Report - www.attemplate.com/eur/7bc03988-1063-4a03-b76c-030695984be0/c99b8d47-af86-4c63-b704-0589e91b73cb/eb3d56e3-70a9-410e-ab7b-67da7f266672/login?id=b25Ld2txMmdiaHVicTFRaFRaWkRUaVA3bVpiNG9lN2xNTEw4c1dXTnM1T2MzM0cramVjbzY3a0VMMU52dVUvd0JEZGsva3VlaURPRUNSS2pkUlBzSnNjWXQxQXU4L3Z3OTdYWDJFOVVjK0xjQXlWMXk5ckJSM2xuWU1abnFOWHZnWmJ0ZEtaWC9NdGoxRG1vVzRBUGNiVTF0MHdDcy9ETlh2dTViN3RSd08xeVF0dUxsMnBPNFAyMHM3UGpDSU9ZUnVRWkVEc1BCY2dhR1RSWDZCeG5jamxRRXNXbzZ5RDBSZ01YN09Cb1d4dWVmTTZtd0FIdkVZaGdmV1p2TEdyZEJpRll3NFlscVdQZFJqeFY3QVhTNlJMVUZ0MWJZRzd0UVFraXN6endIY3p5RVVSenV0MUdqd1ZlR1FMZmN1WDQvTGFmN053N1JuYlhWMjB4Q0gzWGxabGNZMW5RaEp6a3RHaEJiM0M0ZE5malFORE1uTlljOXczSElpUHpTQTV5c213eWVuVVMybDNzQm9zRGN2bDdLQT09

Report Overview

Submitted URL
www.attemplate.com/eur/7bc03988-1063-4a03-b76c-030695984be0/c99b8d47-af86-4c63-b704-0589e91b73cb/eb3d56e3-70a9-410e-ab7b-67da7f266672/login?id=b25Ld2txMmdiaHVicTFRaFRaWkRUaVA3bVpiNG9lN2xNTEw4c1dXTnM1T2MzM0cramVjbzY3a0VMMU52dVUvd0JEZGsva3VlaURPRUNSS2pkUlBzSnNjWXQxQXU4L3Z3OTdYWDJFOVVjK0xjQXlWMXk5ckJSM2xuWU1abnFOWHZnWmJ0ZEtaWC9NdGoxRG1vVzRBUGNiVTF0MHdDcy9ETlh2dTViN3RSd08xeVF0dUxsMnBPNFAyMHM3UGpDSU9ZUnVRWkVEc1BCY2dhR1RSWDZCeG5jamxRRXNXbzZ5RDBSZ01YN09Cb1d4dWVmTTZtd0FIdkVZaGdmV1p2TEdyZEJpRll3NFlscVdQZFJqeFY3QVhTNlJMVUZ0MWJZRzd0UVFraXN6endIY3p5RVVSenV0MUdqd1ZlR1FMZmN1WDQvTGFmN053N1JuYlhWMjB4Q0gzWGxabGNZMW5RaEp6a3RHaEJiM0M0ZE5malFORE1uTlljOXczSElpUHpTQTV5c213eWVuVVMybDNzQm9zRGN2bDdLQT09
IP
13.107.246.53
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK
Submitted
2022-12-01 01:22:20
Access
Website Title
Final URL
Tags
None
urlquery detections
Phishing - Microsoft
Phishing - Microsoft

Detections

urlquery
8
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r4.res.office365.com	180	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	540 kB	23.36.79.11
oneocsp.microsoft.com	1473	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	11 kB	204.79.197.203
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
www.attemplate.com	168105	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	30 kB	5.7 MB	13.107.213.53
secure.aadcdn.microsoftonline-p.com	11744	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	48 kB	184.86.8.44
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	56 kB	34.120.237.76
wusofficehome.msocdn.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.2 kB	2.8 kB	23.32.25.29
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.76.226
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.6 kB	93.184.220.29
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.13.173.34

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-11-30	medium	www.attemplate.com/eur/7bc03988-1063-4a03-b76c-030695984be0/c99b8d47-af86-4c63-b704-0589e91b73cb/eb3d56e3-70a9-410e-ab7b-67da7f266672/login?id=b25Ld2txMmdiaHVicTFRaFRaWkRUaVA3bVpiNG9lN2xNTEw4c1dXTnM1T2MzM0cramVjbzY3a0VMMU52dVUvd0JEZGsva3VlaURPRUNSS2pkUlBzSnNjWXQxQXU4L3Z3OTdYWDJFOVVjK0xjQXlWMXk5ckJSM2xuWU1abnFOWHZnWmJ0ZEtaWC9NdGoxRG1vVzRBUGNiVTF0MHdDcy9ETlh2dTViN3RSd08xeVF0dUxsMnBPNFAyMHM3UGpDSU9ZUnVRWkVEc1BCY2dhR1RSWDZCeG5jamxRRXNXbzZ5RDBSZ01YN09Cb1d4dWVmTTZtd0FIdkVZaGdmV1p2TEdyZEJpRll3NFlscVdQZFJqeFY3QVhTNlJMVUZ0MWJZRzd0UVFraXN6endIY3p5RVVSenV0MUdqd1ZlR1FMZmN1WDQvTGFmN053N1JuYlhWMjB4Q0gzWGxabGNZMW5RaEp6a3RHaEJiM0M0ZE5malFORE1uTlljOXczSElpUHpTQTV5c213eWVuVVMybDNzQm9zRGN2bDdLQT09	Outlook

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-01	medium	www.attemplate.com/eur/7bc03988-1063-4a03-b76c-030695984be0/c99b8d47-af86-4c63-b704-0589e91b73cb/eb3d56e3-70a9-410e-ab7b-67da7f266672/login?id=b25Ld2txMmdiaHVicTFRaFRaWkRUaVA3bVpiNG9lN2xNTEw4c1dXTnM1T2MzM0cramVjbzY3a0VMMU52dVUvd0JEZGsva3VlaURPRUNSS2pkUlBzSnNjWXQxQXU4L3Z3OTdYWDJFOVVjK0xjQXlWMXk5ckJSM2xuWU1abnFOWHZnWmJ0ZEtaWC9NdGoxRG1vVzRBUGNiVTF0MHdDcy9ETlh2dTViN3RSd08xeVF0dUxsMnBPNFAyMHM3UGpDSU9ZUnVRWkVEc1BCY2dhR1RSWDZCeG5jamxRRXNXbzZ5RDBSZ01YN09Cb1d4dWVmTTZtd0FIdkVZaGdmV1p2TEdyZEJpRll3NFlscVdQZFJqeFY3QVhTNlJMVUZ0MWJZRzd0UVFraXN6endIY3p5RVVSenV0MUdqd1ZlR1FMZmN1WDQvTGFmN053N1JuYlhWMjB4Q0gzWGxabGNZMW5RaEp6a3RHaEJiM0M0ZE5malFORE1uTlljOXczSElpUHpTQTV5c213eWVuVVMybDNzQm9zRGN2bDdLQT09	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (18)

	URL	Size	First Seen	Last Seen
	www.attemplate.com/eur/7bc03988-1063-4a03-b76c-030695984be0/c99b8d47-af86-4c63-b704-0589e91b73cb/eb3d56e3-70a9-410e-ab7b-67da7f266672/login?id=b25Ld2txMmdiaHVicTFRaFRaWkRUaVA3bVpiNG9lN2xNTEw4c1dXTnM1T2MzM0cramVjbzY3a0VMMU52dVUvd0JEZGsva3VlaURPRUNSS2pkUlBzSnNjWXQxQXU4L3Z3OTdYWDJFOVVjK0xjQXlWMXk5ckJSM2xuWU1abnFOWHZnWmJ0ZEtaWC9NdGoxRG1vVzRBUGNiVTF0MHdDcy9ETlh2dTViN3RSd08xeVF0dUxsMnBPNFAyMHM3UGpDSU9ZUnVRWkVEc1BCY2dhR1RSWDZCeG5jamxRRXNXbzZ5RDBSZ01YN09Cb1d4dWVmTTZtd0FIdkVZaGdmV1p2TEdyZEJpRll3NFlscVdQZFJqeFY3QVhTNlJMVUZ0MWJZRzd0UVFraXN6endIY3p5RVVSenV0MUdqd1ZlR1FMZmN1WDQvTGFmN053N1JuYlhWMjB4Q0gzWGxabGNZMW5RaEp6a3RHaEJiM0M0ZE5malFORE1uTlljOXczSElpUHpTQTV5c213eWVuVVMybDNzQm9zRGN2bDdLQT09	221 B	2023-03-07	2023-04-01
Pretty URL www.attemplate.com/eur/7bc03988-1063-4a03-b76c-030695984be0/c99b8d47-af86-4c63-b704-0589e91b73cb/eb3d56e3-70a9-410e-ab7b-67da7f266672/login?id=b25Ld2txMmdiaHVicTFRaFRaWkRUaVA3bVpiNG9lN2xNTEw4c1dXTnM1T2MzM0cramVjbzY3a0VMMU52dVUvd0JEZGsva3VlaURPRUNSS2pkUlBzSnNjWXQxQXU4L3Z3OTdYWDJFOVVjK0xjQXlWMXk5ckJSM2xuWU1abnFOWHZnWmJ0ZEtaWC9NdGoxRG1vVzRBUGNiVTF0MHdDcy9ETlh2dTViN3RSd08xeVF0dUxsMnBPNFAyMHM3UGpDSU9ZUnVRWkVEc1BCY2dhR1RSWDZCeG5jamxRRXNXbzZ5RDBSZ01YN09Cb1d4dWVmTTZtd0FIdkVZaGdmV1p2TEdyZEJpRll3NFlscVdQZFJqeFY3QVhTNlJMVUZ0MWJZRzd0UVFraXN6endIY3p5RVVSenV0MUdqd1ZlR1FMZmN1WDQvTGFmN053N1JuYlhWMjB4Q0gzWGxabGNZMW5RaEp6a3RHaEJiM0M0ZE5malFORE1uTlljOXczSElpUHpTQTV5c213eWVuVVMybDNzQm9zRGN2bDdLQT09 IP 13.107.213.53 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-04-01 11:16:27 Times Seen8 Hash a9ec8a33ba1064ce8bbc83ad69efa945 3828ee725a60da38881aef8fd0e0ebeca06c6c21 f73547e27486fa96a96268157e5c3ce357dbaca7fa90414f76ff50acbcf6079c Loading...

	www.attemplate.com/eur/7bc03988-1063-4a03-b76c-030695984be0/c99b8d47-af86-4c63-b704-0589e91b73cb/eb3d56e3-70a9-410e-ab7b-67da7f266672/login?id=b25Ld2txMmdiaHVicTFRaFRaWkRUaVA3bVpiNG9lN2xNTEw4c1dXTnM1T2MzM0cramVjbzY3a0VMMU52dVUvd0JEZGsva3VlaURPRUNSS2pkUlBzSnNjWXQxQXU4L3Z3OTdYWDJFOVVjK0xjQXlWMXk5ckJSM2xuWU1abnFOWHZnWmJ0ZEtaWC9NdGoxRG1vVzRBUGNiVTF0MHdDcy9ETlh2dTViN3RSd08xeVF0dUxsMnBPNFAyMHM3UGpDSU9ZUnVRWkVEc1BCY2dhR1RSWDZCeG5jamxRRXNXbzZ5RDBSZ01YN09Cb1d4dWVmTTZtd0FIdkVZaGdmV1p2TEdyZEJpRll3NFlscVdQZFJqeFY3QVhTNlJMVUZ0MWJZRzd0UVFraXN6endIY3p5RVVSenV0MUdqd1ZlR1FMZmN1WDQvTGFmN053N1JuYlhWMjB4Q0gzWGxabGNZMW5RaEp6a3RHaEJiM0M0ZE5malFORE1uTlljOXczSElpUHpTQTV5c213eWVuVVMybDNzQm9zRGN2bDdLQT09	35 B	2023-03-07	2024-04-19
Pretty URL www.attemplate.com/eur/7bc03988-1063-4a03-b76c-030695984be0/c99b8d47-af86-4c63-b704-0589e91b73cb/eb3d56e3-70a9-410e-ab7b-67da7f266672/login?id=b25Ld2txMmdiaHVicTFRaFRaWkRUaVA3bVpiNG9lN2xNTEw4c1dXTnM1T2MzM0cramVjbzY3a0VMMU52dVUvd0JEZGsva3VlaURPRUNSS2pkUlBzSnNjWXQxQXU4L3Z3OTdYWDJFOVVjK0xjQXlWMXk5ckJSM2xuWU1abnFOWHZnWmJ0ZEtaWC9NdGoxRG1vVzRBUGNiVTF0MHdDcy9ETlh2dTViN3RSd08xeVF0dUxsMnBPNFAyMHM3UGpDSU9ZUnVRWkVEc1BCY2dhR1RSWDZCeG5jamxRRXNXbzZ5RDBSZ01YN09Cb1d4dWVmTTZtd0FIdkVZaGdmV1p2TEdyZEJpRll3NFlscVdQZFJqeFY3QVhTNlJMVUZ0MWJZRzd0UVFraXN6endIY3p5RVVSenV0MUdqd1ZlR1FMZmN1WDQvTGFmN053N1JuYlhWMjB4Q0gzWGxabGNZMW5RaEp6a3RHaEJiM0M0ZE5malFORE1uTlljOXczSElpUHpTQTV5c213eWVuVVMybDNzQm9zRGN2bDdLQT09 IP 13.107.213.53 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:22 Last Seen2024-04-19 08:47:09 Times Seen46891 Hash 2badc56bc4d494e70d476b2e4efd31da 384c5f0842cd2f786b0acc4cb159b75ad3620d46 8684cc6fc8b42cd798a7e1416fda8af6cea601dca2ecd3a253acfd9649f58fcb Loading...

	secure.aadcdn.microsoftonline-p.com/ests/2.1.7362.11/content/cdnbundles/frameworksupport.min.js	12 kB	2023-03-07	2023-04-01
Pretty URL secure.aadcdn.microsoftonline-p.com/ests/2.1.7362.11/content/cdnbundles/frameworksupport.min.js IP 184.86.8.44 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-04-01 11:16:27 Times Seen8 Hash b55a6463821a68f54a3888438ddd3dd1 cb1d9cc53904b1d3ef924cf10f8fc747dc04f51d 88a2cd50484dc544c495c777714fa6f87d0bde1329d1117fd0d664522577bb27 Loading...

	secure.aadcdn.microsoftonline-p.com/ests/2.1.7362.11/content/cdnbundles/watson.min.js	8.9 kB	2023-03-07	2023-04-01
Pretty URL secure.aadcdn.microsoftonline-p.com/ests/2.1.7362.11/content/cdnbundles/watson.min.js IP 184.86.8.44 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-04-01 11:16:27 Times Seen8 Hash 85ae679948ef1ef084a07eb290777f91 c61b332b6d8a3782c29b299de5c6a218e6e33a5c 87eaf7626d0083e4a253666a1c95d8e44cb17f80d854d499d942d8f65cca7b62 Loading...

