024-09-05 05:48:02
Tags
URL
shaw-107692.weeblysite.com/
Finishing URL
shaw-107692.weeblysite.com/
IP / ASN
74.115.51.55
#27647 WEEBLY
Title
404 - Page Not Found

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-09-04 18:12:06	1.3 kB	3.5 kB	23.36.77.32
shaw-107692.weeblysite.com	unknown	unknown	No data	No data	1.7 kB	14 kB	74.115.51.54
r11.o.lencr.org	unknown	2020-06-29	2024-06-07 07:43:57	2024-09-04 18:12:09	654 B	1.8 kB	23.36.77.32

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-08-14	medium	shaw-107692.weeblysite.com/	Shaw Communications
2024-08-14	medium	shaw-107692.weeblysite.com/	Shaw Communications
2024-08-14	medium	shaw-107692.weeblysite.com/	Shaw Communications

PhishTank

Scan Date	Severity	Indicator	Alert
2024-07-14	medium	shaw-107692.weeblysite.com/	Other
2024-07-14	medium	shaw-107692.weeblysite.com/favicon.ico	Other
2024-07-14	medium	shaw-107692.weeblysite.com/	Other

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (9)

URL IP Response Size

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
8d2e6150f7d0845dc26f5bd5cd6f28dd
6aad5091620585a5f76065c1888456ee70b88257
ed538ea400323f4c987f91c0b0afc79a8526b62f7aa317dd62bd107cb37850a2

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "ED538EA400323F4C987F91C0B0AFC79A8526B62F7AA317DD62BD107CB37850A2"
Last-Modified: Tue, 03 Sep 2024 09:19:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3686
Expires: Thu, 05 Sep 2024 06:49:03 GMT
Date: Thu, 05 Sep 2024 05:47:37 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
60ab18bb1e8dadb29ada046753dbc185
3d30d0b2ba9061fbd90500510f6f514476a1413f
50ed93ddadd4c6c89fbf4bfa5bc29814434ab19ed98c11f4b558b68b570d49f2

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "50ED93DDADD4C6C89FBF4BFA5BC29814434AB19ED98C11F4B558B68B570D49F2"
Last-Modified: Thu, 05 Sep 2024 00:20:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17183
Expires: Thu, 05 Sep 2024 10:34:00 GMT
Date: Thu, 05 Sep 2024 05:47:37 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
1f0091b166a0138433eabf08a4530e4a
769d1eeaefb4987198c821ea98e06ea8ba0de215
2eff28e3e6829bf2cfcbc417fd76313d5b5e8ba8a3f0f0de6a5b5cdc2888e7e5

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "2EFF28E3E6829BF2CFCBC417FD76313D5B5E8BA8A3F0F0DE6A5B5CDC2888E7E5"
Last-Modified: Mon, 02 Sep 2024 14:34:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6771
Expires: Thu, 05 Sep 2024 07:40:28 GMT
Date: Thu, 05 Sep 2024 05:47:37 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
cabaaa7c3e6a621cc5836be05eee4924
c4bc6288aed0597ff7ae2dbc5aea340b6c9636b8
2b2a41201a3881bd029ab7161be291b23128d5952e5959092607b98c951fa18c

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "2B2A41201A3881BD029AB7161BE291B23128D5952E5959092607B98C951FA18C"
Last-Modified: Mon, 02 Sep 2024 14:33:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8605
Expires: Thu, 05 Sep 2024 08:11:02 GMT
Date: Thu, 05 Sep 2024 05:47:37 GMT
Connection: keep-alive

shaw-107692.weeblysite.com/

74.115.51.54

301 Moved Permanently

167 B

URL User Request GET HTTP/1.1
shaw-107692.weeblysite.com/
IP
74.115.51.54:80
ASN
#27647 WEEBLY

File type
HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
0104c301c5e02bd6148b8703d19b3a73
7436e0b4b1f8c222c38069890b75fa2baf9ca620
446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Shaw Communications
PhishTank	phishing	Other

HTTP Headers

GET / HTTP/1.1
Host: shaw-107692.weeblysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Thu, 05 Sep 2024 05:47:38 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 05 Sep 2024 06:47:38 GMT
Location: https://shaw-107692.weeblysite.com/
Set-Cookie: __cf_bm=bGaQKEF5bI9Bw6o4Zny.nvXYXgX0Yzr7s2gLTycrEHE-1725515258-1.0.1.1-Gn9zdvW8w5Xqa55bFEyzYXmf8ulWzIr8IPgXppFII0VllzbfhnyYju9UyczpZIFnfVRkN8D9YdazI7A3NaSiwA; path=/; expires=Thu, 05-Sep-24 06:17:38 GMT; domain=.weeblysite.com; HttpOnly
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8be3ecfd6fbcbe35-CPH

r11.o.lencr.org/

23.36.77.32

504 B

URL
r11.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
c96a4972e341191f93e963880196f8e1
8318aa6dcbdababe8728023ec9ef3aaac10917a9
dd8f73d55d492ad4e3fc3915c05ecfc6883f124c050dded51f4e43292e6b8c2a

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "DD8F73D55D492AD4E3FC3915C05ECFC6883F124C050DDED51F4E43292E6B8C2A"
Last-Modified: Mon, 02 Sep 2024 14:38:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2574
Expires: Thu, 05 Sep 2024 06:30:33 GMT
Date: Thu, 05 Sep 2024 05:47:39 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.77.32

504 B

URL
r11.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
c96a4972e341191f93e963880196f8e1
8318aa6dcbdababe8728023ec9ef3aaac10917a9
dd8f73d55d492ad4e3fc3915c05ecfc6883f124c050dded51f4e43292e6b8c2a

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "DD8F73D55D492AD4E3FC3915C05ECFC6883F124C050DDED51F4E43292E6B8C2A"
Last-Modified: Mon, 02 Sep 2024 14:38:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2574
Expires: Thu, 05 Sep 2024 06:30:33 GMT
Date: Thu, 05 Sep 2024 05:47:39 GMT
Connection: keep-alive

shaw-107692.weeblysite.com/favicon.ico

74.115.51.54

200 OK

1 B

URL GET HTTP/2
shaw-107692.weeblysite.com/favicon.ico
IP
74.115.51.54:443
ASN
#27647 WEEBLY

Requested by
https://shaw-107692.weeblysite.com/
Certificate
IssuerGoogle Trust Services
Subjectweeblysite.com
Fingerprint71:8B:F0:DD:30:B9:6B:17:65:D9:4B:90:C6:27:79:5E:EE:3B:44:13
ValidityWed, 28 Aug 2024 00:11:44 GMT - Tue, 26 Nov 2024 00:51:45 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Shaw Communications
PhishTank	phishing	Other

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: shaw-107692.weeblysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://shaw-107692.weeblysite.com/
Cookie: __cf_bm=zxyGf4FbwIPqdNhR2SW8xeKaDXN5pA.jegu5gyo0y1o-1725515258-1.0.1.1-dFLBsO9POlformVDKCUmCYeVo3DOWQIJMeJRaR7utFZe_GLayc24pUFD1b2wlPRGASlFqj2Dozt..d2JCBqaXw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 05 Sep 2024 05:47:39 GMT
content-type: application/octet-stream
content-length: 1
cf-ray: 8be3ed031c2392e0-CPH
cf-cache-status: DYNAMIC
accept-ranges: bytes
cache-control: max-age=315360000
etag: "93b885adfe0da089cdf634904fd59f71"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 19 Apr 2024 14:14:31 GMT
x-amz-id-2: ImAR51mOXXE5Ga3a840bWCOyEeDXZndU+uDx5uoDlvAJIxj+InnkvakRiNhGmDsWIuvW0yUJ+vE=
x-amz-meta-btime: 2020-04-14T20:17:36.335Z
x-amz-meta-mtime: 1586895456.335
x-amz-meta-s3cmd-attrs: atime:1586895392/ctime:1586718963/gid:0/gname:root/md5:93b885adfe0da089cdf634904fd59f71/mode:33188/mtime:1586718963/uid:0/uname:root
x-amz-replication-status: COMPLETED
x-amz-request-id: XERB7EDZKW7FTRRK
x-amz-server-side-encryption: AES256
x-amz-version-id: LIuOJbwgSQemh6x.q7c7_xVGy0VqgnYt
x-host: grn73.sf2p.intern.weebly.net
x-request-id: 749372fe95b9754d6390f1a04958289a
x-revision: 3b25982caea876fbad9d110e83f5ec516f7d1b3a
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2

shaw-107692.weeblysite.com/

74.115.51.54

301 Moved Permanently

11 kB

URL User Request GET HTTP/1.1
shaw-107692.weeblysite.com/
IP
74.115.51.54:80
ASN
#27647 WEEBLY

File type
gzip compressed data, from Unix
Size
11 kB (11426 bytes)
Hash
79d8cd142a807ef3b1f8f8b760148252
4ac7c836758a6bf141f562b1cb97d21a1c6bb20a
2e48b03b3017f62d952be112d2aee637c52df8f5922b23c04886475acfbfe869

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Shaw Communications
PhishTank	phishing	Other

HTTP Headers

GET / HTTP/1.1
Host: shaw-107692.weeblysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=zxyGf4FbwIPqdNhR2SW8xeKaDXN5pA.jegu5gyo0y1o-1725515258-1.0.1.1-dFLBsO9POlformVDKCUmCYeVo3DOWQIJMeJRaR7utFZe_GLayc24pUFD1b2wlPRGASlFqj2Dozt..d2JCBqaXw
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Thu, 05 Sep 2024 05:47:39 GMT
content-type: text/html; charset=UTF-8
cf-ray: 8be3ecfdbfcc92e0-CPH
cf-cache-status: DYNAMIC
cache-control: no-cache, private
vary: Accept-Encoding
x-host: blu99.sf2p.intern.weebly.net
x-request-id: 34bc6434e9f78848d7b49c42bb2ccf02
x-revision: 3b25982caea876fbad9d110e83f5ec516f7d1b3a
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (9)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash