{"report_id":"141fa534-6904-4232-be59-ea7bd68afe36","version":6,"status":"done","tags":[],"date":"2026-04-01T00:20:21Z","url":{"schema":"http","addr":"att.yorkss.com","fqdn":"att.yorkss.com","domain":"yorkss.com","tld":"com"},"ip":{"addr":"216.58.201.243","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"att.yorkss.com/","fqdn":"att.yorkss.com","domain":"yorkss.com","tld":"com"},"title":"AT\u0026T Plan Optimizer","dom":{"size":689,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"002fe66107b882b17ce77e07e1f619f8","sha1":"bc780e2283ce2550d312c26fe1c9e0918941bfe1","sha256":"fa4d249b2736fd3c62b6009c4f82c051544441cc49fe59f241d9959da937124d","sha512":"d6baeedd9c495dc306dab0a87c36405865e49e3645d4601514d3189a797a5f109f4e9c04873398c98833cc5d26f11c639ef628ebe6456a22e12f85471cbeb446","ssdeep":"","tlshash":"1a01dda984f19901150261d89dc371644f80a80713461d0575ecc7f5efd0f5283cb2ee","dom_hash":"domhash6b7de9c769f747245cac0530e9302b80","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"att.yorkss.com","fqdn":"att.yorkss.com","domain":"yorkss.com","tld":"com"},"ip":{"addr":"216.58.201.243","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-06T00:20:21Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"att.yorkss.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"att.yorkss.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"att.yorkss.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null},"summary":[{"fqdn":"att.yorkss.com","ip":{"addr":"142.251.143.147","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2009-07-29","domain_rank":0,"first_seen":"2026-04-01T00:20:21.457669Z","last_seen":"2026-04-01T00:20:21.45767Z","alert_count":9,"request_count":3,"received_data":5800,"sent_data":1352,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"att.yorkss.com/","fqdn":"att.yorkss.com","domain":"yorkss.com","tld":"com"},"ip":{"addr":"142.251.143.147","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-01T00:20:00.160Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"att.yorkss.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 11:24:07 GMT","end":"Sun, 28 Jun 2026 12:12:58 GMT"},"fingerprint":{"sha1":"98:FC:5A:69:0A:F6:09:C3:F0:75:A0:C4:D5:F6:19:1C:A9:10:F1:8A","sha256":"10:02:F1:9E:90:C4:79:7A:6E:29:AF:C8:45:33:CD:2B:E7:EC:39:24:3C:AE:9F:28:3F:1C:9F:EC:F0:85:A5:7E"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: att.yorkss.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html; charset=utf-8\r\nx-cloud-trace-context: 29e0c2d4f99ecbaf7cde6f09a8f38d40\r\ndate: Wed, 01 Apr 2026 00:20:00 GMT\r\nserver: Google Frontend\r\ncontent-length: 701\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":701,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"3a0b82dc13036a42398becb7a4c4ffe5","sha1":"8f7212057e385ffdfef5736345d95e598d4e326b","sha256":"bc5f06bd2fb9a76f1a46418a210a34eff0d74e0d76dba2cd83da3eef81c03528","sha512":"64ccd40de356c83800f91d1506823a052a50f07e57681e3169bce4a86a0ce2d1b52d3bbf11b06042f296f8eb4d0dfa9bd4a41bef1c9c5e9f732ccbb3db3906e7","ssdeep":"","tlshash":"dd01496584e1da40110151e8aac262288f80e947034a1d0975ec96f9efd4f5587ef6d9","first_seen":"2026-04-01T00:20:25.561067Z","last_seen":"2026-04-01T04:46:33.859122Z","times_seen":2,"resource_available":true,"data":null}},"time_used":924,"timings":{"blocked":388,"dns":156,"connect":8,"send":0,"wait":148,"receive":0,"ssl":220},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"att.yorkss.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"att.yorkss.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"att.yorkss.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"att.yorkss.com/static/styles.css","fqdn":"att.yorkss.com","domain":"yorkss.com","tld":"com"},"ip":{"addr":"142.251.143.147","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://att.yorkss.com/","date":"2026-04-01T00:20:00.884Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"att.yorkss.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 11:24:07 GMT","end":"Sun, 28 Jun 2026 12:12:58 GMT"},"fingerprint":{"sha1":"98:FC:5A:69:0A:F6:09:C3:F0:75:A0:C4:D5:F6:19:1C:A9:10:F1:8A","sha256":"10:02:F1:9E:90:C4:79:7A:6E:29:AF:C8:45:33:CD:2B:E7:EC:39:24:3C:AE:9F:28:3F:1C:9F:EC:F0:85:A5:7E"}}},"request":{"raw":"GET /static/styles.css HTTP/1.1\r\nHost: att.yorkss.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://att.yorkss.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-disposition: inline; filename=styles.css\r\ncontent-type: text/css; charset=utf-8\r\nlast-modified: Wed, 04 Feb 2026 09:45:44 GMT\r\ncache-control: no-cache\r\netag: \"1770198344.0-4075-3272416017\"\r\nx-cloud-trace-context: c66be488e3bc4d387cde6f09a8f38076\r\ndate: Wed, 01 Apr 2026 00:20:00 GMT\r\nserver: Google Frontend\r\ncontent-length: 4075\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]}],"data":{"size":4075,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"1d2d502a36bf2351c9d33fec4e51be2b","sha1":"4e595f61928a94e287adf5b40515261eb37a42be","sha256":"1053bc91f908896c91109091702d902c846e7af7473cf53ac0929e9e197fcf67","sha512":"358dce5d84ef7b4c768aa4d8c48fabc402dea88da03ab30b39bb6d3b54641a29ca70b510bc668076f131334299f88bac404eb304f5d04cbbe82b06829f9888bf","ssdeep":"","tlshash":"0e81418a5ba80504ba1fe5a4b853cb87b31c5093c40eda7c6ff4202caf8d5d89472f5d","first_seen":"2026-04-01T00:20:25.563616Z","last_seen":"2026-04-01T04:46:33.861475Z","times_seen":2,"resource_available":false,"data":null}},"time_used":152,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":151,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"att.yorkss.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"att.yorkss.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"att.yorkss.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"att.yorkss.com/favicon.ico","fqdn":"att.yorkss.com","domain":"yorkss.com","tld":"com"},"ip":{"addr":"142.251.143.147","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://att.yorkss.com/","date":"2026-04-01T00:20:00.981Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"att.yorkss.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 11:24:07 GMT","end":"Sun, 28 Jun 2026 12:12:58 GMT"},"fingerprint":{"sha1":"98:FC:5A:69:0A:F6:09:C3:F0:75:A0:C4:D5:F6:19:1C:A9:10:F1:8A","sha256":"10:02:F1:9E:90:C4:79:7A:6E:29:AF:C8:45:33:CD:2B:E7:EC:39:24:3C:AE:9F:28:3F:1C:9F:EC:F0:85:A5:7E"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: att.yorkss.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://att.yorkss.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncontent-type: text/html; charset=utf-8\r\nx-cloud-trace-context: 0d4907a357f6595e7cde6f09a8f38762\r\ndate: Wed, 01 Apr 2026 00:20:01 GMT\r\nserver: Google Frontend\r\ncontent-length: 207\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":207,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"e46c4e5e1fbc64b1bae9ebd9bcef7fcf","sha1":"d767b3cb0ad66544c649e4165fc4b37e3c17e370","sha256":"e9639e3c4681ce85f852fbac48e2eeee5ba51296dbfec57c200d59b76237ab80","sha512":"d82048fdcff225197a7e9f0b7f22d470518420a4b10ea3327d604804d04d0d97efadafc84a0aaa23650146f59d94373438dc18bb822e26fd60283c384940ddb9","ssdeep":"","tlshash":"dad0224ed30a032b0a20071035c11beb998f1322757612398f42583e6185b2d81e23c8","first_seen":"2023-04-05T03:09:50Z","last_seen":"2026-04-30T05:08:47.214439Z","times_seen":14910,"resource_available":true,"data":null}},"time_used":146,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":146,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"att.yorkss.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"att.yorkss.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"att.yorkss.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}}]}