	www.attemplate.com/Content/newSignInFiles/share.html	24 kB	2023-03-07	2023-09-23
Pretty URL www.attemplate.com/Content/newSignInFiles/share.html IP 13.107.213.53 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-09-23 15:42:44 Times Seen15 Hash 0f5baa89ee099fbb3a035ec7f83a428c 4585a41e2d76e4bbd677150672812ff42729a97f 39aefd9185afbccba2fb3bb2a51fde5258fed555638fa18147f1b4ee54c2f562 Loading...

	www.attemplate.com/Content/newSignInFiles/share.html	35 kB	2023-03-07	2023-11-08
Pretty URL www.attemplate.com/Content/newSignInFiles/share.html IP 13.107.213.53 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-11-08 19:12:42 Times Seen46 Hash ef04bdeb82acf8466f7584f6cc7542cd f7eee7882c38e7e5ffa0b518e8ce31effb800243 515e769f47d67533d5b68f30d564770ad4b4d05d0cd214294f1f31546a2eac47 Loading...

	www.attemplate.com/Content/newSignInFiles/react-e173c92e.js	151 kB	2023-03-07	2023-11-08
Pretty URL www.attemplate.com/Content/newSignInFiles/react-e173c92e.js IP 13.107.213.53 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-11-08 19:12:43 Times Seen102 Hash e173c92e0f5b1f151fb56b251cacbc39 5a2ecc596693c47856d22c7f240c9b9568bb96a0 66bcaf33e9ff0218ddd697bfcc5067e10840ae8055f271dcf7d5a37ade6ee22f Loading...

	www.attemplate.com/Content/newSignInFiles/firstScript.js	54 kB	2023-03-07	2023-11-08
Pretty URL www.attemplate.com/Content/newSignInFiles/firstScript.js IP 13.107.213.53 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-11-08 19:12:42 Times Seen56 Hash 47a8ef7b2b7935647a084ddfd48bef89 7651b909aeee3e7c84dc3203a821f1267f44f92f 9379ff0c77be162cf90c75a24bf557433ae2612e05594988317f7fb4f164bda9 Loading...

	www.attemplate.com/Content/newSignInFiles/convergedloginpaginatedstrings-en.min.js	12 kB	2023-03-07	2023-11-08
Pretty URL www.attemplate.com/Content/newSignInFiles/convergedloginpaginatedstrings-en.min.js IP 13.107.213.53 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-11-08 19:12:43 Times Seen103 Hash a43abb7b73ede723d909515b0db8567c 31a5c6d3c518e3b27d96a8c4749ef20d9b028ced 8176927c483b9c3c64aedb655264870a59e608a653ed5045c3091382829b4f89 Loading...

	www.attemplate.com/Content/newSignInFiles/convergedlogin_pcore.min.js	450 kB	2023-03-07	2023-11-08
Pretty URL www.attemplate.com/Content/newSignInFiles/convergedlogin_pcore.min.js IP 13.107.213.53 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-11-08 19:12:43 Times Seen103 Hash 9ae1e96885da36ab5aacdaf54eeb8305 34084f5f515dab11fc20b63089d5d1a80e75d478 e4a459ed9bf635aaf0bbcfb36142c32264378f2dd25aa79bae136dfd55dd5888 Loading...

	secure.aadcdn.microsoftonline-p.com/ests/2.1.7362.11/content/cdnbundles/watsonsupport.min.js	110 kB	2023-03-07	2023-04-01
Pretty URL secure.aadcdn.microsoftonline-p.com/ests/2.1.7362.11/content/cdnbundles/watsonsupport.min.js IP 184.86.8.44 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-04-01 11:16:27 Times Seen8 Hash fc098ef8e126673c91f8ded2b3838d29 60a2d48e2f02a8cbe51cabe43570d87467596399 080ff245615e719959bc5537e164ac4495c4b8036462dfee2076dd92f22c8491 Loading...

	www.attemplate.com/Content/newSignInFiles/jsonjs.js	10 kB	2023-03-07	2023-11-08
Pretty URL www.attemplate.com/Content/newSignInFiles/jsonjs.js IP 13.107.213.53 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-11-08 19:12:43 Times Seen103 Hash 37ea9ecfb21e1348970d981b0cc9f68c 2c74e0956dd4e1f49f7726eedec967d43c9221b5 3c49e5eeb628e98c3dfc5282c440d21b38a0d42bf45d8e281c1a7478d200c793 Loading...

	www.attemplate.com/Content/newSignInFiles/morescript.js	328 B	2023-03-07	2023-11-08
Pretty URL www.attemplate.com/Content/newSignInFiles/morescript.js IP 13.107.213.53 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-11-08 19:12:42 Times Seen56 Hash cdc1345ed28507c3f7f087141a5fe4fa 3d8213e5488b7d932d1ef0d12463b7f33b66002d 71eb8e5c44c27a46a180c5b1fc4a3e32105f90adb93b1f0a616a27beca3aadc4 Loading...

	www.attemplate.com/Content/newSignInFiles/share.html	621 B	2023-03-07	2023-09-23
Pretty URL www.attemplate.com/Content/newSignInFiles/share.html IP 13.107.213.53 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-09-23 15:42:44 Times Seen15 Hash 3fdeba0eb1acd02cd6045f34eb526aa7 7970356bc379bd64c5c42b0baed6b25d886c979c 92dde2be41a02bee18b719bd3ac8a75a90e98233dce02f5340f1f78e2fc9b10c Loading...

	www.attemplate.com/Content/newSignInFiles/prefetch_1.html	1.9 kB	2023-03-07	2023-04-01
Pretty URL www.attemplate.com/Content/newSignInFiles/prefetch_1.html IP 13.107.213.53 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-04-01 11:16:27 Times Seen8 Hash 05dc58ba58975f98bbf4f48f21e234cb 7610b0032f2073231a3c2a39ad1d9d7e87ff1422 d22b93001fac13bd145370d6377a7fe2ebceff36fc612218aab69e45fd6c4f62 Loading...

	www.attemplate.com/Content/newSignInFiles/knockout-b324ae36.js	66 kB	2023-03-07	2023-11-08
Pretty URL www.attemplate.com/Content/newSignInFiles/knockout-b324ae36.js IP 13.107.213.53 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-11-08 19:12:43 Times Seen102 Hash 1fe900de2fc85937b8fd66b912d5ec98 1aa37910ecec33bee345da74cd5ee50feb85fbe1 5052bc6222b5c7990b21575a67fbeb1396e550fb03d11b86c9bc96dbb8a9e4e7 Loading...

	www.attemplate.com/Content/newSignInFiles/odbshare.resx-30cb8c0f.js	55 kB	2023-03-07	2023-11-08
Pretty URL www.attemplate.com/Content/newSignInFiles/odbshare.resx-30cb8c0f.js IP 13.107.213.53 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-11-08 19:12:43 Times Seen97 Hash 30cb8c0f0121ecf0d7e72f25e99db372 d5569b73a452b935da0394cda601ef83e69e5361 df5b5ebcb8f62fb2e24b77c57d71f02f98705370ccad457e4ca214975ab77498 Loading...

	www.attemplate.com/Content/newSignInFiles/odbshare-deca58ee.js	1.3 MB	2023-03-07	2023-11-08
Pretty URL www.attemplate.com/Content/newSignInFiles/odbshare-deca58ee.js IP 13.107.213.53 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-11-08 19:12:43 Times Seen98 Hash 36e4d5260114c1c0aaaf543f60242abe 216bb5e7b2d7b3ea2fa94be5bd0daaa8420d9294 23f0ff28cbffa80317fd222cb6b7857cfd2075be3bccebfac2cbc97ad1747da6 Loading...

HTTP Transactions (73)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2d2e7649ce9e9ba6fc8b68aa89352e3c
0153d1d3d830a457043e16bb40d48a0b9ddef4b8
8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14508
Expires: Thu, 01 Dec 2022 05:23:55 GMT
Date: Thu, 01 Dec 2022 01:22:07 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
f3cf023c797da81728c0ac84c8759331
fa07c5e39e4b0741ea484101cccb2202acea9d9c
5206a0bac8bf78d6b84322519271a1ece2c1039a0090e583de6d6192d88873d0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3012
Cache-Control: max-age=122364
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 01:22:07 GMT
Etag: "638730f7-1d7"
Expires: Fri, 02 Dec 2022 11:21:31 GMT
Last-Modified: Wed, 30 Nov 2022 10:31:19 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 01 Dec 2022 01:18:05 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 242
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2464
Expires: Thu, 01 Dec 2022 02:03:11 GMT
Date: Thu, 01 Dec 2022 01:22:07 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: fUo0Y6Lv6xVC+mBj40kGW0/V8VMDV/8jOuz/+iZcAtL2AwDdw/OFZyPbUrxQm1Dnnh6bz+gqjGU=
x-amz-request-id: 0ZZ07F6FP8A6CWXJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 01 Dec 2022 00:45:27 GMT
age: 2200
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 01:22:07 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 01 Dec 2022 01:11:15 GMT
cache-control: public,max-age=3600
age: 652
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
cfdd00e67ee6ca21712b867eb5288ab6
b61d5d6ec3b7ad71619e13e32c87f2d01871b88a
f740cac6dfedc1bf0f82efb10dac4f6ffb22f9bb5d4a9b68a4cd971dd2f65793

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3065
Cache-Control: max-age=117348
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 01:22:08 GMT
Etag: "63871d2b-1d7"
Expires: Fri, 02 Dec 2022 09:57:56 GMT
Last-Modified: Wed, 30 Nov 2022 09:06:51 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

www.attemplate.com/Content/newSignInFiles/firstScript.js

13.107.213.53

200 OK

54 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/firstScript.js
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (39807), with CRLF line terminators
Size
54 kB (54099 bytes)
Hash
da5d678cfa62ab32b62a8123e923f822
ea31c64aa7f094ed21ea0acaa054fbe0745235fe
9fabe69e40bbff565755bbc408ba923e8d05867969c34e5448d334c8914d2ba0

HTTP Headers

GET /Content/newSignInFiles/firstScript.js HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/eur/7bc03988-1063-4a03-b76c-030695984be0/c99b8d47-af86-4c63-b704-0589e91b73cb/eb3d56e3-70a9-410e-ab7b-67da7f266672/login?id=b25Ld2txMmdiaHVicTFRaFRaWkRUaVA3bVpiNG9lN2xNTEw4c1dXTnM1T2MzM0cramVjbzY3a0VMMU52dVUvd0JEZGsva3VlaURPRUNSS2pkUlBzSnNjWXQxQXU4L3Z3OTdYWDJFOVVjK0xjQXlWMXk5ckJSM2xuWU1abnFOWHZnWmJ0ZEtaWC9NdGoxRG1vVzRBUGNiVTF0MHdDcy9ETlh2dTViN3RSd08xeVF0dUxsMnBPNFAyMHM3UGpDSU9ZUnVRWkVEc1BCY2dhR1RSWDZCeG5jamxRRXNXbzZ5RDBSZ01YN09Cb1d4dWVmTTZtd0FIdkVZaGdmV1p2TEdyZEJpRll3NFlscVdQZFJqeFY3QVhTNlJMVUZ0MWJZRzd0UVFraXN6endIY3p5RVVSenV0MUdqd1ZlR1FMZmN1WDQvTGFmN053N1JuYlhWMjB4Q0gzWGxabGNZMW5RaEp6a3RHaEJiM0M0ZE5malFORE1uTlljOXczSElpUHpTQTV5c213eWVuVVMybDNzQm9zRGN2bDdLQT09
Cookie: .AspNetCore.Antiforgery.U45wRIJcwUw=CfDJ8LTyG_UAIhZJp_v60vhwlYJJjpqOFg7EoztfTSFFOl02Ri0-kt3MXmNtcbQ-fRTqC2SKTMmSs47uElT0jYzR-NFMP7E9291Eg-rnVygfBUEPtQI2ZmldfinniCa4YrOQdPWKeAOy4BLVOnZaaNCHH1M
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 54099
content-type: application/javascript
last-modified: Fri, 25 Nov 2022 06:23:12 GMT
accept-ranges: bytes
etag: "1d9009664c7db53"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0wAGIYwAAAAAH8CUHbyZWT5QNX5mKBxPIQU1TMDRFREdFMTkxNwAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 01 Dec 2022 01:22:07 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/morescript.js

13.107.213.53

200 OK

331 B

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/morescript.js
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (326), with CRLF line terminators
Size
331 B (331 bytes)
Hash
8bc03f0ed1d4ec8b123abc818f236ec9
8d5327da68684b0949c5b388f2b2eab3dc77b42e
58fa1f189953f9c0b6209827f64e8ce65318374e075c30f74cad566ed733fe69

HTTP Headers

GET /Content/newSignInFiles/morescript.js HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/eur/7bc03988-1063-4a03-b76c-030695984be0/c99b8d47-af86-4c63-b704-0589e91b73cb/eb3d56e3-70a9-410e-ab7b-67da7f266672/login?id=b25Ld2txMmdiaHVicTFRaFRaWkRUaVA3bVpiNG9lN2xNTEw4c1dXTnM1T2MzM0cramVjbzY3a0VMMU52dVUvd0JEZGsva3VlaURPRUNSS2pkUlBzSnNjWXQxQXU4L3Z3OTdYWDJFOVVjK0xjQXlWMXk5ckJSM2xuWU1abnFOWHZnWmJ0ZEtaWC9NdGoxRG1vVzRBUGNiVTF0MHdDcy9ETlh2dTViN3RSd08xeVF0dUxsMnBPNFAyMHM3UGpDSU9ZUnVRWkVEc1BCY2dhR1RSWDZCeG5jamxRRXNXbzZ5RDBSZ01YN09Cb1d4dWVmTTZtd0FIdkVZaGdmV1p2TEdyZEJpRll3NFlscVdQZFJqeFY3QVhTNlJMVUZ0MWJZRzd0UVFraXN6endIY3p5RVVSenV0MUdqd1ZlR1FMZmN1WDQvTGFmN053N1JuYlhWMjB4Q0gzWGxabGNZMW5RaEp6a3RHaEJiM0M0ZE5malFORE1uTlljOXczSElpUHpTQTV5c213eWVuVVMybDNzQm9zRGN2bDdLQT09
Cookie: .AspNetCore.Antiforgery.U45wRIJcwUw=CfDJ8LTyG_UAIhZJp_v60vhwlYJJjpqOFg7EoztfTSFFOl02Ri0-kt3MXmNtcbQ-fRTqC2SKTMmSs47uElT0jYzR-NFMP7E9291Eg-rnVygfBUEPtQI2ZmldfinniCa4YrOQdPWKeAOy4BLVOnZaaNCHH1M
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 331
content-type: application/javascript
last-modified: Thu, 24 Nov 2022 09:12:08 GMT
accept-ranges: bytes
etag: "1d8ffe4d3e4254b"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0wAGIYwAAAADBx7urix5VQ47/BzUdgjuBQU1TMDRFREdFMTkxNwAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 01 Dec 2022 01:22:07 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/jsonjs.js

13.107.213.53

200 OK

10 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/jsonjs.js
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (9380), with CRLF line terminators
Size
10 kB (10323 bytes)
Hash
37ea9ecfb21e1348970d981b0cc9f68c
2c74e0956dd4e1f49f7726eedec967d43c9221b5
3c49e5eeb628e98c3dfc5282c440d21b38a0d42bf45d8e281c1a7478d200c793

HTTP Headers

GET /Content/newSignInFiles/jsonjs.js HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/eur/7bc03988-1063-4a03-b76c-030695984be0/c99b8d47-af86-4c63-b704-0589e91b73cb/eb3d56e3-70a9-410e-ab7b-67da7f266672/login?id=b25Ld2txMmdiaHVicTFRaFRaWkRUaVA3bVpiNG9lN2xNTEw4c1dXTnM1T2MzM0cramVjbzY3a0VMMU52dVUvd0JEZGsva3VlaURPRUNSS2pkUlBzSnNjWXQxQXU4L3Z3OTdYWDJFOVVjK0xjQXlWMXk5ckJSM2xuWU1abnFOWHZnWmJ0ZEtaWC9NdGoxRG1vVzRBUGNiVTF0MHdDcy9ETlh2dTViN3RSd08xeVF0dUxsMnBPNFAyMHM3UGpDSU9ZUnVRWkVEc1BCY2dhR1RSWDZCeG5jamxRRXNXbzZ5RDBSZ01YN09Cb1d4dWVmTTZtd0FIdkVZaGdmV1p2TEdyZEJpRll3NFlscVdQZFJqeFY3QVhTNlJMVUZ0MWJZRzd0UVFraXN6endIY3p5RVVSenV0MUdqd1ZlR1FMZmN1WDQvTGFmN053N1JuYlhWMjB4Q0gzWGxabGNZMW5RaEp6a3RHaEJiM0M0ZE5malFORE1uTlljOXczSElpUHpTQTV5c213eWVuVVMybDNzQm9zRGN2bDdLQT09
Cookie: .AspNetCore.Antiforgery.U45wRIJcwUw=CfDJ8LTyG_UAIhZJp_v60vhwlYJJjpqOFg7EoztfTSFFOl02Ri0-kt3MXmNtcbQ-fRTqC2SKTMmSs47uElT0jYzR-NFMP7E9291Eg-rnVygfBUEPtQI2ZmldfinniCa4YrOQdPWKeAOy4BLVOnZaaNCHH1M
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 10323
content-type: application/javascript
last-modified: Thu, 24 Nov 2022 09:20:09 GMT
accept-ranges: bytes
etag: "1d8ffe5f296c2d3"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0wAGIYwAAAAD1OZ5XvScUR6MFzFTVslfgQU1TMDRFREdFMTkxNwAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 01 Dec 2022 01:22:07 GMT
X-Firefox-Spdy: h2

push.services.mozilla.com/

52.13.173.34

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.13.173.34:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: YWECmiq8qX2tCax996ICiQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: hKu7TvTpuINh++oEYKVaTp+bAaQ=

www.attemplate.com/Content/newSignInFiles/ellipsis_grey.svg

13.107.213.53

200 OK

915 B

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/ellipsis_grey.svg
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (915), with no line terminators
Size
915 B (915 bytes)
Hash
2b5d393db04a5e6e1f739cb266e65b4c
6a435df5cac3d58ccad655fe022ccf3dd4b9b721
16c3f6531d0fa5b4d16e82abf066233b2a9f284c068c663699313c09f5e8d6e6

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - Microsoft

HTTP Headers

GET /Content/newSignInFiles/ellipsis_grey.svg HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/eur/7bc03988-1063-4a03-b76c-030695984be0/c99b8d47-af86-4c63-b704-0589e91b73cb/eb3d56e3-70a9-410e-ab7b-67da7f266672/login?id=b25Ld2txMmdiaHVicTFRaFRaWkRUaVA3bVpiNG9lN2xNTEw4c1dXTnM1T2MzM0cramVjbzY3a0VMMU52dVUvd0JEZGsva3VlaURPRUNSS2pkUlBzSnNjWXQxQXU4L3Z3OTdYWDJFOVVjK0xjQXlWMXk5ckJSM2xuWU1abnFOWHZnWmJ0ZEtaWC9NdGoxRG1vVzRBUGNiVTF0MHdDcy9ETlh2dTViN3RSd08xeVF0dUxsMnBPNFAyMHM3UGpDSU9ZUnVRWkVEc1BCY2dhR1RSWDZCeG5jamxRRXNXbzZ5RDBSZ01YN09Cb1d4dWVmTTZtd0FIdkVZaGdmV1p2TEdyZEJpRll3NFlscVdQZFJqeFY3QVhTNlJMVUZ0MWJZRzd0UVFraXN6endIY3p5RVVSenV0MUdqd1ZlR1FMZmN1WDQvTGFmN053N1JuYlhWMjB4Q0gzWGxabGNZMW5RaEp6a3RHaEJiM0M0ZE5malFORE1uTlljOXczSElpUHpTQTV5c213eWVuVVMybDNzQm9zRGN2bDdLQT09
Cookie: .AspNetCore.Antiforgery.U45wRIJcwUw=CfDJ8LTyG_UAIhZJp_v60vhwlYJJjpqOFg7EoztfTSFFOl02Ri0-kt3MXmNtcbQ-fRTqC2SKTMmSs47uElT0jYzR-NFMP7E9291Eg-rnVygfBUEPtQI2ZmldfinniCa4YrOQdPWKeAOy4BLVOnZaaNCHH1M
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 915
content-type: image/svg+xml
last-modified: Fri, 25 Nov 2022 06:48:12 GMT
accept-ranges: bytes
etag: "1d90099e2d8dd93"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0wAGIYwAAAAC3SLtkbcm3QYD1X/7C0m94QU1TMDRFREdFMTkxNwAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 01 Dec 2022 01:22:07 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/convergedloginpaginatedstrings-en.min.js

13.107.213.53

200 OK

12 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/convergedloginpaginatedstrings-en.min.js
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 text, with very long lines (12112), with no line terminators
Size
12 kB (12121 bytes)
Hash
a43abb7b73ede723d909515b0db8567c
31a5c6d3c518e3b27d96a8c4749ef20d9b028ced
8176927c483b9c3c64aedb655264870a59e608a653ed5045c3091382829b4f89

HTTP Headers

GET /Content/newSignInFiles/convergedloginpaginatedstrings-en.min.js HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/eur/7bc03988-1063-4a03-b76c-030695984be0/c99b8d47-af86-4c63-b704-0589e91b73cb/eb3d56e3-70a9-410e-ab7b-67da7f266672/login?id=b25Ld2txMmdiaHVicTFRaFRaWkRUaVA3bVpiNG9lN2xNTEw4c1dXTnM1T2MzM0cramVjbzY3a0VMMU52dVUvd0JEZGsva3VlaURPRUNSS2pkUlBzSnNjWXQxQXU4L3Z3OTdYWDJFOVVjK0xjQXlWMXk5ckJSM2xuWU1abnFOWHZnWmJ0ZEtaWC9NdGoxRG1vVzRBUGNiVTF0MHdDcy9ETlh2dTViN3RSd08xeVF0dUxsMnBPNFAyMHM3UGpDSU9ZUnVRWkVEc1BCY2dhR1RSWDZCeG5jamxRRXNXbzZ5RDBSZ01YN09Cb1d4dWVmTTZtd0FIdkVZaGdmV1p2TEdyZEJpRll3NFlscVdQZFJqeFY3QVhTNlJMVUZ0MWJZRzd0UVFraXN6endIY3p5RVVSenV0MUdqd1ZlR1FMZmN1WDQvTGFmN053N1JuYlhWMjB4Q0gzWGxabGNZMW5RaEp6a3RHaEJiM0M0ZE5malFORE1uTlljOXczSElpUHpTQTV5c213eWVuVVMybDNzQm9zRGN2bDdLQT09
Cookie: .AspNetCore.Antiforgery.U45wRIJcwUw=CfDJ8LTyG_UAIhZJp_v60vhwlYJJjpqOFg7EoztfTSFFOl02Ri0-kt3MXmNtcbQ-fRTqC2SKTMmSs47uElT0jYzR-NFMP7E9291Eg-rnVygfBUEPtQI2ZmldfinniCa4YrOQdPWKeAOy4BLVOnZaaNCHH1M
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 12121
content-type: application/javascript
last-modified: Fri, 25 Nov 2022 06:31:01 GMT
accept-ranges: bytes
etag: "1d900977c52efd9"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0wAGIYwAAAAAm9SjX7fP9So1noi8qNnzwQU1TMDRFREdFMTkxNwAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 01 Dec 2022 01:22:08 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/ellipsis_white.svg

13.107.213.53

200 OK

915 B

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/ellipsis_white.svg
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (915), with no line terminators
Size
915 B (915 bytes)
Hash
5ac590ee72bfe06a7cecfd75b588ad73
dda2cb89a241bc424746d8cf2a22a35535094611
6075736ea9c281d69c4a3d78ff97bb61b9416a5809919babe5a0c5596f99aaea

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - Microsoft

HTTP Headers

GET /Content/newSignInFiles/ellipsis_white.svg HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/eur/7bc03988-1063-4a03-b76c-030695984be0/c99b8d47-af86-4c63-b704-0589e91b73cb/eb3d56e3-70a9-410e-ab7b-67da7f266672/login?id=b25Ld2txMmdiaHVicTFRaFRaWkRUaVA3bVpiNG9lN2xNTEw4c1dXTnM1T2MzM0cramVjbzY3a0VMMU52dVUvd0JEZGsva3VlaURPRUNSS2pkUlBzSnNjWXQxQXU4L3Z3OTdYWDJFOVVjK0xjQXlWMXk5ckJSM2xuWU1abnFOWHZnWmJ0ZEtaWC9NdGoxRG1vVzRBUGNiVTF0MHdDcy9ETlh2dTViN3RSd08xeVF0dUxsMnBPNFAyMHM3UGpDSU9ZUnVRWkVEc1BCY2dhR1RSWDZCeG5jamxRRXNXbzZ5RDBSZ01YN09Cb1d4dWVmTTZtd0FIdkVZaGdmV1p2TEdyZEJpRll3NFlscVdQZFJqeFY3QVhTNlJMVUZ0MWJZRzd0UVFraXN6endIY3p5RVVSenV0MUdqd1ZlR1FMZmN1WDQvTGFmN053N1JuYlhWMjB4Q0gzWGxabGNZMW5RaEp6a3RHaEJiM0M0ZE5malFORE1uTlljOXczSElpUHpTQTV5c213eWVuVVMybDNzQm9zRGN2bDdLQT09
Cookie: .AspNetCore.Antiforgery.U45wRIJcwUw=CfDJ8LTyG_UAIhZJp_v60vhwlYJJjpqOFg7EoztfTSFFOl02Ri0-kt3MXmNtcbQ-fRTqC2SKTMmSs47uElT0jYzR-NFMP7E9291Eg-rnVygfBUEPtQI2ZmldfinniCa4YrOQdPWKeAOy4BLVOnZaaNCHH1M
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 915
content-type: image/svg+xml
last-modified: Thu, 24 Nov 2022 10:44:45 GMT
accept-ranges: bytes
etag: "1d8fff1c41f0f13"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0wAGIYwAAAADPsMUHcrmVQISbD75ItkyBQU1TMDRFREdFMTkxNwAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 01 Dec 2022 01:22:08 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/microsoft_logo.svg

13.107.213.53

200 OK

3.7 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/microsoft_logo.svg
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (3651), with no line terminators
Size
3.7 kB (3651 bytes)
Hash
ee5c8d9fb6248c938fd0dc19370e90bd
d01a22720918b781338b5bbf9202b241a5f99ee4
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - Microsoft

HTTP Headers

GET /Content/newSignInFiles/microsoft_logo.svg HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/eur/7bc03988-1063-4a03-b76c-030695984be0/c99b8d47-af86-4c63-b704-0589e91b73cb/eb3d56e3-70a9-410e-ab7b-67da7f266672/login?id=b25Ld2txMmdiaHVicTFRaFRaWkRUaVA3bVpiNG9lN2xNTEw4c1dXTnM1T2MzM0cramVjbzY3a0VMMU52dVUvd0JEZGsva3VlaURPRUNSS2pkUlBzSnNjWXQxQXU4L3Z3OTdYWDJFOVVjK0xjQXlWMXk5ckJSM2xuWU1abnFOWHZnWmJ0ZEtaWC9NdGoxRG1vVzRBUGNiVTF0MHdDcy9ETlh2dTViN3RSd08xeVF0dUxsMnBPNFAyMHM3UGpDSU9ZUnVRWkVEc1BCY2dhR1RSWDZCeG5jamxRRXNXbzZ5RDBSZ01YN09Cb1d4dWVmTTZtd0FIdkVZaGdmV1p2TEdyZEJpRll3NFlscVdQZFJqeFY3QVhTNlJMVUZ0MWJZRzd0UVFraXN6endIY3p5RVVSenV0MUdqd1ZlR1FMZmN1WDQvTGFmN053N1JuYlhWMjB4Q0gzWGxabGNZMW5RaEp6a3RHaEJiM0M0ZE5malFORE1uTlljOXczSElpUHpTQTV5c213eWVuVVMybDNzQm9zRGN2bDdLQT09
Cookie: .AspNetCore.Antiforgery.U45wRIJcwUw=CfDJ8LTyG_UAIhZJp_v60vhwlYJJjpqOFg7EoztfTSFFOl02Ri0-kt3MXmNtcbQ-fRTqC2SKTMmSs47uElT0jYzR-NFMP7E9291Eg-rnVygfBUEPtQI2ZmldfinniCa4YrOQdPWKeAOy4BLVOnZaaNCHH1M
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 3651
content-type: image/svg+xml
last-modified: Thu, 24 Nov 2022 09:12:02 GMT
accept-ranges: bytes
etag: "1d8ffe4d0509343"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0wAGIYwAAAADJm+G62GdgQJzXITgHlp9DQU1TMDRFREdFMTkxNwAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 01 Dec 2022 01:22:08 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/converged.login.min.css

13.107.213.53

200 OK

88 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/converged.login.min.css
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (61123), with CRLF line terminators
Size
88 kB (88187 bytes)
Hash
962d66b5fa6c30ab93ed4762d692b0b6
264402864833193dc83aea439dfc26bbeae4199e
b975857eea84eb27fe2effc01b4045800b81d6e358b37a7a876ba813351745ce

HTTP Headers

GET /Content/newSignInFiles/converged.login.min.css HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/eur/7bc03988-1063-4a03-b76c-030695984be0/c99b8d47-af86-4c63-b704-0589e91b73cb/eb3d56e3-70a9-410e-ab7b-67da7f266672/login?id=b25Ld2txMmdiaHVicTFRaFRaWkRUaVA3bVpiNG9lN2xNTEw4c1dXTnM1T2MzM0cramVjbzY3a0VMMU52dVUvd0JEZGsva3VlaURPRUNSS2pkUlBzSnNjWXQxQXU4L3Z3OTdYWDJFOVVjK0xjQXlWMXk5ckJSM2xuWU1abnFOWHZnWmJ0ZEtaWC9NdGoxRG1vVzRBUGNiVTF0MHdDcy9ETlh2dTViN3RSd08xeVF0dUxsMnBPNFAyMHM3UGpDSU9ZUnVRWkVEc1BCY2dhR1RSWDZCeG5jamxRRXNXbzZ5RDBSZ01YN09Cb1d4dWVmTTZtd0FIdkVZaGdmV1p2TEdyZEJpRll3NFlscVdQZFJqeFY3QVhTNlJMVUZ0MWJZRzd0UVFraXN6endIY3p5RVVSenV0MUdqd1ZlR1FMZmN1WDQvTGFmN053N1JuYlhWMjB4Q0gzWGxabGNZMW5RaEp6a3RHaEJiM0M0ZE5malFORE1uTlljOXczSElpUHpTQTV5c213eWVuVVMybDNzQm9zRGN2bDdLQT09
Cookie: .AspNetCore.Antiforgery.U45wRIJcwUw=CfDJ8LTyG_UAIhZJp_v60vhwlYJJjpqOFg7EoztfTSFFOl02Ri0-kt3MXmNtcbQ-fRTqC2SKTMmSs47uElT0jYzR-NFMP7E9291Eg-rnVygfBUEPtQI2ZmldfinniCa4YrOQdPWKeAOy4BLVOnZaaNCHH1M
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 88187
content-type: text/css
last-modified: Thu, 24 Nov 2022 09:08:05 GMT
accept-ranges: bytes
etag: "1d8ffe4430c10fb"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0wAGIYwAAAADegq5l8tHgR40qA6zmYo45QU1TMDRFREdFMTkxNwAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 01 Dec 2022 01:22:08 GMT
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11425
Expires: Thu, 01 Dec 2022 04:32:34 GMT
Date: Thu, 01 Dec 2022 01:22:09 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11425
Expires: Thu, 01 Dec 2022 04:32:34 GMT
Date: Thu, 01 Dec 2022 01:22:09 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11425
Expires: Thu, 01 Dec 2022 04:32:34 GMT
Date: Thu, 01 Dec 2022 01:22:09 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11425
Expires: Thu, 01 Dec 2022 04:32:34 GMT
Date: Thu, 01 Dec 2022 01:22:09 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9e3a9eb-bc9d-4e50-8738-e978a333d2ae.jpeg

34.120.237.76

200 OK

4.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9e3a9eb-bc9d-4e50-8738-e978a333d2ae.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.5 kB (4542 bytes)
Hash
80e7af4c2331ee27460e67d6d84f5740
ce0321a9b4ea6b56f8d768796a16f26520654b50
a05bb542d7c711b71a7a9a857130acf888a6400f4eb32ff5df1a506a3f8591ce

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9e3a9eb-bc9d-4e50-8738-e978a333d2ae.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4542
x-amzn-requestid: 254467ba-82aa-4964-9e3b-04b2d79a43d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cJWiqEQhIAMFnJw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63806add-2ad86b6031c6984c43f2741d;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 07:12:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2J8Dkm4nUOgJfxXf1aXt3_z-mOmxeksWf0TbTp9mQXOjI1skSW7XJg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 02:00:33 GMT
age: 84096
etag: "ce0321a9b4ea6b56f8d768796a16f26520654b50"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f6b1394-57be-42ed-ad12-94fa7a0b4be7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7609 bytes)
Hash
0d0219e6bee2a28f003f396f872eecf0
b3d22d146c6094cb539de40a72b9c5a140802ee5
41c1b037e8e654c19f36b74cceccd1fc841cc9fb7de39ac552ab5089dc3e82db

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f6b1394-57be-42ed-ad12-94fa7a0b4be7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7609
x-amzn-requestid: 1a464872-7c15-42d3-a12a-f344adf99662
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cV91PHVUoAMFf4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63857687-3f77f387752222b212d6e2a5;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 03:03:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XUcf5sxPRTQEOS_HWPDW5ioStuq1TPMKvKQSRi2kZI5TbTWEVKFfog==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 03:42:48 GMT
age: 77961
etag: "b3d22d146c6094cb539de40a72b9c5a140802ee5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

2.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabcce497-e838-40ff-ab98-af5f631b766f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
2.4 kB (2382 bytes)
Hash
f5469e846da1e0f21cfc480f56a656a6
b3eaec75f854d22cd1dcd6aa42e37f6d0df50036
d5701207a8b6b358359ebfd85a6916af7a3abf79acba235bf7d4131b0bc2e9b5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabcce497-e838-40ff-ab98-af5f631b766f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 2382
x-amzn-requestid: 7279ff68-1e32-4c57-9b9d-f5803a19e8e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cJYQuEmEIAMFkeg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63806d9e-2cf28dc150b53b9f3c60bb4c;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 07:24:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: UaUyc03Gw0P7G_7gjAyp-c3XxjIDbllO7lmG_8UWVCuBP4WgEgSydQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 14:26:41 GMT
age: 39328
etag: "b3eaec75f854d22cd1dcd6aa42e37f6d0df50036"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8740 bytes)
Hash
26d6dffbf400da4803a2e76e2a8ef2f8
2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8
04c6e31623fe48cbe83dc91635bfa47b337590f18919995b08d5bde27e929e03

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8740
x-amzn-requestid: c6c3e3dc-c9a2-4fda-a83b-cdd6ae81166b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP7uyE9CoAMF6Xg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63830cc4-2c8940405044071a082ee678;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qykE_oaoqqPTgqGnfUo74mH29IOS97b5sZb_3VmB9yW7KUiJ1a7dnA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 18:58:06 GMT
age: 23043
etag: "2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7837c610-4f38-4ecd-b984-5752ff89a1f8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (7957 bytes)
Hash
37004182402c955f288eb1fa8df7aef4
01a07f9a5725f608fafeced7b3d1ebdbcb776c29
c90c80dd5cadbde3fef20a9c4561b1efa47401e5f6bdf64c91246553c50204f0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7837c610-4f38-4ecd-b984-5752ff89a1f8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7957
x-amzn-requestid: 54f43d6b-cf41-4067-b459-6b8d98869354
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cV91PGgNIAMF2Xg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63857687-069ac54c22797a511c69a220;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 03:03:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5et72pBhP9fdm4fNy6V5AJjs7B5N3HUGgaToNJV3LbA59D-0QDAMvw==
via: 1.1 6c90b631453c435bd0022caa657b67e8.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 03:31:51 GMT
age: 78618
etag: "01a07f9a5725f608fafeced7b3d1ebdbcb776c29"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1fe6f5b-2658-4434-b276-36d841c8ceee.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.1 kB (8124 bytes)
Hash
42c762f71487f8e0285dd2129700f069
ec0fd74a981603e197df26c6fb79ef039f737557
8a40883d87b1e2c6e116e3cf881a8b39c987200a8556b651f78a376b3ddbaa26

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1fe6f5b-2658-4434-b276-36d841c8ceee.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8124
x-amzn-requestid: e000c0d5-82d0-41a8-8def-b36970226969
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb0UqEd1oAMFakQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cdb7-27efd8c92b8f6e4f257cec3b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:40:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 1GIxjB2nXfoxuqJHLtkXl4OJT_Po5DJA_w26E2K8WOmm_PZw1qU3IQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 22:19:35 GMT
etag: "ec0fd74a981603e197df26c6fb79ef039f737557"
content-type: image/jpeg
age: 10954
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/convergedlogin_pcore.min.js

13.107.213.53

200 OK

450 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/convergedlogin_pcore.min.js
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (32002), with CRLF line terminators
Size
450 kB (450214 bytes)
Hash
9ae1e96885da36ab5aacdaf54eeb8305
34084f5f515dab11fc20b63089d5d1a80e75d478
e4a459ed9bf635aaf0bbcfb36142c32264378f2dd25aa79bae136dfd55dd5888

HTTP Headers

GET /Content/newSignInFiles/convergedlogin_pcore.min.js HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/eur/7bc03988-1063-4a03-b76c-030695984be0/c99b8d47-af86-4c63-b704-0589e91b73cb/eb3d56e3-70a9-410e-ab7b-67da7f266672/login?id=b25Ld2txMmdiaHVicTFRaFRaWkRUaVA3bVpiNG9lN2xNTEw4c1dXTnM1T2MzM0cramVjbzY3a0VMMU52dVUvd0JEZGsva3VlaURPRUNSS2pkUlBzSnNjWXQxQXU4L3Z3OTdYWDJFOVVjK0xjQXlWMXk5ckJSM2xuWU1abnFOWHZnWmJ0ZEtaWC9NdGoxRG1vVzRBUGNiVTF0MHdDcy9ETlh2dTViN3RSd08xeVF0dUxsMnBPNFAyMHM3UGpDSU9ZUnVRWkVEc1BCY2dhR1RSWDZCeG5jamxRRXNXbzZ5RDBSZ01YN09Cb1d4dWVmTTZtd0FIdkVZaGdmV1p2TEdyZEJpRll3NFlscVdQZFJqeFY3QVhTNlJMVUZ0MWJZRzd0UVFraXN6endIY3p5RVVSenV0MUdqd1ZlR1FMZmN1WDQvTGFmN053N1JuYlhWMjB4Q0gzWGxabGNZMW5RaEp6a3RHaEJiM0M0ZE5malFORE1uTlljOXczSElpUHpTQTV5c213eWVuVVMybDNzQm9zRGN2bDdLQT09
Cookie: .AspNetCore.Antiforgery.U45wRIJcwUw=CfDJ8LTyG_UAIhZJp_v60vhwlYJJjpqOFg7EoztfTSFFOl02Ri0-kt3MXmNtcbQ-fRTqC2SKTMmSs47uElT0jYzR-NFMP7E9291Eg-rnVygfBUEPtQI2ZmldfinniCa4YrOQdPWKeAOy4BLVOnZaaNCHH1M
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 450214
content-type: application/javascript
last-modified: Thu, 24 Nov 2022 09:32:10 GMT
accept-ranges: bytes
etag: "1d8ffe7a05017a6"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0wAGIYwAAAACbAP9zJOPtQprecYA4wH4kQU1TMDRFREdFMTkxNwAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 01 Dec 2022 01:22:08 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/0.jpg

13.107.213.53

200 OK

298 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/0.jpg
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, xresolution=98, yresolution=106, resolutionunit=2, software=paint.net 4.0.13], baseline, precision 8, 1920x1080, components 3\012- data
Size
298 kB (298105 bytes)
Hash
f5a9a9531b8f4bcc86eabb19472d15d5
0aac0b09708622c679768aa62b11d95f0e8388de
62faab60433070e2ea52c235f0f18db228759f2a08bb6f9e5711630df8321214

HTTP Headers

GET /Content/newSignInFiles/0.jpg HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/eur/7bc03988-1063-4a03-b76c-030695984be0/c99b8d47-af86-4c63-b704-0589e91b73cb/eb3d56e3-70a9-410e-ab7b-67da7f266672/login?id=b25Ld2txMmdiaHVicTFRaFRaWkRUaVA3bVpiNG9lN2xNTEw4c1dXTnM1T2MzM0cramVjbzY3a0VMMU52dVUvd0JEZGsva3VlaURPRUNSS2pkUlBzSnNjWXQxQXU4L3Z3OTdYWDJFOVVjK0xjQXlWMXk5ckJSM2xuWU1abnFOWHZnWmJ0ZEtaWC9NdGoxRG1vVzRBUGNiVTF0MHdDcy9ETlh2dTViN3RSd08xeVF0dUxsMnBPNFAyMHM3UGpDSU9ZUnVRWkVEc1BCY2dhR1RSWDZCeG5jamxRRXNXbzZ5RDBSZ01YN09Cb1d4dWVmTTZtd0FIdkVZaGdmV1p2TEdyZEJpRll3NFlscVdQZFJqeFY3QVhTNlJMVUZ0MWJZRzd0UVFraXN6endIY3p5RVVSenV0MUdqd1ZlR1FMZmN1WDQvTGFmN053N1JuYlhWMjB4Q0gzWGxabGNZMW5RaEp6a3RHaEJiM0M0ZE5malFORE1uTlljOXczSElpUHpTQTV5c213eWVuVVMybDNzQm9zRGN2bDdLQT09
Cookie: .AspNetCore.Antiforgery.U45wRIJcwUw=CfDJ8LTyG_UAIhZJp_v60vhwlYJJjpqOFg7EoztfTSFFOl02Ri0-kt3MXmNtcbQ-fRTqC2SKTMmSs47uElT0jYzR-NFMP7E9291Eg-rnVygfBUEPtQI2ZmldfinniCa4YrOQdPWKeAOy4BLVOnZaaNCHH1M
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 298105
content-type: image/jpeg
last-modified: Wed, 30 Nov 2022 09:25:26 GMT
accept-ranges: bytes
etag: "1d9049dae074b79"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0wQGIYwAAAABJW14/Hx1sT5/wJvA05wdxQU1TMDRFREdFMTkxNwAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 01 Dec 2022 01:22:09 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/prefetch.html

13.107.213.53

200 OK

1.8 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/prefetch.html
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
1.8 kB (1756 bytes)
Hash
a9661376c6d3c89c6448e8efdce7fcfe
5f861ddc8c0d18fc4f1ad6f04a1232504b0e3f27
c7972543b426a4ea331b3de94b4c29071d2b69ec5b2616b7af195c5cf531e72f

HTTP Headers

GET /Content/newSignInFiles/prefetch.html HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/eur/7bc03988-1063-4a03-b76c-030695984be0/c99b8d47-af86-4c63-b704-0589e91b73cb/eb3d56e3-70a9-410e-ab7b-67da7f266672/login?id=b25Ld2txMmdiaHVicTFRaFRaWkRUaVA3bVpiNG9lN2xNTEw4c1dXTnM1T2MzM0cramVjbzY3a0VMMU52dVUvd0JEZGsva3VlaURPRUNSS2pkUlBzSnNjWXQxQXU4L3Z3OTdYWDJFOVVjK0xjQXlWMXk5ckJSM2xuWU1abnFOWHZnWmJ0ZEtaWC9NdGoxRG1vVzRBUGNiVTF0MHdDcy9ETlh2dTViN3RSd08xeVF0dUxsMnBPNFAyMHM3UGpDSU9ZUnVRWkVEc1BCY2dhR1RSWDZCeG5jamxRRXNXbzZ5RDBSZ01YN09Cb1d4dWVmTTZtd0FIdkVZaGdmV1p2TEdyZEJpRll3NFlscVdQZFJqeFY3QVhTNlJMVUZ0MWJZRzd0UVFraXN6endIY3p5RVVSenV0MUdqd1ZlR1FMZmN1WDQvTGFmN053N1JuYlhWMjB4Q0gzWGxabGNZMW5RaEp6a3RHaEJiM0M0ZE5malFORE1uTlljOXczSElpUHpTQTV5c213eWVuVVMybDNzQm9zRGN2bDdLQT09
Cookie: .AspNetCore.Antiforgery.U45wRIJcwUw=CfDJ8LTyG_UAIhZJp_v60vhwlYJJjpqOFg7EoztfTSFFOl02Ri0-kt3MXmNtcbQ-fRTqC2SKTMmSs47uElT0jYzR-NFMP7E9291Eg-rnVygfBUEPtQI2ZmldfinniCa4YrOQdPWKeAOy4BLVOnZaaNCHH1M
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 1756
content-type: text/html
last-modified: Thu, 24 Nov 2022 10:44:45 GMT
accept-ranges: bytes
etag: "1d8fff1c41f0a5c"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0wQGIYwAAAAA3eo3C4QwwRJxGwxc7v6aXQU1TMDRFREdFMTkxNwAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 01 Dec 2022 01:22:09 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/staticStylesFluent.css

13.107.213.53

200 OK

42 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/staticStylesFluent.css
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (42370), with no line terminators
Size
42 kB (42370 bytes)
Hash
91eabe9f6d879f4ca72b65493213bd68
0f6815e186b3c08e4e4aa3105282db2588c9dd33
3e17954a96ef8fdab6b6c32b08452a5e555f3c95a3ac691913542b54198c3dc5

HTTP Headers

GET /Content/newSignInFiles/staticStylesFluent.css HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/Content/newSignInFiles/prefetch.html
Cookie: .AspNetCore.Antiforgery.U45wRIJcwUw=CfDJ8LTyG_UAIhZJp_v60vhwlYJJjpqOFg7EoztfTSFFOl02Ri0-kt3MXmNtcbQ-fRTqC2SKTMmSs47uElT0jYzR-NFMP7E9291Eg-rnVygfBUEPtQI2ZmldfinniCa4YrOQdPWKeAOy4BLVOnZaaNCHH1M
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 42370
content-type: text/css
last-modified: Thu, 24 Nov 2022 09:30:44 GMT
accept-ranges: bytes
etag: "1d8ffe76d149f82"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0wgGIYwAAAABjz9sofAVeR6oSVZUXJCdTQU1TMDRFREdFMTkxNwAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 01 Dec 2022 01:22:09 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/share.html

13.107.213.53

200 OK

61 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/share.html
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (34636), with CRLF line terminators
Size
61 kB (61050 bytes)
Hash
9a3bb6d1929df442683d0042a4da4736
f40f88e9c5043f43ce176313738f0242bc741ddb
1f2052b393bc87d22c4320ac95cfa8e0e0b5e6e505be6e49c9b8158df02ff1be

HTTP Headers

GET /Content/newSignInFiles/share.html HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/Content/newSignInFiles/prefetch.html
Cookie: .AspNetCore.Antiforgery.U45wRIJcwUw=CfDJ8LTyG_UAIhZJp_v60vhwlYJJjpqOFg7EoztfTSFFOl02Ri0-kt3MXmNtcbQ-fRTqC2SKTMmSs47uElT0jYzR-NFMP7E9291Eg-rnVygfBUEPtQI2ZmldfinniCa4YrOQdPWKeAOy4BLVOnZaaNCHH1M
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 61050
content-type: text/html
last-modified: Fri, 25 Nov 2022 06:48:12 GMT
accept-ranges: bytes
etag: "1d90099e2d8307a"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0wgGIYwAAAACqJ8V/HSPIRoYtLmaFbTCvQU1TMDRFREdFMTkxNwAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 01 Dec 2022 01:22:09 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/react-e173c92e.js

13.107.213.53

200 OK

151 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/react-e173c92e.js
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (65536), with no line terminators
Size
151 kB (150787 bytes)
Hash
e173c92e0f5b1f151fb56b251cacbc39
5a2ecc596693c47856d22c7f240c9b9568bb96a0
66bcaf33e9ff0218ddd697bfcc5067e10840ae8055f271dcf7d5a37ade6ee22f

HTTP Headers

GET /Content/newSignInFiles/react-e173c92e.js HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.attemplate.com/Content/newSignInFiles/share.html
Connection: keep-alive
Cookie: .AspNetCore.Antiforgery.U45wRIJcwUw=CfDJ8LTyG_UAIhZJp_v60vhwlYJJjpqOFg7EoztfTSFFOl02Ri0-kt3MXmNtcbQ-fRTqC2SKTMmSs47uElT0jYzR-NFMP7E9291Eg-rnVygfBUEPtQI2ZmldfinniCa4YrOQdPWKeAOy4BLVOnZaaNCHH1M
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 150787
content-type: application/javascript
last-modified: Fri, 25 Nov 2022 06:23:12 GMT
accept-ranges: bytes
etag: "1d9009664c54503"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0wgGIYwAAAADmR8cxQvnOT5F9xobYuOnzQU1TMDRFREdFMTkxNwAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 01 Dec 2022 01:22:09 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/odbshare.resx-30cb8c0f.js

13.107.213.53

200 OK

55 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/odbshare.resx-30cb8c0f.js
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 text, with very long lines (54840), with no line terminators
Size
55 kB (54846 bytes)
Hash
30cb8c0f0121ecf0d7e72f25e99db372
d5569b73a452b935da0394cda601ef83e69e5361
df5b5ebcb8f62fb2e24b77c57d71f02f98705370ccad457e4ca214975ab77498

HTTP Headers

GET /Content/newSignInFiles/odbshare.resx-30cb8c0f.js HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.attemplate.com/Content/newSignInFiles/share.html
Connection: keep-alive
Cookie: .AspNetCore.Antiforgery.U45wRIJcwUw=CfDJ8LTyG_UAIhZJp_v60vhwlYJJjpqOFg7EoztfTSFFOl02Ri0-kt3MXmNtcbQ-fRTqC2SKTMmSs47uElT0jYzR-NFMP7E9291Eg-rnVygfBUEPtQI2ZmldfinniCa4YrOQdPWKeAOy4BLVOnZaaNCHH1M
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 54846
content-type: application/javascript
last-modified: Thu, 24 Nov 2022 10:12:11 GMT
accept-ranges: bytes
etag: "1d8ffed377299be"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0wgGIYwAAAACG9T0ztUgNTZIig4/o+DAcQU1TMDRFREdFMTkxNwAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 01 Dec 2022 01:22:09 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/0-small.jpg

13.107.213.53

200 OK

1.0 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/0-small.jpg
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, xresolution=98, yresolution=106, resolutionunit=2, software=paint.net 4.0.13], baseline, precision 8, 50x28, components 3\012- data
Size
1.0 kB (1029 bytes)
Hash
12f4b8b543125cc986c79cd85320812f
e3142c687fe873e1a6a7d29016c7a451b8a2850f
c13db279143e1845ee4aaee5afedc5bd75e9f7d50024b63883b45332c4960b3b

HTTP Headers

GET /Content/newSignInFiles/0-small.jpg HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/eur/7bc03988-1063-4a03-b76c-030695984be0/c99b8d47-af86-4c63-b704-0589e91b73cb/eb3d56e3-70a9-410e-ab7b-67da7f266672/login?id=b25Ld2txMmdiaHVicTFRaFRaWkRUaVA3bVpiNG9lN2xNTEw4c1dXTnM1T2MzM0cramVjbzY3a0VMMU52dVUvd0JEZGsva3VlaURPRUNSS2pkUlBzSnNjWXQxQXU4L3Z3OTdYWDJFOVVjK0xjQXlWMXk5ckJSM2xuWU1abnFOWHZnWmJ0ZEtaWC9NdGoxRG1vVzRBUGNiVTF0MHdDcy9ETlh2dTViN3RSd08xeVF0dUxsMnBPNFAyMHM3UGpDSU9ZUnVRWkVEc1BCY2dhR1RSWDZCeG5jamxRRXNXbzZ5RDBSZ01YN09Cb1d4dWVmTTZtd0FIdkVZaGdmV1p2TEdyZEJpRll3NFlscVdQZFJqeFY3QVhTNlJMVUZ0MWJZRzd0UVFraXN6endIY3p5RVVSenV0MUdqd1ZlR1FMZmN1WDQvTGFmN053N1JuYlhWMjB4Q0gzWGxabGNZMW5RaEp6a3RHaEJiM0M0ZE5malFORE1uTlljOXczSElpUHpTQTV5c213eWVuVVMybDNzQm9zRGN2bDdLQT09
Cookie: .AspNetCore.Antiforgery.U45wRIJcwUw=CfDJ8LTyG_UAIhZJp_v60vhwlYJJjpqOFg7EoztfTSFFOl02Ri0-kt3MXmNtcbQ-fRTqC2SKTMmSs47uElT0jYzR-NFMP7E9291Eg-rnVygfBUEPtQI2ZmldfinniCa4YrOQdPWKeAOy4BLVOnZaaNCHH1M
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 1029
content-type: image/jpeg
last-modified: Fri, 25 Nov 2022 06:38:37 GMT
accept-ranges: bytes
etag: "1d900988c1ed085"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0wQGIYwAAAABfTlNo2cHCS5jV5yI+AMrvQU1TMDRFREdFMTkxNwAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 01 Dec 2022 01:22:09 GMT
X-Firefox-Spdy: h2

secure.aadcdn.microsoftonline-p.com/ests/2.1.7362.11/content/cdnbundles/watsonsupport.min.js

184.86.8.44

200 OK

38 kB

URL HTTP/1.1
secure.aadcdn.microsoftonline-p.com/ests/2.1.7362.11/content/cdnbundles/watsonsupport.min.js
IP
184.86.8.44:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (32083)
Size
38 kB (38473 bytes)
Hash
ba1f871fe9fbfe0ad04cebb6fadb310a
4cda39e75d7150e0848afbcc792b219b9aa94199
a012ac4ab760ff33f4687ff7a7ab204025e229ee9dd8b15f271d464f6a935c64

HTTP Headers

GET /ests/2.1.7362.11/content/cdnbundles/watsonsupport.min.js HTTP/1.1
Host: secure.aadcdn.microsoftonline-p.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Length: 38473
Content-Type: application/x-javascript
Content-Encoding: gzip
Content-MD5: uh+HH+n7/grQTOu2+tsxCg==
Last-Modified: Sat, 18 May 2019 15:11:34 GMT
Cache-Control: public, max-age=604800
Date: Thu, 01 Dec 2022 01:22:10 GMT
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Origin: *

www.attemplate.com/Content/newSignInFiles/favicon_a.ico

13.107.213.53

200 OK

17 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/favicon_a.ico
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors\012- data
Size
17 kB (17174 bytes)
Hash
12e3dac858061d088023b2bd48e2fa96
e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - Microsoft

HTTP Headers

GET /Content/newSignInFiles/favicon_a.ico HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/eur/7bc03988-1063-4a03-b76c-030695984be0/c99b8d47-af86-4c63-b704-0589e91b73cb/eb3d56e3-70a9-410e-ab7b-67da7f266672/login?id=b25Ld2txMmdiaHVicTFRaFRaWkRUaVA3bVpiNG9lN2xNTEw4c1dXTnM1T2MzM0cramVjbzY3a0VMMU52dVUvd0JEZGsva3VlaURPRUNSS2pkUlBzSnNjWXQxQXU4L3Z3OTdYWDJFOVVjK0xjQXlWMXk5ckJSM2xuWU1abnFOWHZnWmJ0ZEtaWC9NdGoxRG1vVzRBUGNiVTF0MHdDcy9ETlh2dTViN3RSd08xeVF0dUxsMnBPNFAyMHM3UGpDSU9ZUnVRWkVEc1BCY2dhR1RSWDZCeG5jamxRRXNXbzZ5RDBSZ01YN09Cb1d4dWVmTTZtd0FIdkVZaGdmV1p2TEdyZEJpRll3NFlscVdQZFJqeFY3QVhTNlJMVUZ0MWJZRzd0UVFraXN6endIY3p5RVVSenV0MUdqd1ZlR1FMZmN1WDQvTGFmN053N1JuYlhWMjB4Q0gzWGxabGNZMW5RaEp6a3RHaEJiM0M0ZE5malFORE1uTlljOXczSElpUHpTQTV5c213eWVuVVMybDNzQm9zRGN2bDdLQT09
Cookie: .AspNetCore.Antiforgery.U45wRIJcwUw=CfDJ8LTyG_UAIhZJp_v60vhwlYJJjpqOFg7EoztfTSFFOl02Ri0-kt3MXmNtcbQ-fRTqC2SKTMmSs47uElT0jYzR-NFMP7E9291Eg-rnVygfBUEPtQI2ZmldfinniCa4YrOQdPWKeAOy4BLVOnZaaNCHH1M
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 17174
content-type: image/x-icon
last-modified: Thu, 24 Nov 2022 09:09:36 GMT
accept-ranges: bytes
etag: "1d8ffe4794a8b16"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0wgGIYwAAAABTjKaPVmQPT6wwKfd9eFFwQU1TMDRFREdFMTkxNwAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 01 Dec 2022 01:22:10 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/prefetch_1.html

13.107.213.53

200 OK

3.4 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/prefetch_1.html
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (1188), with CRLF line terminators
Size
3.4 kB (3401 bytes)
Hash
64a497444d32ffc563f0acb028a00add
0128ccd7f2db9cad212bbad9604fbf375fd6e9d2
b3ed53e1ec89c55f0ad6f8241900b6fb06c8538158ae386ad18666942a6c1180

HTTP Headers

GET /Content/newSignInFiles/prefetch_1.html HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/Content/newSignInFiles/prefetch.html
Cookie: .AspNetCore.Antiforgery.U45wRIJcwUw=CfDJ8LTyG_UAIhZJp_v60vhwlYJJjpqOFg7EoztfTSFFOl02Ri0-kt3MXmNtcbQ-fRTqC2SKTMmSs47uElT0jYzR-NFMP7E9291Eg-rnVygfBUEPtQI2ZmldfinniCa4YrOQdPWKeAOy4BLVOnZaaNCHH1M
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 3401
content-type: text/html
last-modified: Fri, 25 Nov 2022 06:46:38 GMT
accept-ranges: bytes
etag: "1d90099aad19649"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0wgGIYwAAAACrEpJpbP8pSr2QAFzjV2YdQU1TMDRFREdFMTkxNwAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 01 Dec 2022 01:22:10 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/sprite1.mouse.css

13.107.213.53

200 OK

7.6 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/sprite1.mouse.css
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (7604), with no line terminators
Size
7.6 kB (7604 bytes)
Hash
e9ba472d2ddb09fb3ec536dc240b1976
99daf55408b077f6f56daaf6cae4e54dc0fc0cfa
461f87e55bba34c4d9248d1b45685ea832eba56c15ebf6cccf75d49f1547b502

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - Microsoft

HTTP Headers

GET /Content/newSignInFiles/sprite1.mouse.css HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/Content/newSignInFiles/prefetch_1.html
Cookie: .AspNetCore.Antiforgery.U45wRIJcwUw=CfDJ8LTyG_UAIhZJp_v60vhwlYJJjpqOFg7EoztfTSFFOl02Ri0-kt3MXmNtcbQ-fRTqC2SKTMmSs47uElT0jYzR-NFMP7E9291Eg-rnVygfBUEPtQI2ZmldfinniCa4YrOQdPWKeAOy4BLVOnZaaNCHH1M
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 7604
content-type: text/css
last-modified: Wed, 30 Nov 2022 09:25:26 GMT
accept-ranges: bytes
etag: "1d9049dae03dab4"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0wgGIYwAAAAB42YtKLsxwSo3Gn75xo2esQU1TMDRFREdFMTkxNwAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 01 Dec 2022 01:22:10 GMT
X-Firefox-Spdy: h2

secure.aadcdn.microsoftonline-p.com/ests/2.1.7362.11/content/cdnbundles/frameworksupport.min.js

184.86.8.44

200 OK

4.9 kB

URL HTTP/1.1
secure.aadcdn.microsoftonline-p.com/ests/2.1.7362.11/content/cdnbundles/frameworksupport.min.js
IP
184.86.8.44:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (10924)
Size
4.9 kB (4855 bytes)
Hash
d3e0516c821ba596614af3b0d3362b82
56353c5fbb6a76635521e378f91f6d6f80ccf611
e229fe312a20c124015ffbcf6f03b72fb91cef7641297d28e5e737c4bed96260

HTTP Headers

GET /ests/2.1.7362.11/content/cdnbundles/frameworksupport.min.js HTTP/1.1
Host: secure.aadcdn.microsoftonline-p.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Length: 4855
Content-Type: application/x-javascript
Content-Encoding: gzip
Content-MD5: 0+BRbIIbpZZhSvOw0zYrgg==
Last-Modified: Sat, 18 May 2019 15:12:35 GMT
Cache-Control: public, max-age=604800
Date: Thu, 01 Dec 2022 01:22:10 GMT
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Origin: *

secure.aadcdn.microsoftonline-p.com/ests/2.1.7362.11/content/cdnbundles/watson.min.js

184.86.8.44

200 OK

3.8 kB

URL HTTP/1.1
secure.aadcdn.microsoftonline-p.com/ests/2.1.7362.11/content/cdnbundles/watson.min.js
IP
184.86.8.44:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (8878), with no line terminators
Size
3.8 kB (3780 bytes)
Hash
5b5f0189c1948f02eb830e159946889e
b8cc8fa54058a613c29d355d432f967390dfdf6b
63e479c4b1297ac1553593205650af172e1225447a9b8a1faac306d5d496942f

HTTP Headers

GET /ests/2.1.7362.11/content/cdnbundles/watson.min.js HTTP/1.1
Host: secure.aadcdn.microsoftonline-p.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Length: 3780
Content-Type: application/x-javascript
Content-Encoding: gzip
Content-MD5: W18BicGUjwLrgw4VmUaIng==
Last-Modified: Sat, 18 May 2019 15:11:58 GMT
Cache-Control: public, max-age=604800
Date: Thu, 01 Dec 2022 01:22:11 GMT
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Origin: *

www.attemplate.com/Content/newSignInFiles/knockout-b324ae36.js

13.107.213.53

200 OK

66 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/knockout-b324ae36.js
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (59466), with CRLF line terminators
Size
66 kB (65592 bytes)
Hash
1fe900de2fc85937b8fd66b912d5ec98
1aa37910ecec33bee345da74cd5ee50feb85fbe1
5052bc6222b5c7990b21575a67fbeb1396e550fb03d11b86c9bc96dbb8a9e4e7

HTTP Headers

GET /Content/newSignInFiles/knockout-b324ae36.js HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.attemplate.com/Content/newSignInFiles/share.html
Connection: keep-alive
Cookie: .AspNetCore.Antiforgery.U45wRIJcwUw=CfDJ8LTyG_UAIhZJp_v60vhwlYJJjpqOFg7EoztfTSFFOl02Ri0-kt3MXmNtcbQ-fRTqC2SKTMmSs47uElT0jYzR-NFMP7E9291Eg-rnVygfBUEPtQI2ZmldfinniCa4YrOQdPWKeAOy4BLVOnZaaNCHH1M
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 65592
content-type: application/javascript
last-modified: Thu, 24 Nov 2022 10:44:45 GMT
accept-ranges: bytes
etag: "1d8fff1c41e0cb8"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0wgGIYwAAAABIk31E5My/RJWisW2/Xn7MQU1TMDRFREdFMTkxNwAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 01 Dec 2022 01:22:09 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/sharedFontStyles.css

13.107.213.53

200 OK

81 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/sharedFontStyles.css
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (65536), with no line terminators
Size
81 kB (80753 bytes)
Hash
f2b550ccd5342b303f228c6c21b75a5a
1f0d44968065c0e7c6c94c48b64df85fd87319ee
0365a3907c20a89c185786deb53076a06d0c823926153a46d534359e05b3fd94

HTTP Headers

GET /Content/newSignInFiles/sharedFontStyles.css HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/Content/newSignInFiles/prefetch.html
Cookie: .AspNetCore.Antiforgery.U45wRIJcwUw=CfDJ8LTyG_UAIhZJp_v60vhwlYJJjpqOFg7EoztfTSFFOl02Ri0-kt3MXmNtcbQ-fRTqC2SKTMmSs47uElT0jYzR-NFMP7E9291Eg-rnVygfBUEPtQI2ZmldfinniCa4YrOQdPWKeAOy4BLVOnZaaNCHH1M
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 80753
content-type: text/css
last-modified: Fri, 25 Nov 2022 06:22:37 GMT
accept-ranges: bytes
etag: "1d900964feb4ff1"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0wgGIYwAAAADrkeviNP6fRZGmga95q8JVQU1TMDRFREdFMTkxNwAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 01 Dec 2022 01:22:10 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/sprite1.mouse.png

13.107.213.53

200 OK

17 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/sprite1.mouse.png
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 600 x 75, 8-bit/color RGBA, non-interlaced\012- data
Size
17 kB (16664 bytes)
Hash
2835f067dcf4c8a12464856267ca8ff7
ab0a6ccd3932d913314b1ff617f236750781a835
4b5cc3fed2c03c158abc3634c1f7700079fbc1e6183aa5e47a2064cfed87977c

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - Microsoft

HTTP Headers

GET /Content/newSignInFiles/sprite1.mouse.png HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/Content/newSignInFiles/prefetch_1.html
Cookie: .AspNetCore.Antiforgery.U45wRIJcwUw=CfDJ8LTyG_UAIhZJp_v60vhwlYJJjpqOFg7EoztfTSFFOl02Ri0-kt3MXmNtcbQ-fRTqC2SKTMmSs47uElT0jYzR-NFMP7E9291Eg-rnVygfBUEPtQI2ZmldfinniCa4YrOQdPWKeAOy4BLVOnZaaNCHH1M
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 16664
content-type: image/png
last-modified: Fri, 25 Nov 2022 06:31:03 GMT
accept-ranges: bytes
etag: "1d900977d83ac98"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0wgGIYwAAAADwQN1aIDNgQbzjB5l6Ljv5QU1TMDRFREdFMTkxNwAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 01 Dec 2022 01:22:10 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/boot.worldwide.3.mouse.js

13.107.213.53

200 OK

656 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/boot.worldwide.3.mouse.js
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (65339), with CRLF line terminators
Size
656 kB (656278 bytes)
Hash
97c5f8fff487304a9482b1bc49cc0d01
4e2f7c2efef5e2eb974e42c75add4c5fe62bc3f6
09b52730dfeb19700920e33d3a12060ec2c78ccb62b7336a22a3d39fb07674a5

HTTP Headers

GET /Content/newSignInFiles/boot.worldwide.3.mouse.js HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/Content/newSignInFiles/prefetch_1.html
Cookie: .AspNetCore.Antiforgery.U45wRIJcwUw=CfDJ8LTyG_UAIhZJp_v60vhwlYJJjpqOFg7EoztfTSFFOl02Ri0-kt3MXmNtcbQ-fRTqC2SKTMmSs47uElT0jYzR-NFMP7E9291Eg-rnVygfBUEPtQI2ZmldfinniCa4YrOQdPWKeAOy4BLVOnZaaNCHH1M
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 656278
content-type: application/javascript
last-modified: Fri, 25 Nov 2022 06:31:01 GMT
accept-ranges: bytes
etag: "1d900977c58c316"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0wgGIYwAAAADH4WcqdSElR6RrlhhyypxXQU1TMDRFREdFMTkxNwAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 01 Dec 2022 01:22:10 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/odbshare-deca58ee.js

13.107.213.53

200 OK

1.3 MB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/odbshare-deca58ee.js
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (52526), with CRLF line terminators
Size
1.3 MB (1267037 bytes)
Hash
36e4d5260114c1c0aaaf543f60242abe
216bb5e7b2d7b3ea2fa94be5bd0daaa8420d9294
23f0ff28cbffa80317fd222cb6b7857cfd2075be3bccebfac2cbc97ad1747da6

HTTP Headers

GET /Content/newSignInFiles/odbshare-deca58ee.js HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.attemplate.com/Content/newSignInFiles/share.html
Connection: keep-alive
Cookie: .AspNetCore.Antiforgery.U45wRIJcwUw=CfDJ8LTyG_UAIhZJp_v60vhwlYJJjpqOFg7EoztfTSFFOl02Ri0-kt3MXmNtcbQ-fRTqC2SKTMmSs47uElT0jYzR-NFMP7E9291Eg-rnVygfBUEPtQI2ZmldfinniCa4YrOQdPWKeAOy4BLVOnZaaNCHH1M
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 1267037
content-type: application/javascript
last-modified: Fri, 25 Nov 2022 06:30:38 GMT
accept-ranges: bytes
etag: "1d900976e8e6e5d"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0wgGIYwAAAAAUb/I66T5XTZ08BYGYp1cpQU1TMDRFREdFMTkxNwAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 01 Dec 2022 01:22:10 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/boot.worldwide.mouse.css

13.107.213.53

200 OK

232 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/boot.worldwide.mouse.css
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (65536), with no line terminators
Size
232 kB (232377 bytes)
Hash
48fc1595ceb5f14fd150e4c303231a66
cfea5fe8e941a3b54c37362e21b2f64969d51bb0
1be30cb9303e429a65d50bfa98d279c803256485836027d99b4b195b7fcd9f69

HTTP Headers

GET /Content/newSignInFiles/boot.worldwide.mouse.css HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/Content/newSignInFiles/prefetch_1.html
Cookie: .AspNetCore.Antiforgery.U45wRIJcwUw=CfDJ8LTyG_UAIhZJp_v60vhwlYJJjpqOFg7EoztfTSFFOl02Ri0-kt3MXmNtcbQ-fRTqC2SKTMmSs47uElT0jYzR-NFMP7E9291Eg-rnVygfBUEPtQI2ZmldfinniCa4YrOQdPWKeAOy4BLVOnZaaNCHH1M
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 232377
content-type: text/css
last-modified: Thu, 24 Nov 2022 08:53:54 GMT
accept-ranges: bytes
etag: "1d8ffe247d376b9"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0wgGIYwAAAACfUqT3oqrQRpKsF6LFeBuKQU1TMDRFREdFMTkxNwAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 01 Dec 2022 01:22:10 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/boot.worldwide.1.mouse.js

13.107.213.53

200 OK

655 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/boot.worldwide.1.mouse.js
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (65339), with CRLF line terminators
Size
655 kB (655420 bytes)
Hash
6a959bbef782c384e9bc59b6ca8985f5
6ff91ca8fc691f7ae420d6ee41b5172b08968f3f
eccbfcf674637944b0ad6c956e8a1210838158a3fa589d9d3752bc667ecfb09b

HTTP Headers

GET /Content/newSignInFiles/boot.worldwide.1.mouse.js HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/Content/newSignInFiles/prefetch_1.html
Cookie: .AspNetCore.Antiforgery.U45wRIJcwUw=CfDJ8LTyG_UAIhZJp_v60vhwlYJJjpqOFg7EoztfTSFFOl02Ri0-kt3MXmNtcbQ-fRTqC2SKTMmSs47uElT0jYzR-NFMP7E9291Eg-rnVygfBUEPtQI2ZmldfinniCa4YrOQdPWKeAOy4BLVOnZaaNCHH1M
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 655420
content-type: application/javascript
last-modified: Fri, 25 Nov 2022 06:38:58 GMT
accept-ranges: bytes
etag: "1d9009898a92d3c"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0wgGIYwAAAAB8KoswQnXgQrvblAeb3VtOQU1TMDRFREdFMTkxNwAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 01 Dec 2022 01:22:10 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/boot.worldwide.0.mouse.js

13.107.213.53

200 OK

659 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/boot.worldwide.0.mouse.js
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (59852), with CRLF line terminators
Size
659 kB (658812 bytes)
Hash
ddbd3e0172d580dce1d5037ac1b7df8b
182379569666d07d0505621be9d8e1b32353bd8e
7a321e19122b4aea06314fc09e75cf19e37d4ba61e6e315371987ac895e806ce

HTTP Headers

GET /Content/newSignInFiles/boot.worldwide.0.mouse.js HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/Content/newSignInFiles/prefetch_1.html
Cookie: .AspNetCore.Antiforgery.U45wRIJcwUw=CfDJ8LTyG_UAIhZJp_v60vhwlYJJjpqOFg7EoztfTSFFOl02Ri0-kt3MXmNtcbQ-fRTqC2SKTMmSs47uElT0jYzR-NFMP7E9291Eg-rnVygfBUEPtQI2ZmldfinniCa4YrOQdPWKeAOy4BLVOnZaaNCHH1M
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 658812
content-type: application/javascript
last-modified: Wed, 30 Nov 2022 09:20:35 GMT
accept-ranges: bytes
etag: "1d9049d009abefc"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0wgGIYwAAAADDWN42GjZtS7w8A+1xeWUqQU1TMDRFREdFMTkxNwAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 01 Dec 2022 01:22:10 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/boot.worldwide.2.mouse.js

13.107.213.53

200 OK

658 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/boot.worldwide.2.mouse.js
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (65339), with CRLF line terminators
Size
658 kB (658229 bytes)
Hash
4b4b962b7bcb6374b576fb44fb24a871
d8dcadb5752a2549f8321ac022edb6be3c7ca51f
f5ea68a1c0bb90325f9a53432026888725dacc91574702856db1d628c3f9c5df

HTTP Headers

GET /Content/newSignInFiles/boot.worldwide.2.mouse.js HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/Content/newSignInFiles/prefetch_1.html
Cookie: .AspNetCore.Antiforgery.U45wRIJcwUw=CfDJ8LTyG_UAIhZJp_v60vhwlYJJjpqOFg7EoztfTSFFOl02Ri0-kt3MXmNtcbQ-fRTqC2SKTMmSs47uElT0jYzR-NFMP7E9291Eg-rnVygfBUEPtQI2ZmldfinniCa4YrOQdPWKeAOy4BLVOnZaaNCHH1M
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 658229
content-type: application/javascript
last-modified: Wed, 30 Nov 2022 09:23:52 GMT
accept-ranges: bytes
etag: "1d9049d75f68f35"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0wgGIYwAAAAAWC89nQeyuRYWqbip8D5CWQU1TMDRFREdFMTkxNwAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 01 Dec 2022 01:22:11 GMT
X-Firefox-Spdy: h2

www.attemplate.com/common/handlers/watson

13.107.213.53

500 Internal Server Error

182 kB

URL HTTP/2
www.attemplate.com/common/handlers/watson
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
data
Size
182 kB (182438 bytes)
Hash
6a4605d9183a9132276138b1f27c2c6e
b724d3d3055462932d8a406165b0a38e344e1d8d
19edcacf89cbda7687486f753f1c2db7169b3dee5e6fdb391a07e4f8e169c99f

HTTP Headers

POST /common/handlers/watson HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=utf-8
canary: AQABAAAAAABHh4kmS_aKT5XrjzxRAtHzByAOmM8fpkvKw4pmLXe2B2zfR-dGJC7ZE_XiwLESgQono13jEoEudwaFfYbS-zBQP_Yi900yDXGDchlib2yXwFr4wifGHsKFmuBZ24Vjx8EyYALwzY3Ze9ETm_Pz1oKKoj5UyomNUgTMpvsO69Jo0okaQRk6XPpCpTQb8OBC9Tb79u9Xq2bMD7wtNDvalpa7j8x2WH64BMJpMNSQjMBGACAA
hpgid: 1104
hpgact: 1800
client-request-id: 72b50326-20c5-494b-941d-6db76a881875
X-Requested-With: XMLHttpRequest
Content-Length: 3833
Origin: https://www.attemplate.com
Connection: keep-alive
Referer: https://www.attemplate.com/eur/7bc03988-1063-4a03-b76c-030695984be0/c99b8d47-af86-4c63-b704-0589e91b73cb/eb3d56e3-70a9-410e-ab7b-67da7f266672/login?id=b25Ld2txMmdiaHVicTFRaFRaWkRUaVA3bVpiNG9lN2xNTEw4c1dXTnM1T2MzM0cramVjbzY3a0VMMU52dVUvd0JEZGsva3VlaURPRUNSS2pkUlBzSnNjWXQxQXU4L3Z3OTdYWDJFOVVjK0xjQXlWMXk5ckJSM2xuWU1abnFOWHZnWmJ0ZEtaWC9NdGoxRG1vVzRBUGNiVTF0MHdDcy9ETlh2dTViN3RSd08xeVF0dUxsMnBPNFAyMHM3UGpDSU9ZUnVRWkVEc1BCY2dhR1RSWDZCeG5jamxRRXNXbzZ5RDBSZ01YN09Cb1d4dWVmTTZtd0FIdkVZaGdmV1p2TEdyZEJpRll3NFlscVdQZFJqeFY3QVhTNlJMVUZ0MWJZRzd0UVFraXN6endIY3p5RVVSenV0MUdqd1ZlR1FMZmN1WDQvTGFmN053N1JuYlhWMjB4Q0gzWGxabGNZMW5RaEp6a3RHaEJiM0M0ZE5malFORE1uTlljOXczSElpUHpTQTV5c213eWVuVVMybDNzQm9zRGN2bDdLQT09
Cookie: .AspNetCore.Antiforgery.U45wRIJcwUw=CfDJ8LTyG_UAIhZJp_v60vhwlYJJjpqOFg7EoztfTSFFOl02Ri0-kt3MXmNtcbQ-fRTqC2SKTMmSs47uElT0jYzR-NFMP7E9291Eg-rnVygfBUEPtQI2ZmldfinniCa4YrOQdPWKeAOy4BLVOnZaaNCHH1M
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 500 Internal Server Error
content-type: text/html; charset=utf-8
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0wwGIYwAAAACVHqx11UTTSrkre3OWDpuaQU1TMDRFREdFMTkxNwAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 01 Dec 2022 01:22:10 GMT
X-Firefox-Spdy: h2

r4.res.office365.com/owa/prem/16.2170.8.2502626/scripts/boot.worldwide.1.mouse.js

23.36.79.11

200 OK

162 kB

URL HTTP/2
r4.res.office365.com/owa/prem/16.2170.8.2502626/scripts/boot.worldwide.1.mouse.js
IP
23.36.79.11:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (65339), with CRLF line terminators
Size
162 kB (161597 bytes)
Hash
1ad01b5690ad4fb23b104fc317ad7b7f
7f49802bcfbdd4e585ffc6d691848a673ef06625
958c030322a82decf7b6da5642b8bb084c7e9d8533e59f91062734a094493851

HTTP Headers

GET /owa/prem/16.2170.8.2502626/scripts/boot.worldwide.1.mouse.js HTTP/1.1
Host: r4.res.office365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
last-modified: Thu, 01 Mar 2018 22:03:27 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 161597
cache-control: public,max-age=630720000, s-maxage=630720000
date: Thu, 01 Dec 2022 01:22:13 GMT
timing-allow-origin: *
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

r4.res.office365.com/owa/prem/16.2170.8.2502626/scripts/boot.worldwide.2.mouse.js

23.36.79.11

200 OK

169 kB

URL HTTP/2
r4.res.office365.com/owa/prem/16.2170.8.2502626/scripts/boot.worldwide.2.mouse.js
IP
23.36.79.11:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (65339), with CRLF line terminators
Size
169 kB (169086 bytes)
Hash
33a2371675f9bb0d0eb8517b37ec3d0a
d7c8c6ace771737008ce3fc394fb69ec884e3918
01c5e59886323fb58a19db9f8c32cdba56edadca304e7f918f6b45bb4829c2c2

HTTP Headers

GET /owa/prem/16.2170.8.2502626/scripts/boot.worldwide.2.mouse.js HTTP/1.1
Host: r4.res.office365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
last-modified: Thu, 01 Mar 2018 22:03:28 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 169086
cache-control: public,max-age=630720000, s-maxage=630720000
date: Thu, 01 Dec 2022 01:22:13 GMT
timing-allow-origin: *
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

r4.res.office365.com/owa/prem/16.2170.8.2502626/scripts/boot.worldwide.3.mouse.js

23.36.79.11

200 OK

145 kB

URL HTTP/2
r4.res.office365.com/owa/prem/16.2170.8.2502626/scripts/boot.worldwide.3.mouse.js
IP
23.36.79.11:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (65339), with CRLF line terminators
Size
145 kB (144731 bytes)
Hash
c227bb42997647f734114335cdee8ded
61c8ca81fe5223e7f228ace674a5510e28f8bb4c
0849430ca23c787f9739969a3b8ed52cecf7f885ed177e6660e810537b4e9108

HTTP Headers

GET /owa/prem/16.2170.8.2502626/scripts/boot.worldwide.3.mouse.js HTTP/1.1
Host: r4.res.office365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
last-modified: Thu, 01 Mar 2018 22:03:28 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 144731
cache-control: public,max-age=630720000, s-maxage=630720000
date: Thu, 01 Dec 2022 01:22:13 GMT
timing-allow-origin: *
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

r4.res.office365.com/owa/prem/16.2170.8.2502626/resources/images/0/sprite1.mouse.png

23.36.79.11

200 OK

17 kB

URL HTTP/2
r4.res.office365.com/owa/prem/16.2170.8.2502626/resources/images/0/sprite1.mouse.png
IP
23.36.79.11:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 600 x 75, 8-bit/color RGBA, non-interlaced\012- data
Size
17 kB (16664 bytes)
Hash
2835f067dcf4c8a12464856267ca8ff7
ab0a6ccd3932d913314b1ff617f236750781a835
4b5cc3fed2c03c158abc3634c1f7700079fbc1e6183aa5e47a2064cfed87977c

HTTP Headers

GET /owa/prem/16.2170.8.2502626/resources/images/0/sprite1.mouse.png HTTP/1.1
Host: r4.res.office365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
last-modified: Thu, 01 Mar 2018 21:58:58 GMT
server: AkamaiNetStorage
content-length: 16664
cache-control: public,max-age=630720000, s-maxage=630720000
date: Thu, 01 Dec 2022 01:22:13 GMT
timing-allow-origin: *
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

r4.res.office365.com/owa/prem/16.2170.8.2502626/resources/images/0/sprite1.mouse.css

23.36.79.11

200 OK

1.1 kB

URL HTTP/2
r4.res.office365.com/owa/prem/16.2170.8.2502626/resources/images/0/sprite1.mouse.css
IP
23.36.79.11:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (7604), with no line terminators
Size
1.1 kB (1124 bytes)
Hash
a4e658970b457e73140a7b88a63533ae
b9f6b8d97fcade5e1bb38d48c153159af69fd68b
0be54357c66b84d5e8996b5efac2e89899b9d7481201431abe6cc806ae7c454e

HTTP Headers

GET /owa/prem/16.2170.8.2502626/resources/images/0/sprite1.mouse.css HTTP/1.1
Host: r4.res.office365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: text/css
last-modified: Thu, 01 Mar 2018 21:59:00 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 1124
cache-control: public,max-age=630720000, s-maxage=630720000
date: Thu, 01 Dec 2022 01:22:13 GMT
timing-allow-origin: *
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

r4.res.office365.com/owa/prem/16.2170.8.2502626/resources/styles/0/boot.worldwide.mouse.css

23.36.79.11

200 OK

44 kB

URL HTTP/2
r4.res.office365.com/owa/prem/16.2170.8.2502626/resources/styles/0/boot.worldwide.mouse.css
IP
23.36.79.11:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (65536), with no line terminators
Size
44 kB (44247 bytes)
Hash
5088d944056ceb529df40ac24c8b3f5b
5c8dc1ebe38e90314b2deec5ea7417888e1c731e
0cf03b1d1451e6c76c7ccd2320b11128dae2c0689f8fb1a7c5f4052c42e3ea73

HTTP Headers

GET /owa/prem/16.2170.8.2502626/resources/styles/0/boot.worldwide.mouse.css HTTP/1.1
Host: r4.res.office365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: text/css
last-modified: Thu, 01 Mar 2018 22:00:55 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 44247
cache-control: public,max-age=630720000, s-maxage=630720000
date: Thu, 01 Dec 2022 01:22:13 GMT
timing-allow-origin: *
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

oneocsp.microsoft.com/ocsp

204.79.197.203

200 OK

1.8 kB

URL HTTP/1.1
oneocsp.microsoft.com/ocsp
IP
204.79.197.203:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
data
Size
1.8 kB (1777 bytes)
Hash
f61b664814f0e5a83c75324db8f490cb
d5ac29f50dc614c7b94b641f2d79a576085f5526
c6d6a13cb9561d9259752be1a52b4a5ec9e52fecf19e21d7e704f71a5c3c3df5

HTTP Headers

POST /ocsp HTTP/1.1
Host: oneocsp.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: max-age=86400
Content-Length: 1777
Content-Type: application/ocsp-response
Expires: Tue, 06 Dec 2022 15:50:12 GMT
Last-Modified: Tue, 29 Nov 2022 22:14:09 GMT
ETag: "c6d6a13cb9561d9259752be1a52b4a5ec9e52fecf19e21d7e704f71a5c3c3df5"
X-Powered-By: ASP.NET
x-content-type-options: nosniff
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: C8304DF9CFB5436894C34EC8E2DFF31B Ref B: OSL30EDGE0411 Ref C: 2022-12-01T01:22:13Z
Date: Thu, 01 Dec 2022 01:22:13 GMT

oneocsp.microsoft.com/ocsp

204.79.197.203

200 OK

1.8 kB

URL HTTP/1.1
oneocsp.microsoft.com/ocsp
IP
204.79.197.203:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
data
Size
1.8 kB (1777 bytes)
Hash
fbc9d12c44b5f65cbc0425efd6adffed
8ce0819798bef56f767fa470250430d0e5f74cf8
d08b380f66b39ce6ebc3ca8a3fdd6beeabb4478332ccd4ca8d98eaa4fe35fa4f

HTTP Headers

POST /ocsp HTTP/1.1
Host: oneocsp.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: max-age=86400
Content-Length: 1777
Content-Type: application/ocsp-response
Expires: Tue, 06 Dec 2022 15:50:12 GMT
Last-Modified: Wed, 30 Nov 2022 02:14:09 GMT
ETag: "d08b380f66b39ce6ebc3ca8a3fdd6beeabb4478332ccd4ca8d98eaa4fe35fa4f"
X-Powered-By: ASP.NET
x-content-type-options: nosniff
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: 008D56D6C62C445B8EFD56B056BB1EAE Ref B: OSL30EDGE0310 Ref C: 2022-12-01T01:22:13Z
Date: Thu, 01 Dec 2022 01:22:12 GMT

oneocsp.microsoft.com/ocsp

204.79.197.203

200 OK

1.8 kB

URL HTTP/1.1
oneocsp.microsoft.com/ocsp
IP
204.79.197.203:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
data
Size
1.8 kB (1777 bytes)
Hash
062f980233a8e6a45e6d7c9f71b7ce97
e79da2c17258844133b3fad99fb1e817545796ed
444f938e884ad51fd73a6dd3cccb092dfa45b70d42100d2fcfa04bc55bed9e64

HTTP Headers

POST /ocsp HTTP/1.1
Host: oneocsp.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: max-age=86400
Content-Length: 1777
Content-Type: application/ocsp-response
Expires: Tue, 06 Dec 2022 15:50:12 GMT
Last-Modified: Tue, 29 Nov 2022 22:14:09 GMT
ETag: "444f938e884ad51fd73a6dd3cccb092dfa45b70d42100d2fcfa04bc55bed9e64"
X-Powered-By: ASP.NET
x-content-type-options: nosniff
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: F65EA652D8004FFC9A40F03ECF0B7A0A Ref B: OSL30EDGE0215 Ref C: 2022-12-01T01:22:13Z
Date: Thu, 01 Dec 2022 01:22:13 GMT

oneocsp.microsoft.com/ocsp

204.79.197.203

200 OK

1.8 kB

URL HTTP/1.1
oneocsp.microsoft.com/ocsp
IP
204.79.197.203:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
data
Size
1.8 kB (1777 bytes)
Hash
7290d11140e8ab832945e736908c3438
01c75f95149576d30ffd53317cf8f63420d4b953
fa78053df0b9bc4d3ca42f1c210c761390870ad21191298c54fcbd02e09e6c89

HTTP Headers

POST /ocsp HTTP/1.1
Host: oneocsp.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: max-age=86400
Content-Length: 1777
Content-Type: application/ocsp-response
Expires: Tue, 06 Dec 2022 15:50:12 GMT
Last-Modified: Wed, 30 Nov 2022 02:14:09 GMT
ETag: "fa78053df0b9bc4d3ca42f1c210c761390870ad21191298c54fcbd02e09e6c89"
X-Powered-By: ASP.NET
x-content-type-options: nosniff
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: 8D67962FBDD04B2896C0C44A9B7CB977 Ref B: OSL30EDGE0105 Ref C: 2022-12-01T01:22:13Z
Date: Thu, 01 Dec 2022 01:22:12 GMT

oneocsp.microsoft.com/ocsp

204.79.197.203

200 OK

1.8 kB

URL HTTP/1.1
oneocsp.microsoft.com/ocsp
IP
204.79.197.203:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
data
Size
1.8 kB (1777 bytes)
Hash
062f980233a8e6a45e6d7c9f71b7ce97
e79da2c17258844133b3fad99fb1e817545796ed
444f938e884ad51fd73a6dd3cccb092dfa45b70d42100d2fcfa04bc55bed9e64

HTTP Headers

POST /ocsp HTTP/1.1
Host: oneocsp.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: max-age=86400
Content-Length: 1777
Content-Type: application/ocsp-response
Expires: Tue, 06 Dec 2022 15:50:12 GMT
Last-Modified: Tue, 29 Nov 2022 22:14:09 GMT
ETag: "444f938e884ad51fd73a6dd3cccb092dfa45b70d42100d2fcfa04bc55bed9e64"
X-Powered-By: ASP.NET
x-content-type-options: nosniff
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: 45FDA75AB9DC4A8691908DB5C9C16F45 Ref B: OSL30EDGE0516 Ref C: 2022-12-01T01:22:13Z
Date: Thu, 01 Dec 2022 01:22:12 GMT

wusofficehome.msocdn.com/s/2f9f9c93/Areas/Home/Content/js/build/bundles/app-bundle.js

23.32.25.29

403 Forbidden

0 B

URL HTTP/2
wusofficehome.msocdn.com/s/2f9f9c93/Areas/Home/Content/js/build/bundles/app-bundle.js
IP
23.32.25.29:0
ASN
#16625 AKAMAI-AS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s/2f9f9c93/Areas/Home/Content/js/build/bundles/app-bundle.js HTTP/1.1
Host: wusofficehome.msocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.attemplate.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 403 Forbidden
content-length: 0
request-context: appId=
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 01 Dec 2022 01:22:14 GMT
set-cookie: OH.SID=be139a4f-c687-45af-81c4-88b370565dff; path=/; secure; samesite=none; httponly
timing-allow-origin: *
X-Firefox-Spdy: h2

wusofficehome.msocdn.com/s/6be72975/Areas/Home/Content/js/build/bundles/sharedScripts.js

23.32.25.29

403 Forbidden

0 B

URL HTTP/2
wusofficehome.msocdn.com/s/6be72975/Areas/Home/Content/js/build/bundles/sharedScripts.js
IP
23.32.25.29:0
ASN
#16625 AKAMAI-AS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s/6be72975/Areas/Home/Content/js/build/bundles/sharedScripts.js HTTP/1.1
Host: wusofficehome.msocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.attemplate.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 403 Forbidden
content-length: 0
request-context: appId=
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 01 Dec 2022 01:22:14 GMT
set-cookie: OH.SID=64e85292-c8c3-4640-8ab9-213ea2f1b63d; path=/; secure; samesite=none; httponly
timing-allow-origin: *
X-Firefox-Spdy: h2

wusofficehome.msocdn.com/s/f5628679/Areas/Home/Content/js/build/bundles/polyfills-bundle.js

23.32.25.29

403 Forbidden

0 B

URL HTTP/2
wusofficehome.msocdn.com/s/f5628679/Areas/Home/Content/js/build/bundles/polyfills-bundle.js
IP
23.32.25.29:0
ASN
#16625 AKAMAI-AS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s/f5628679/Areas/Home/Content/js/build/bundles/polyfills-bundle.js HTTP/1.1
Host: wusofficehome.msocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.attemplate.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 403 Forbidden
content-length: 0
request-context: appId=
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 01 Dec 2022 01:22:14 GMT
set-cookie: OH.SID=81ddc749-859b-470a-8acf-322729a98323; path=/; secure; samesite=none; httponly
timing-allow-origin: *
X-Firefox-Spdy: h2

wusofficehome.msocdn.com/s/7c18fcc8/Areas/Home/Content/js/build/bundles/react-bundle.js

23.32.25.29

403 Forbidden

0 B

URL HTTP/2
wusofficehome.msocdn.com/s/7c18fcc8/Areas/Home/Content/js/build/bundles/react-bundle.js
IP
23.32.25.29:0
ASN
#16625 AKAMAI-AS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s/7c18fcc8/Areas/Home/Content/js/build/bundles/react-bundle.js HTTP/1.1
Host: wusofficehome.msocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.attemplate.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 403 Forbidden
content-length: 0
request-context: appId=
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 01 Dec 2022 01:22:14 GMT
set-cookie: OH.SID=4ee2dda0-111e-4c18-a196-416e5f515daa; path=/; secure; samesite=none; httponly
timing-allow-origin: *
X-Firefox-Spdy: h2

wusofficehome.msocdn.com/s/b29e92f2/Areas/Home/Content/js/build/bundles/staticScripts.js

23.32.25.29

403 Forbidden

0 B

URL HTTP/2
wusofficehome.msocdn.com/s/b29e92f2/Areas/Home/Content/js/build/bundles/staticScripts.js
IP
23.32.25.29:0
ASN
#16625 AKAMAI-AS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s/b29e92f2/Areas/Home/Content/js/build/bundles/staticScripts.js HTTP/1.1
Host: wusofficehome.msocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.attemplate.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 403 Forbidden
content-length: 0
request-context: appId=
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 01 Dec 2022 01:22:14 GMT
set-cookie: OH.SID=9b2963f9-7cf3-429d-aafa-42bf230a3c5e; path=/; secure; samesite=none; httponly
timing-allow-origin: *
X-Firefox-Spdy: h2

wusofficehome.msocdn.com/s/19ef5923/Areas/Home/Content/js/build/bundles/vendor-bundle.js

23.32.25.29

403 Forbidden

0 B

URL HTTP/2
wusofficehome.msocdn.com/s/19ef5923/Areas/Home/Content/js/build/bundles/vendor-bundle.js
IP
23.32.25.29:0
ASN
#16625 AKAMAI-AS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s/19ef5923/Areas/Home/Content/js/build/bundles/vendor-bundle.js HTTP/1.1
Host: wusofficehome.msocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.attemplate.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 403 Forbidden
content-length: 0
request-context: appId=
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 01 Dec 2022 01:22:14 GMT
set-cookie: OH.SID=4b3d9259-61fc-41f9-969d-ef271e3d3db6; path=/; secure; samesite=none; httponly
timing-allow-origin: *
X-Firefox-Spdy: h2

wusofficehome.msocdn.com/s/fab5fe9a/Areas/Home/Content/images/document-sprite.png

23.32.25.29

403 Forbidden

0 B

URL HTTP/2
wusofficehome.msocdn.com/s/fab5fe9a/Areas/Home/Content/images/document-sprite.png
IP
23.32.25.29:0
ASN
#16625 AKAMAI-AS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s/fab5fe9a/Areas/Home/Content/images/document-sprite.png HTTP/1.1
Host: wusofficehome.msocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.attemplate.com/
Cookie: OH.SID=81ddc749-859b-470a-8acf-322729a98323
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
content-length: 0
request-context: appId=
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 01 Dec 2022 01:22:14 GMT
set-cookie: OH.SID=c326912e-9e80-48e5-b0f3-b46187a707c1; path=/; secure; samesite=none; httponly
timing-allow-origin: *
X-Firefox-Spdy: h2

wusofficehome.msocdn.com/s/c3caee40/Areas/Home/Content/images/fluent-background-sources/header-default-desktop.svg

23.32.25.29

403 Forbidden

0 B

URL HTTP/2
wusofficehome.msocdn.com/s/c3caee40/Areas/Home/Content/images/fluent-background-sources/header-default-desktop.svg
IP
23.32.25.29:0
ASN
#16625 AKAMAI-AS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s/c3caee40/Areas/Home/Content/images/fluent-background-sources/header-default-desktop.svg HTTP/1.1
Host: wusofficehome.msocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.attemplate.com/
Cookie: OH.SID=81ddc749-859b-470a-8acf-322729a98323
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
content-length: 0
request-context: appId=
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 01 Dec 2022 01:22:14 GMT
set-cookie: OH.SID=0f9d9877-d561-4427-a415-c576eedf0f9b; path=/; secure; samesite=none; httponly
timing-allow-origin: *
X-Firefox-Spdy: h2

wusofficehome.msocdn.com/s/398b5c2a/Areas/Home/Content/images/zero-docs-sprite.png

23.32.25.29

403 Forbidden

0 B

URL HTTP/2
wusofficehome.msocdn.com/s/398b5c2a/Areas/Home/Content/images/zero-docs-sprite.png
IP
23.32.25.29:0
ASN
#16625 AKAMAI-AS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s/398b5c2a/Areas/Home/Content/images/zero-docs-sprite.png HTTP/1.1
Host: wusofficehome.msocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.attemplate.com/
Cookie: OH.SID=4ee2dda0-111e-4c18-a196-416e5f515daa
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
content-length: 0
request-context: appId=
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 01 Dec 2022 01:22:14 GMT
set-cookie: OH.SID=3e859be2-610f-42c6-afff-4891b2b3da4c; path=/; secure; samesite=none; httponly
timing-allow-origin: *
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc501a87-1b50-43f3-8031-2c93f724dc91.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9613 bytes)
Hash
b92721cbe24623f1713a5248d6a7c1b2
3628390c62642dcc375b28f58c9b48180c4abd73
37d0451c03bc7cf0253aba6d3204cbf38502692a0fbc751a3ead01b07e9a65d6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc501a87-1b50-43f3-8031-2c93f724dc91.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 9613
x-amzn-requestid: a46cc458-2e28-4ca7-b223-ba66256caef1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cTPfmEmKoAMFZvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63845f96-7ecee5764c4a40e50e5b1f98;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 07:13:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 6p5kV3OCTlaiLWEa9wyeRJOYoxPNZwLhXGIbEnymaufjKL246zfrhw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 06:20:48 GMT
age: 68488
etag: "3628390c62642dcc375b28f58c9b48180c4abd73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.attemplate.com/eur/7bc03988-1063-4a03-b76c-030695984be0/c99b8d47-af86-4c63-b704-0589e91b73cb/eb3d56e3-70a9-410e-ab7b-67da7f266672/login?id=b25Ld2txMmdiaHVicTFRaFRaWkRUaVA3bVpiNG9lN2xNTEw4c1dXTnM1T2MzM0cramVjbzY3a0VMMU52dVUvd0JEZGsva3VlaURPRUNSS2pkUlBzSnNjWXQxQXU4L3Z3OTdYWDJFOVVjK0xjQXlWMXk5ckJSM2xuWU1abnFOWHZnWmJ0ZEtaWC9NdGoxRG1vVzRBUGNiVTF0MHdDcy9ETlh2dTViN3RSd08xeVF0dUxsMnBPNFAyMHM3UGpDSU9ZUnVRWkVEc1BCY2dhR1RSWDZCeG5jamxRRXNXbzZ5RDBSZ01YN09Cb1d4dWVmTTZtd0FIdkVZaGdmV1p2TEdyZEJpRll3NFlscVdQZFJqeFY3QVhTNlJMVUZ0MWJZRzd0UVFraXN6endIY3p5RVVSenV0MUdqd1ZlR1FMZmN1WDQvTGFmN053N1JuYlhWMjB4Q0gzWGxabGNZMW5RaEp6a3RHaEJiM0M0ZE5malFORE1uTlljOXczSElpUHpTQTV5c213eWVuVVMybDNzQm9zRGN2bDdLQT09

13.107.213.53

200 OK

0 B

URL HTTP/2
www.attemplate.com/eur/7bc03988-1063-4a03-b76c-030695984be0/c99b8d47-af86-4c63-b704-0589e91b73cb/eb3d56e3-70a9-410e-ab7b-67da7f266672/login?id=b25Ld2txMmdiaHVicTFRaFRaWkRUaVA3bVpiNG9lN2xNTEw4c1dXTnM1T2MzM0cramVjbzY3a0VMMU52dVUvd0JEZGsva3VlaURPRUNSS2pkUlBzSnNjWXQxQXU4L3Z3OTdYWDJFOVVjK0xjQXlWMXk5ckJSM2xuWU1abnFOWHZnWmJ0ZEtaWC9NdGoxRG1vVzRBUGNiVTF0MHdDcy9ETlh2dTViN3RSd08xeVF0dUxsMnBPNFAyMHM3UGpDSU9ZUnVRWkVEc1BCY2dhR1RSWDZCeG5jamxRRXNXbzZ5RDBSZ01YN09Cb1d4dWVmTTZtd0FIdkVZaGdmV1p2TEdyZEJpRll3NFlscVdQZFJqeFY3QVhTNlJMVUZ0MWJZRzd0UVFraXN6endIY3p5RVVSenV0MUdqd1ZlR1FMZmN1WDQvTGFmN053N1JuYlhWMjB4Q0gzWGxabGNZMW5RaEp6a3RHaEJiM0M0ZE5malFORE1uTlljOXczSElpUHpTQTV5c213eWVuVVMybDNzQm9zRGN2bDdLQT09
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Outlook
fortinet	Phishing

HTTP Headers

GET /eur/7bc03988-1063-4a03-b76c-030695984be0/c99b8d47-af86-4c63-b704-0589e91b73cb/eb3d56e3-70a9-410e-ab7b-67da7f266672/login?id=b25Ld2txMmdiaHVicTFRaFRaWkRUaVA3bVpiNG9lN2xNTEw4c1dXTnM1T2MzM0cramVjbzY3a0VMMU52dVUvd0JEZGsva3VlaURPRUNSS2pkUlBzSnNjWXQxQXU4L3Z3OTdYWDJFOVVjK0xjQXlWMXk5ckJSM2xuWU1abnFOWHZnWmJ0ZEtaWC9NdGoxRG1vVzRBUGNiVTF0MHdDcy9ETlh2dTViN3RSd08xeVF0dUxsMnBPNFAyMHM3UGpDSU9ZUnVRWkVEc1BCY2dhR1RSWDZCeG5jamxRRXNXbzZ5RDBSZ01YN09Cb1d4dWVmTTZtd0FIdkVZaGdmV1p2TEdyZEJpRll3NFlscVdQZFJqeFY3QVhTNlJMVUZ0MWJZRzd0UVFraXN6endIY3p5RVVSenV0MUdqd1ZlR1FMZmN1WDQvTGFmN053N1JuYlhWMjB4Q0gzWGxabGNZMW5RaEp6a3RHaEJiM0M0ZE5malFORE1uTlljOXczSElpUHpTQTV5c213eWVuVVMybDNzQm9zRGN2bDdLQT09 HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
set-cookie: .AspNetCore.Antiforgery.U45wRIJcwUw=CfDJ8LTyG_UAIhZJp_v60vhwlYJJjpqOFg7EoztfTSFFOl02Ri0-kt3MXmNtcbQ-fRTqC2SKTMmSs47uElT0jYzR-NFMP7E9291Eg-rnVygfBUEPtQI2ZmldfinniCa4YrOQdPWKeAOy4BLVOnZaaNCHH1M; path=/; samesite=strict; httponly
request-context: appId=
strict-transport-security: max-age=2592000
x-frame-options: SAMEORIGIN
x-cache: CONFIG_NOCACHE
x-azure-ref: 0vwGIYwAAAAAltnJ3RAqwSI6HL0hxGjdrQU1TMDRFREdFMTkxNwAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 01 Dec 2022 01:22:07 GMT
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (18)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations