Report - www.attemplate.com/nam/8ec64476-ea09-48dd-8d5c-7bca366d9edc/131c2363-fe1e-4435-94e1-12f95a667395/81b271f9-4ead-41cc-b58e-448b838c1578/login?id=OE11WFlYQ1podUJTTkFFUTFneFh2Qk0zd1JKMzUxVFgxNktOZnYzQzZFVWI1akhsRW9ZMWJ6TTRaMWFqbDllbDh0RmwyT0pTRU5EelI0aTFxTHdERDlDZDJ5c0xXVW9mUUkyQVkzYVBDek05K3h5S3dyTWlnOG5hdzNxTlhkSnJQSy9tSWRSVXhhQjd2S25PdDZuUGZaSW1ONkhmenpJYkFGQ2traktHNndXQzUwVUtzb1RqQTA5ai83SmhEb0FDNTN6bmZVZW40RlFzdHZ4Nm1xNHNrVnZqeGN3dWd6YlJpNnAzUml0L2JyRTFhWkEzZVpTQmlvc2ppUTlnR3E1aWFkNGlhMTVQVTUySTBzUC9MS3g4b3FQeDdQbWVkY3hJcmJQVjljY0RiWWNBMGdMODNHdFZzdENpSXBZNWlPOXF1ODhNWmR0ZVhMRFF5NEN2RGwwWlBEQVRWUEFEVTZHUk9XYnNmNlNLVVViMzRCeG9SRVNwTDZ0TGVFeVRjaUFM

Report Overview

Submitted URL
www.attemplate.com/nam/8ec64476-ea09-48dd-8d5c-7bca366d9edc/131c2363-fe1e-4435-94e1-12f95a667395/81b271f9-4ead-41cc-b58e-448b838c1578/login?id=OE11WFlYQ1podUJTTkFFUTFneFh2Qk0zd1JKMzUxVFgxNktOZnYzQzZFVWI1akhsRW9ZMWJ6TTRaMWFqbDllbDh0RmwyT0pTRU5EelI0aTFxTHdERDlDZDJ5c0xXVW9mUUkyQVkzYVBDek05K3h5S3dyTWlnOG5hdzNxTlhkSnJQSy9tSWRSVXhhQjd2S25PdDZuUGZaSW1ONkhmenpJYkFGQ2traktHNndXQzUwVUtzb1RqQTA5ai83SmhEb0FDNTN6bmZVZW40RlFzdHZ4Nm1xNHNrVnZqeGN3dWd6YlJpNnAzUml0L2JyRTFhWkEzZVpTQmlvc2ppUTlnR3E1aWFkNGlhMTVQVTUySTBzUC9MS3g4b3FQeDdQbWVkY3hJcmJQVjljY0RiWWNBMGdMODNHdFZzdENpSXBZNWlPOXF1ODhNWmR0ZVhMRFF5NEN2RGwwWlBEQVRWUEFEVTZHUk9XYnNmNlNLVVViMzRCeG9SRVNwTDZ0TGVFeVRjaUFM
IP
13.107.237.53
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Submitted
2023-02-02 11:35:38
Access
Website Title
Final URL
Tags
microsoft
urlquery detections
Phishing - Microsoft

Detections

urlquery
11
Network Intrusion Detection
3
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
oneocsp.microsoft.com	1473	2020-08-13T08:58:55Z	2023-03-13T05:09:17Z	1.7 kB	11 kB	204.79.197.203
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	35.81.158.34
secure.aadcdn.microsoftonline-p.com	11744	2012-09-28T18:15:01Z	2023-03-13T06:39:29Z	1.3 kB	48 kB	104.88.21.65
wusofficehome.msocdn.com	unknown	2017-07-13T17:37:50Z	2023-03-12T05:25:18Z	3.7 kB	2.5 kB	23.43.138.32
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.4 kB	6.2 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
www.attemplate.com	168105	2020-07-14T10:34:04Z	2023-03-13T08:23:51Z	28 kB	4.9 MB	13.107.238.53
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.8 kB	67 kB	34.120.237.76
r4.res.office365.com	180	2017-03-03T13:49:03Z	2023-03-12T22:42:59Z	3.1 kB	719 kB	95.101.10.209

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-02-02 11:35:51	low	Client IP	Internal IP	ET INFO Microsoft Attack Simulation Training Domain in DNS Lookup (attemplate .com)
2023-02-02 11:35:51	low	Client IP	Internal IP	ET INFO Microsoft Attack Simulation Training Domain in DNS Lookup (attemplate .com)
2023-02-02 11:35:51	low	13.107.238.53	Client IP	ET INFO Observed Microsoft Attack Simulation Training SSL Cert (attemplate .com)

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-02-01	medium	www.attemplate.com/nam/8ec64476-ea09-48dd-8d5c-7bca366d9edc/131c2363-fe1e-4435-94e1-12f95a667395/81b271f9-4ead-41cc-b58e-448b838c1578/login?id=OE11WFlYQ1podUJTTkFFUTFneFh2Qk0zd1JKMzUxVFgxNktOZnYzQzZFVWI1akhsRW9ZMWJ6TTRaMWFqbDllbDh0RmwyT0pTRU5EelI0aTFxTHdERDlDZDJ5c0xXVW9mUUkyQVkzYVBDek05K3h5S3dyTWlnOG5hdzNxTlhkSnJQSy9tSWRSVXhhQjd2S25PdDZuUGZaSW1ONkhmenpJYkFGQ2traktHNndXQzUwVUtzb1RqQTA5ai83SmhEb0FDNTN6bmZVZW40RlFzdHZ4Nm1xNHNrVnZqeGN3dWd6YlJpNnAzUml0L2JyRTFhWkEzZVpTQmlvc2ppUTlnR3E1aWFkNGlhMTVQVTUySTBzUC9MS3g4b3FQeDdQbWVkY3hJcmJQVjljY0RiWWNBMGdMODNHdFZzdENpSXBZNWlPOXF1ODhNWmR0ZVhMRFF5NEN2RGwwWlBEQVRWUEFEVTZHUk9XYnNmNlNLVVViMzRCeG9SRVNwTDZ0TGVFeVRjaUFM	Outlook

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-02	medium	www.attemplate.com/nam/8ec64476-ea09-48dd-8d5c-7bca366d9edc/131c2363-fe1e-4435-94e1-12f95a667395/81b271f9-4ead-41cc-b58e-448b838c1578/login?id=OE11WFlYQ1podUJTTkFFUTFneFh2Qk0zd1JKMzUxVFgxNktOZnYzQzZFVWI1akhsRW9ZMWJ6TTRaMWFqbDllbDh0RmwyT0pTRU5EelI0aTFxTHdERDlDZDJ5c0xXVW9mUUkyQVkzYVBDek05K3h5S3dyTWlnOG5hdzNxTlhkSnJQSy9tSWRSVXhhQjd2S25PdDZuUGZaSW1ONkhmenpJYkFGQ2traktHNndXQzUwVUtzb1RqQTA5ai83SmhEb0FDNTN6bmZVZW40RlFzdHZ4Nm1xNHNrVnZqeGN3dWd6YlJpNnAzUml0L2JyRTFhWkEzZVpTQmlvc2ppUTlnR3E1aWFkNGlhMTVQVTUySTBzUC9MS3g4b3FQeDdQbWVkY3hJcmJQVjljY0RiWWNBMGdMODNHdFZzdENpSXBZNWlPOXF1ODhNWmR0ZVhMRFF5NEN2RGwwWlBEQVRWUEFEVTZHUk9XYnNmNlNLVVViMzRCeG9SRVNwTDZ0TGVFeVRjaUFM	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (17)

	URL	Size	First Seen	Last Seen
	www.attemplate.com/Content/newSignInFiles/convergedloginpaginatedstrings-en.min.js	12 kB	2023-03-07	2023-11-08
Pretty URL www.attemplate.com/Content/newSignInFiles/convergedloginpaginatedstrings-en.min.js IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-11-08 19:12:43 Times Seen103 Hash a43abb7b73ede723d909515b0db8567c 31a5c6d3c518e3b27d96a8c4749ef20d9b028ced 8176927c483b9c3c64aedb655264870a59e608a653ed5045c3091382829b4f89 Loading...

	www.attemplate.com/nam/8ec64476-ea09-48dd-8d5c-7bca366d9edc/131c2363-fe1e-4435-94e1-12f95a667395/81b271f9-4ead-41cc-b58e-448b838c1578/login?id=OE11WFlYQ1podUJTTkFFUTFneFh2Qk0zd1JKMzUxVFgxNktOZnYzQzZFVWI1akhsRW9ZMWJ6TTRaMWFqbDllbDh0RmwyT0pTRU5EelI0aTFxTHdERDlDZDJ5c0xXVW9mUUkyQVkzYVBDek05K3h5S3dyTWlnOG5hdzNxTlhkSnJQSy9tSWRSVXhhQjd2S25PdDZuUGZaSW1ONkhmenpJYkFGQ2traktHNndXQzUwVUtzb1RqQTA5ai83SmhEb0FDNTN6bmZVZW40RlFzdHZ4Nm1xNHNrVnZqeGN3dWd6YlJpNnAzUml0L2JyRTFhWkEzZVpTQmlvc2ppUTlnR3E1aWFkNGlhMTVQVTUySTBzUC9MS3g4b3FQeDdQbWVkY3hJcmJQVjljY0RiWWNBMGdMODNHdFZzdENpSXBZNWlPOXF1ODhNWmR0ZVhMRFF5NEN2RGwwWlBEQVRWUEFEVTZHUk9XYnNmNlNLVVViMzRCeG9SRVNwTDZ0TGVFeVRjaUFM	35 B	2023-03-07	2024-04-25
Pretty URL www.attemplate.com/nam/8ec64476-ea09-48dd-8d5c-7bca366d9edc/131c2363-fe1e-4435-94e1-12f95a667395/81b271f9-4ead-41cc-b58e-448b838c1578/login?id=OE11WFlYQ1podUJTTkFFUTFneFh2Qk0zd1JKMzUxVFgxNktOZnYzQzZFVWI1akhsRW9ZMWJ6TTRaMWFqbDllbDh0RmwyT0pTRU5EelI0aTFxTHdERDlDZDJ5c0xXVW9mUUkyQVkzYVBDek05K3h5S3dyTWlnOG5hdzNxTlhkSnJQSy9tSWRSVXhhQjd2S25PdDZuUGZaSW1ONkhmenpJYkFGQ2traktHNndXQzUwVUtzb1RqQTA5ai83SmhEb0FDNTN6bmZVZW40RlFzdHZ4Nm1xNHNrVnZqeGN3dWd6YlJpNnAzUml0L2JyRTFhWkEzZVpTQmlvc2ppUTlnR3E1aWFkNGlhMTVQVTUySTBzUC9MS3g4b3FQeDdQbWVkY3hJcmJQVjljY0RiWWNBMGdMODNHdFZzdENpSXBZNWlPOXF1ODhNWmR0ZVhMRFF5NEN2RGwwWlBEQVRWUEFEVTZHUk9XYnNmNlNLVVViMzRCeG9SRVNwTDZ0TGVFeVRjaUFM IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:22 Last Seen2024-04-25 09:02:51 Times Seen47128 Hash 2badc56bc4d494e70d476b2e4efd31da 384c5f0842cd2f786b0acc4cb159b75ad3620d46 8684cc6fc8b42cd798a7e1416fda8af6cea601dca2ecd3a253acfd9649f58fcb Loading...

	www.attemplate.com/Content/newSignInFiles/share.html	35 kB	2023-03-07	2023-11-08
Pretty URL www.attemplate.com/Content/newSignInFiles/share.html IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-11-08 19:12:42 Times Seen46 Hash ef04bdeb82acf8466f7584f6cc7542cd f7eee7882c38e7e5ffa0b518e8ce31effb800243 515e769f47d67533d5b68f30d564770ad4b4d05d0cd214294f1f31546a2eac47 Loading...

	www.attemplate.com/Content/newSignInFiles/odbshare.resx-30cb8c0f.js	55 kB	2023-03-07	2023-11-08
Pretty URL www.attemplate.com/Content/newSignInFiles/odbshare.resx-30cb8c0f.js IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-11-08 19:12:43 Times Seen97 Hash 30cb8c0f0121ecf0d7e72f25e99db372 d5569b73a452b935da0394cda601ef83e69e5361 df5b5ebcb8f62fb2e24b77c57d71f02f98705370ccad457e4ca214975ab77498 Loading...

	www.attemplate.com/Content/newSignInFiles/convergedlogin_pcore.min.js	450 kB	2023-03-07	2023-11-08
Pretty URL www.attemplate.com/Content/newSignInFiles/convergedlogin_pcore.min.js IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-11-08 19:12:43 Times Seen103 Hash 9ae1e96885da36ab5aacdaf54eeb8305 34084f5f515dab11fc20b63089d5d1a80e75d478 e4a459ed9bf635aaf0bbcfb36142c32264378f2dd25aa79bae136dfd55dd5888 Loading...

	www.attemplate.com/Content/newSignInFiles/firstScript.js	54 kB	2023-03-07	2023-11-08
Pretty URL www.attemplate.com/Content/newSignInFiles/firstScript.js IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-11-08 19:12:42 Times Seen56 Hash 47a8ef7b2b7935647a084ddfd48bef89 7651b909aeee3e7c84dc3203a821f1267f44f92f 9379ff0c77be162cf90c75a24bf557433ae2612e05594988317f7fb4f164bda9 Loading...

	www.attemplate.com/nam/8ec64476-ea09-48dd-8d5c-7bca366d9edc/131c2363-fe1e-4435-94e1-12f95a667395/81b271f9-4ead-41cc-b58e-448b838c1578/login?id=OE11WFlYQ1podUJTTkFFUTFneFh2Qk0zd1JKMzUxVFgxNktOZnYzQzZFVWI1akhsRW9ZMWJ6TTRaMWFqbDllbDh0RmwyT0pTRU5EelI0aTFxTHdERDlDZDJ5c0xXVW9mUUkyQVkzYVBDek05K3h5S3dyTWlnOG5hdzNxTlhkSnJQSy9tSWRSVXhhQjd2S25PdDZuUGZaSW1ONkhmenpJYkFGQ2traktHNndXQzUwVUtzb1RqQTA5ai83SmhEb0FDNTN6bmZVZW40RlFzdHZ4Nm1xNHNrVnZqeGN3dWd6YlJpNnAzUml0L2JyRTFhWkEzZVpTQmlvc2ppUTlnR3E1aWFkNGlhMTVQVTUySTBzUC9MS3g4b3FQeDdQbWVkY3hJcmJQVjljY0RiWWNBMGdMODNHdFZzdENpSXBZNWlPOXF1ODhNWmR0ZVhMRFF5NEN2RGwwWlBEQVRWUEFEVTZHUk9XYnNmNlNLVVViMzRCeG9SRVNwTDZ0TGVFeVRjaUFM	221 B	2023-03-07	2023-04-01
Pretty URL www.attemplate.com/nam/8ec64476-ea09-48dd-8d5c-7bca366d9edc/131c2363-fe1e-4435-94e1-12f95a667395/81b271f9-4ead-41cc-b58e-448b838c1578/login?id=OE11WFlYQ1podUJTTkFFUTFneFh2Qk0zd1JKMzUxVFgxNktOZnYzQzZFVWI1akhsRW9ZMWJ6TTRaMWFqbDllbDh0RmwyT0pTRU5EelI0aTFxTHdERDlDZDJ5c0xXVW9mUUkyQVkzYVBDek05K3h5S3dyTWlnOG5hdzNxTlhkSnJQSy9tSWRSVXhhQjd2S25PdDZuUGZaSW1ONkhmenpJYkFGQ2traktHNndXQzUwVUtzb1RqQTA5ai83SmhEb0FDNTN6bmZVZW40RlFzdHZ4Nm1xNHNrVnZqeGN3dWd6YlJpNnAzUml0L2JyRTFhWkEzZVpTQmlvc2ppUTlnR3E1aWFkNGlhMTVQVTUySTBzUC9MS3g4b3FQeDdQbWVkY3hJcmJQVjljY0RiWWNBMGdMODNHdFZzdENpSXBZNWlPOXF1ODhNWmR0ZVhMRFF5NEN2RGwwWlBEQVRWUEFEVTZHUk9XYnNmNlNLVVViMzRCeG9SRVNwTDZ0TGVFeVRjaUFM IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-04-01 11:16:27 Times Seen8 Hash a9ec8a33ba1064ce8bbc83ad69efa945 3828ee725a60da38881aef8fd0e0ebeca06c6c21 f73547e27486fa96a96268157e5c3ce357dbaca7fa90414f76ff50acbcf6079c Loading...

	secure.aadcdn.microsoftonline-p.com/ests/2.1.7362.11/content/cdnbundles/watsonsupport.min.js	110 kB	2023-03-07	2023-04-01
Pretty URL secure.aadcdn.microsoftonline-p.com/ests/2.1.7362.11/content/cdnbundles/watsonsupport.min.js IP 104.88.21.65 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-04-01 11:16:27 Times Seen8 Hash fc098ef8e126673c91f8ded2b3838d29 60a2d48e2f02a8cbe51cabe43570d87467596399 080ff245615e719959bc5537e164ac4495c4b8036462dfee2076dd92f22c8491 Loading...

	secure.aadcdn.microsoftonline-p.com/ests/2.1.7362.11/content/cdnbundles/frameworksupport.min.js	12 kB	2023-03-07	2023-04-01
Pretty URL secure.aadcdn.microsoftonline-p.com/ests/2.1.7362.11/content/cdnbundles/frameworksupport.min.js IP 104.88.21.65 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-04-01 11:16:27 Times Seen8 Hash b55a6463821a68f54a3888438ddd3dd1 cb1d9cc53904b1d3ef924cf10f8fc747dc04f51d 88a2cd50484dc544c495c777714fa6f87d0bde1329d1117fd0d664522577bb27 Loading...

	www.attemplate.com/Content/newSignInFiles/share.html	621 B	2023-03-07	2023-09-23
Pretty URL www.attemplate.com/Content/newSignInFiles/share.html IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-09-23 15:42:44 Times Seen15 Hash 3fdeba0eb1acd02cd6045f34eb526aa7 7970356bc379bd64c5c42b0baed6b25d886c979c 92dde2be41a02bee18b719bd3ac8a75a90e98233dce02f5340f1f78e2fc9b10c Loading...

	www.attemplate.com/Content/newSignInFiles/jsonjs.js	10 kB	2023-03-07	2023-11-08
Pretty URL www.attemplate.com/Content/newSignInFiles/jsonjs.js IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-11-08 19:12:43 Times Seen103 Hash 37ea9ecfb21e1348970d981b0cc9f68c 2c74e0956dd4e1f49f7726eedec967d43c9221b5 3c49e5eeb628e98c3dfc5282c440d21b38a0d42bf45d8e281c1a7478d200c793 Loading...

	www.attemplate.com/Content/newSignInFiles/morescript.js	328 B	2023-03-07	2023-11-08
Pretty URL www.attemplate.com/Content/newSignInFiles/morescript.js IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-11-08 19:12:42 Times Seen56 Hash cdc1345ed28507c3f7f087141a5fe4fa 3d8213e5488b7d932d1ef0d12463b7f33b66002d 71eb8e5c44c27a46a180c5b1fc4a3e32105f90adb93b1f0a616a27beca3aadc4 Loading...

	www.attemplate.com/Content/newSignInFiles/prefetch_1.html	1.9 kB	2023-03-07	2023-04-01
Pretty URL www.attemplate.com/Content/newSignInFiles/prefetch_1.html IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-04-01 11:16:27 Times Seen8 Hash 05dc58ba58975f98bbf4f48f21e234cb 7610b0032f2073231a3c2a39ad1d9d7e87ff1422 d22b93001fac13bd145370d6377a7fe2ebceff36fc612218aab69e45fd6c4f62 Loading...

	www.attemplate.com/Content/newSignInFiles/share.html	24 kB	2023-03-07	2023-09-23
Pretty URL www.attemplate.com/Content/newSignInFiles/share.html IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-09-23 15:42:44 Times Seen15 Hash 0f5baa89ee099fbb3a035ec7f83a428c 4585a41e2d76e4bbd677150672812ff42729a97f 39aefd9185afbccba2fb3bb2a51fde5258fed555638fa18147f1b4ee54c2f562 Loading...

	www.attemplate.com/Content/newSignInFiles/react-e173c92e.js	151 kB	2023-03-07	2023-11-08
Pretty URL www.attemplate.com/Content/newSignInFiles/react-e173c92e.js IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-11-08 19:12:43 Times Seen102 Hash e173c92e0f5b1f151fb56b251cacbc39 5a2ecc596693c47856d22c7f240c9b9568bb96a0 66bcaf33e9ff0218ddd697bfcc5067e10840ae8055f271dcf7d5a37ade6ee22f Loading...

	secure.aadcdn.microsoftonline-p.com/ests/2.1.7362.11/content/cdnbundles/watson.min.js	8.9 kB	2023-03-07	2023-04-01
Pretty URL secure.aadcdn.microsoftonline-p.com/ests/2.1.7362.11/content/cdnbundles/watson.min.js IP 104.88.21.65 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-04-01 11:16:27 Times Seen8 Hash 85ae679948ef1ef084a07eb290777f91 c61b332b6d8a3782c29b299de5c6a218e6e33a5c 87eaf7626d0083e4a253666a1c95d8e44cb17f80d854d499d942d8f65cca7b62 Loading...

	www.attemplate.com/Content/newSignInFiles/knockout-b324ae36.js	66 kB	2023-03-07	2023-11-08
Pretty URL www.attemplate.com/Content/newSignInFiles/knockout-b324ae36.js IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-11-08 19:12:43 Times Seen102 Hash 1fe900de2fc85937b8fd66b912d5ec98 1aa37910ecec33bee345da74cd5ee50feb85fbe1 5052bc6222b5c7990b21575a67fbeb1396e550fb03d11b86c9bc96dbb8a9e4e7 Loading...

HTTP Transactions (71)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10086
Expires: Thu, 02 Feb 2023 14:23:31 GMT
Date: Thu, 02 Feb 2023 11:35:25 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8365
Expires: Thu, 02 Feb 2023 13:54:50 GMT
Date: Thu, 02 Feb 2023 11:35:25 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 02 Feb 2023 10:43:30 GMT
content-type: application/json
age: 3115
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a8d45deaa7ebfcd996c2055dae592ab8
55befe074589fe7b39757c145968058162a8fc6b
50d7d516f446458145a304b288a0a39d391cd37ea50dabea36ae48d291c65ba7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50D7D516F446458145A304B288A0A39D391CD37EA50DABEA36AE48D291C65BA7"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13332
Expires: Thu, 02 Feb 2023 15:17:37 GMT
Date: Thu, 02 Feb 2023 11:35:25 GMT
Connection: keep-alive

oneocsp.microsoft.com/ocsp

204.79.197.203

200 OK

1.7 kB

URL HTTP/1.1
oneocsp.microsoft.com/ocsp
IP
204.79.197.203:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
data
Size
1.7 kB (1741 bytes)
Hash
c8a158741d79cf9facc5eca899cd1392
61e982e3801c183fe5be621b809b948eb7578922
c05b167db21ef9e99d5a17cf23a5b2f5e2c43cc952d702f1dd480d07018f3e37

HTTP Headers

POST /ocsp HTTP/1.1
Host: oneocsp.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: max-age=86400
Content-Length: 1741
Content-Type: application/ocsp-response
Expires: Sun, 05 Feb 2023 15:50:08 GMT
Last-Modified: Wed, 01 Feb 2023 10:14:09 GMT
ETag: "c05b167db21ef9e99d5a17cf23a5b2f5e2c43cc952d702f1dd480d07018f3e37"
X-Powered-By: ASP.NET
x-content-type-options: nosniff
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: AC242572D8C94FB8982F215958FA03F1 Ref B: OSL30EDGE0520 Ref C: 2023-02-02T11:35:25Z
Date: Thu, 02 Feb 2023 11:35:25 GMT

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: dpT8V4A136bHW14yJtNV70ZLCvvW3LiwR/gvojTVh85aqxQ1pl9eUh2A1DipHuSkqqIO0gTtyxM=
x-amz-request-id: 7ZAW370GQG5BDF1P
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 02 Feb 2023 11:23:05 GMT
age: 740
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 11:35:25 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 02 Feb 2023 11:30:30 GMT
age: 295
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15753
Expires: Thu, 02 Feb 2023 15:57:58 GMT
Date: Thu, 02 Feb 2023 11:35:25 GMT
Connection: keep-alive

push.services.mozilla.com/

35.81.158.34

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.81.158.34:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: NDdeHkQzLFhXZN/WeIYF0g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: rZfHdw++9On5e/YMq7MWhjKYSvQ=

www.attemplate.com/Content/newSignInFiles/convergedloginpaginatedstrings-en.min.js

13.107.238.53

200 OK

12 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/convergedloginpaginatedstrings-en.min.js
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 text, with very long lines (12112), with no line terminators
Size
12 kB (12121 bytes)
Hash
a43abb7b73ede723d909515b0db8567c
31a5c6d3c518e3b27d96a8c4749ef20d9b028ced
8176927c483b9c3c64aedb655264870a59e608a653ed5045c3091382829b4f89

HTTP Headers

GET /Content/newSignInFiles/convergedloginpaginatedstrings-en.min.js HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/nam/8ec64476-ea09-48dd-8d5c-7bca366d9edc/131c2363-fe1e-4435-94e1-12f95a667395/81b271f9-4ead-41cc-b58e-448b838c1578/login?id=OE11WFlYQ1podUJTTkFFUTFneFh2Qk0zd1JKMzUxVFgxNktOZnYzQzZFVWI1akhsRW9ZMWJ6TTRaMWFqbDllbDh0RmwyT0pTRU5EelI0aTFxTHdERDlDZDJ5c0xXVW9mUUkyQVkzYVBDek05K3h5S3dyTWlnOG5hdzNxTlhkSnJQSy9tSWRSVXhhQjd2S25PdDZuUGZaSW1ONkhmenpJYkFGQ2traktHNndXQzUwVUtzb1RqQTA5ai83SmhEb0FDNTN6bmZVZW40RlFzdHZ4Nm1xNHNrVnZqeGN3dWd6YlJpNnAzUml0L2JyRTFhWkEzZVpTQmlvc2ppUTlnR3E1aWFkNGlhMTVQVTUySTBzUC9MS3g4b3FQeDdQbWVkY3hJcmJQVjljY0RiWWNBMGdMODNHdFZzdENpSXBZNWlPOXF1ODhNWmR0ZVhMRFF5NEN2RGwwWlBEQVRWUEFEVTZHUk9XYnNmNlNLVVViMzRCeG9SRVNwTDZ0TGVFeVRjaUFM
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8IyPgjwWv39MkhxEcpw9XuaKGoEyeYWaeH1rQk7KzDLFs-sKt1jJAcAlb6KTSMHv571MS-SwnG4jb8Wpm6WXunIRb3wgQ1jrbyFnYFsZAJa7PYZQbIuvBun8oNP9xqv3hzdqAnRdIxv2juYEXAW-39M
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 12121
content-type: application/javascript
last-modified: Thu, 02 Feb 2023 05:17:34 GMT
accept-ranges: bytes
etag: "1d936c5a80c8459"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0/5/bYwAAAACkWs6WGswBQLoxjDotO7ZyQ1BIMzBFREdFMDQxNgAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 02 Feb 2023 11:35:27 GMT
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9698
Expires: Thu, 02 Feb 2023 14:17:05 GMT
Date: Thu, 02 Feb 2023 11:35:27 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9698
Expires: Thu, 02 Feb 2023 14:17:05 GMT
Date: Thu, 02 Feb 2023 11:35:27 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9698
Expires: Thu, 02 Feb 2023 14:17:05 GMT
Date: Thu, 02 Feb 2023 11:35:27 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg

34.120.237.76

200 OK

16 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
16 kB (15857 bytes)
Hash
4bb3a6fba496d54cdbbccaf2b9600386
8e30002699e9fbf2047f9ac11a36d2175fc9c591
927bf3a04b011b4e3bc8d8772a3d5813507f7f523312d43627767b64615562f3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 15857
x-amzn-requestid: cfe36b9d-34f6-4f3f-896e-e70ec45c4a04
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJ2JGGWoAMFSLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bcf3-0dd68dd778b9aba268a129b0;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:02:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: C1kqthy0eZop0UZfG3_op5xeBOVGiPLYfia4uS1l4-kchEzV6ccE9w==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 07:28:37 GMT
age: 14810
etag: "8e30002699e9fbf2047f9ac11a36d2175fc9c591"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9dac6192-89b0-4161-86a2-38f3998a1bc4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6783 bytes)
Hash
f1d06527f75868ea84da730b7c8b5660
6c0cb65a477d6bc7d013529411d5735bd39e3d46
2ff4fb12b9ac4dff67bf89cc69f1bfce3ffa738696f904172044a5a537a704c9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9dac6192-89b0-4161-86a2-38f3998a1bc4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6783
x-amzn-requestid: 5ab60169-ec65-483a-828b-3312c74ee4b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BGjqoAMFV6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-73a465244f89adaa27626246;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: S012XKdrl7ID1qnfD-G2fcAxWoseP_mAnaDi12Y-UmdBW8yXgGlpgQ==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:18:46 GMT
age: 47801
etag: "6c0cb65a477d6bc7d013529411d5735bd39e3d46"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.4 kB (5356 bytes)
Hash
7c823f1d6bf1c50d58eb263b85e6e37c
a7b74d11494fb3254df907e5cc1eead070d84617
b2706961eb756383e0988dfdb501dc424aea59697aedd1e4a6c294c314a31935

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5356
x-amzn-requestid: fef22c83-35a4-4990-9008-af5853f838d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BEB6oAMFczg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-68d3017555c069bc3107d150;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XyDZc0F-b0rxwoS5wvSXBuBfYE7JljMmuXseBjLOBk4HvxU5gE7Oqg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:18:55 GMT
age: 47792
etag: "a7b74d11494fb3254df907e5cc1eead070d84617"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

15 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23ac16a6-b0c6-4c81-9bd1-78ee332bf49a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
15 kB (14593 bytes)
Hash
0ceb09fa3caa0fcda4a6314141e2d019
d08f43956f6859e4c2385231bb5506262257445f
a2100701c69f86920b14714b19ec14db9ebfd91000f0ec2397b8f27d981bc1ee

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23ac16a6-b0c6-4c81-9bd1-78ee332bf49a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14593
x-amzn-requestid: e8b062cd-a2e6-4110-b97a-278c09aa3232
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5JE59oAMFx9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6d-02cac6b3417a8d2b028b8ca2;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mJxQBYHzPzTHN3jjom55KlSyicUPfqmpdriEWffRozt7jItlxS-TVA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 05:01:28 GMT
age: 23639
etag: "d08f43956f6859e4c2385231bb5506262257445f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc092e5e-3a14-4d43-9814-99fd9d49d6c8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7450 bytes)
Hash
41c44051cc3b4c69924df66048e7566b
5c6a12595c3f6005fec4baa84b16575951e72178
72dff70bcb417c088aba013a486e1dbabe099b40fb718a283f1ba220b142b848

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc092e5e-3a14-4d43-9814-99fd9d49d6c8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7450
x-amzn-requestid: 1b3ef150-9b12-4b8b-94e6-0d6debbd24ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdTDFmPoAMF-UQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadc13-0fea883b0ce1a1b933dc2be8;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: kJt9M6jkAc3_ouNRDkJ76Njz9yKNesoJjBK_ja3dTcz5oiowk6LKbQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:25:10 GMT
age: 47417
etag: "5c6a12595c3f6005fec4baa84b16575951e72178"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

2.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F601fd155-b928-42c6-bfb0-f3599f52fdf5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
2.5 kB (2530 bytes)
Hash
5a1ddd54f3c344b36a26476a33ccfe20
3cc3a77f6a59cafed25fa0882e13644f4eebef50
65cef0476175fca421fef73419440b82dcb763879b79385f2cacc43f42b3237b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F601fd155-b928-42c6-bfb0-f3599f52fdf5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 2530
x-amzn-requestid: 3ce99c09-61b5-4a51-97ec-c40c443238ab
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: freplHVZoAMFz5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dade3d-605687635e0a740e49ff78b9;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:48:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TjYU3BsU2PsKUBuk4ZK6JOH3x9BBHltihOwtyFTZP7C1V6RdUGFDtg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:25:20 GMT
etag: "3cc3a77f6a59cafed25fa0882e13644f4eebef50"
content-type: image/jpeg
age: 47407
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/ellipsis_grey.svg

13.107.238.53

200 OK

915 B

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/ellipsis_grey.svg
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (915), with no line terminators
Size
915 B (915 bytes)
Hash
2b5d393db04a5e6e1f739cb266e65b4c
6a435df5cac3d58ccad655fe022ccf3dd4b9b721
16c3f6531d0fa5b4d16e82abf066233b2a9f284c068c663699313c09f5e8d6e6

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /Content/newSignInFiles/ellipsis_grey.svg HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/nam/8ec64476-ea09-48dd-8d5c-7bca366d9edc/131c2363-fe1e-4435-94e1-12f95a667395/81b271f9-4ead-41cc-b58e-448b838c1578/login?id=OE11WFlYQ1podUJTTkFFUTFneFh2Qk0zd1JKMzUxVFgxNktOZnYzQzZFVWI1akhsRW9ZMWJ6TTRaMWFqbDllbDh0RmwyT0pTRU5EelI0aTFxTHdERDlDZDJ5c0xXVW9mUUkyQVkzYVBDek05K3h5S3dyTWlnOG5hdzNxTlhkSnJQSy9tSWRSVXhhQjd2S25PdDZuUGZaSW1ONkhmenpJYkFGQ2traktHNndXQzUwVUtzb1RqQTA5ai83SmhEb0FDNTN6bmZVZW40RlFzdHZ4Nm1xNHNrVnZqeGN3dWd6YlJpNnAzUml0L2JyRTFhWkEzZVpTQmlvc2ppUTlnR3E1aWFkNGlhMTVQVTUySTBzUC9MS3g4b3FQeDdQbWVkY3hJcmJQVjljY0RiWWNBMGdMODNHdFZzdENpSXBZNWlPOXF1ODhNWmR0ZVhMRFF5NEN2RGwwWlBEQVRWUEFEVTZHUk9XYnNmNlNLVVViMzRCeG9SRVNwTDZ0TGVFeVRjaUFM
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8IyPgjwWv39MkhxEcpw9XuaKGoEyeYWaeH1rQk7KzDLFs-sKt1jJAcAlb6KTSMHv571MS-SwnG4jb8Wpm6WXunIRb3wgQ1jrbyFnYFsZAJa7PYZQbIuvBun8oNP9xqv3hzdqAnRdIxv2juYEXAW-39M
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 915
content-type: image/svg+xml
last-modified: Fri, 27 Jan 2023 04:58:14 GMT
accept-ranges: bytes
etag: "1d9320bf6283493"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0/5/bYwAAAAAQWQUSMwBhTIVaJef76PzPQ1BIMzBFREdFMDQxNgAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 02 Feb 2023 11:35:27 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/convergedlogin_pcore.min.js

13.107.238.53

200 OK

450 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/convergedlogin_pcore.min.js
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (32002), with CRLF line terminators
Size
450 kB (450214 bytes)
Hash
9ae1e96885da36ab5aacdaf54eeb8305
34084f5f515dab11fc20b63089d5d1a80e75d478
e4a459ed9bf635aaf0bbcfb36142c32264378f2dd25aa79bae136dfd55dd5888

HTTP Headers

GET /Content/newSignInFiles/convergedlogin_pcore.min.js HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/nam/8ec64476-ea09-48dd-8d5c-7bca366d9edc/131c2363-fe1e-4435-94e1-12f95a667395/81b271f9-4ead-41cc-b58e-448b838c1578/login?id=OE11WFlYQ1podUJTTkFFUTFneFh2Qk0zd1JKMzUxVFgxNktOZnYzQzZFVWI1akhsRW9ZMWJ6TTRaMWFqbDllbDh0RmwyT0pTRU5EelI0aTFxTHdERDlDZDJ5c0xXVW9mUUkyQVkzYVBDek05K3h5S3dyTWlnOG5hdzNxTlhkSnJQSy9tSWRSVXhhQjd2S25PdDZuUGZaSW1ONkhmenpJYkFGQ2traktHNndXQzUwVUtzb1RqQTA5ai83SmhEb0FDNTN6bmZVZW40RlFzdHZ4Nm1xNHNrVnZqeGN3dWd6YlJpNnAzUml0L2JyRTFhWkEzZVpTQmlvc2ppUTlnR3E1aWFkNGlhMTVQVTUySTBzUC9MS3g4b3FQeDdQbWVkY3hJcmJQVjljY0RiWWNBMGdMODNHdFZzdENpSXBZNWlPOXF1ODhNWmR0ZVhMRFF5NEN2RGwwWlBEQVRWUEFEVTZHUk9XYnNmNlNLVVViMzRCeG9SRVNwTDZ0TGVFeVRjaUFM
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8IyPgjwWv39MkhxEcpw9XuaKGoEyeYWaeH1rQk7KzDLFs-sKt1jJAcAlb6KTSMHv571MS-SwnG4jb8Wpm6WXunIRb3wgQ1jrbyFnYFsZAJa7PYZQbIuvBun8oNP9xqv3hzdqAnRdIxv2juYEXAW-39M
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 450214
content-type: application/javascript
last-modified: Thu, 02 Feb 2023 04:53:30 GMT
accept-ranges: bytes
etag: "1d936c24b5d1fa6"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0/5/bYwAAAACQEU3V5hTuQadzSYm139qfQ1BIMzBFREdFMDQxNgAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 02 Feb 2023 11:35:27 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/morescript.js

13.107.238.53

200 OK

331 B

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/morescript.js
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (326), with CRLF line terminators
Size
331 B (331 bytes)
Hash
8bc03f0ed1d4ec8b123abc818f236ec9
8d5327da68684b0949c5b388f2b2eab3dc77b42e
58fa1f189953f9c0b6209827f64e8ce65318374e075c30f74cad566ed733fe69

HTTP Headers

GET /Content/newSignInFiles/morescript.js HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/nam/8ec64476-ea09-48dd-8d5c-7bca366d9edc/131c2363-fe1e-4435-94e1-12f95a667395/81b271f9-4ead-41cc-b58e-448b838c1578/login?id=OE11WFlYQ1podUJTTkFFUTFneFh2Qk0zd1JKMzUxVFgxNktOZnYzQzZFVWI1akhsRW9ZMWJ6TTRaMWFqbDllbDh0RmwyT0pTRU5EelI0aTFxTHdERDlDZDJ5c0xXVW9mUUkyQVkzYVBDek05K3h5S3dyTWlnOG5hdzNxTlhkSnJQSy9tSWRSVXhhQjd2S25PdDZuUGZaSW1ONkhmenpJYkFGQ2traktHNndXQzUwVUtzb1RqQTA5ai83SmhEb0FDNTN6bmZVZW40RlFzdHZ4Nm1xNHNrVnZqeGN3dWd6YlJpNnAzUml0L2JyRTFhWkEzZVpTQmlvc2ppUTlnR3E1aWFkNGlhMTVQVTUySTBzUC9MS3g4b3FQeDdQbWVkY3hJcmJQVjljY0RiWWNBMGdMODNHdFZzdENpSXBZNWlPOXF1ODhNWmR0ZVhMRFF5NEN2RGwwWlBEQVRWUEFEVTZHUk9XYnNmNlNLVVViMzRCeG9SRVNwTDZ0TGVFeVRjaUFM
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8IyPgjwWv39MkhxEcpw9XuaKGoEyeYWaeH1rQk7KzDLFs-sKt1jJAcAlb6KTSMHv571MS-SwnG4jb8Wpm6WXunIRb3wgQ1jrbyFnYFsZAJa7PYZQbIuvBun8oNP9xqv3hzdqAnRdIxv2juYEXAW-39M
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 331
content-type: application/javascript
last-modified: Mon, 30 Jan 2023 04:07:08 GMT
accept-ranges: bytes
etag: "1d9346051eaff4b"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0/5/bYwAAAACigpvKH9GsRYvb5Mw7lLzEQ1BIMzBFREdFMDQxNgAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 02 Feb 2023 11:35:27 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/jsonjs.js

13.107.238.53

200 OK

10 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/jsonjs.js
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (9380), with CRLF line terminators
Size
10 kB (10323 bytes)
Hash
37ea9ecfb21e1348970d981b0cc9f68c
2c74e0956dd4e1f49f7726eedec967d43c9221b5
3c49e5eeb628e98c3dfc5282c440d21b38a0d42bf45d8e281c1a7478d200c793

HTTP Headers

GET /Content/newSignInFiles/jsonjs.js HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/nam/8ec64476-ea09-48dd-8d5c-7bca366d9edc/131c2363-fe1e-4435-94e1-12f95a667395/81b271f9-4ead-41cc-b58e-448b838c1578/login?id=OE11WFlYQ1podUJTTkFFUTFneFh2Qk0zd1JKMzUxVFgxNktOZnYzQzZFVWI1akhsRW9ZMWJ6TTRaMWFqbDllbDh0RmwyT0pTRU5EelI0aTFxTHdERDlDZDJ5c0xXVW9mUUkyQVkzYVBDek05K3h5S3dyTWlnOG5hdzNxTlhkSnJQSy9tSWRSVXhhQjd2S25PdDZuUGZaSW1ONkhmenpJYkFGQ2traktHNndXQzUwVUtzb1RqQTA5ai83SmhEb0FDNTN6bmZVZW40RlFzdHZ4Nm1xNHNrVnZqeGN3dWd6YlJpNnAzUml0L2JyRTFhWkEzZVpTQmlvc2ppUTlnR3E1aWFkNGlhMTVQVTUySTBzUC9MS3g4b3FQeDdQbWVkY3hJcmJQVjljY0RiWWNBMGdMODNHdFZzdENpSXBZNWlPOXF1ODhNWmR0ZVhMRFF5NEN2RGwwWlBEQVRWUEFEVTZHUk9XYnNmNlNLVVViMzRCeG9SRVNwTDZ0TGVFeVRjaUFM
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8IyPgjwWv39MkhxEcpw9XuaKGoEyeYWaeH1rQk7KzDLFs-sKt1jJAcAlb6KTSMHv571MS-SwnG4jb8Wpm6WXunIRb3wgQ1jrbyFnYFsZAJa7PYZQbIuvBun8oNP9xqv3hzdqAnRdIxv2juYEXAW-39M
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 10323
content-type: application/javascript
last-modified: Mon, 30 Jan 2023 05:43:23 GMT
accept-ranges: bytes
etag: "1d9346dc41627d3"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0/5/bYwAAAADBTDbtvAkDTq3fWbCoEhZoQ1BIMzBFREdFMDQxNgAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 02 Feb 2023 11:35:27 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/microsoft_logo.svg

13.107.238.53

200 OK

3.7 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/microsoft_logo.svg
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (3651), with no line terminators
Size
3.7 kB (3651 bytes)
Hash
ee5c8d9fb6248c938fd0dc19370e90bd
d01a22720918b781338b5bbf9202b241a5f99ee4
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /Content/newSignInFiles/microsoft_logo.svg HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/nam/8ec64476-ea09-48dd-8d5c-7bca366d9edc/131c2363-fe1e-4435-94e1-12f95a667395/81b271f9-4ead-41cc-b58e-448b838c1578/login?id=OE11WFlYQ1podUJTTkFFUTFneFh2Qk0zd1JKMzUxVFgxNktOZnYzQzZFVWI1akhsRW9ZMWJ6TTRaMWFqbDllbDh0RmwyT0pTRU5EelI0aTFxTHdERDlDZDJ5c0xXVW9mUUkyQVkzYVBDek05K3h5S3dyTWlnOG5hdzNxTlhkSnJQSy9tSWRSVXhhQjd2S25PdDZuUGZaSW1ONkhmenpJYkFGQ2traktHNndXQzUwVUtzb1RqQTA5ai83SmhEb0FDNTN6bmZVZW40RlFzdHZ4Nm1xNHNrVnZqeGN3dWd6YlJpNnAzUml0L2JyRTFhWkEzZVpTQmlvc2ppUTlnR3E1aWFkNGlhMTVQVTUySTBzUC9MS3g4b3FQeDdQbWVkY3hJcmJQVjljY0RiWWNBMGdMODNHdFZzdENpSXBZNWlPOXF1ODhNWmR0ZVhMRFF5NEN2RGwwWlBEQVRWUEFEVTZHUk9XYnNmNlNLVVViMzRCeG9SRVNwTDZ0TGVFeVRjaUFM
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8IyPgjwWv39MkhxEcpw9XuaKGoEyeYWaeH1rQk7KzDLFs-sKt1jJAcAlb6KTSMHv571MS-SwnG4jb8Wpm6WXunIRb3wgQ1jrbyFnYFsZAJa7PYZQbIuvBun8oNP9xqv3hzdqAnRdIxv2juYEXAW-39M
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 3651
content-type: image/svg+xml
last-modified: Mon, 30 Jan 2023 06:07:26 GMT
accept-ranges: bytes
etag: "1d93471202e6d43"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0/5/bYwAAAADAxr1LyYUmQqQ39yQ0+6K5Q1BIMzBFREdFMDQxNgAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 02 Feb 2023 11:35:27 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/converged.login.min.css

13.107.238.53

200 OK

88 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/converged.login.min.css
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (61123), with CRLF line terminators
Size
88 kB (88187 bytes)
Hash
962d66b5fa6c30ab93ed4762d692b0b6
264402864833193dc83aea439dfc26bbeae4199e
b975857eea84eb27fe2effc01b4045800b81d6e358b37a7a876ba813351745ce

HTTP Headers

GET /Content/newSignInFiles/converged.login.min.css HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/nam/8ec64476-ea09-48dd-8d5c-7bca366d9edc/131c2363-fe1e-4435-94e1-12f95a667395/81b271f9-4ead-41cc-b58e-448b838c1578/login?id=OE11WFlYQ1podUJTTkFFUTFneFh2Qk0zd1JKMzUxVFgxNktOZnYzQzZFVWI1akhsRW9ZMWJ6TTRaMWFqbDllbDh0RmwyT0pTRU5EelI0aTFxTHdERDlDZDJ5c0xXVW9mUUkyQVkzYVBDek05K3h5S3dyTWlnOG5hdzNxTlhkSnJQSy9tSWRSVXhhQjd2S25PdDZuUGZaSW1ONkhmenpJYkFGQ2traktHNndXQzUwVUtzb1RqQTA5ai83SmhEb0FDNTN6bmZVZW40RlFzdHZ4Nm1xNHNrVnZqeGN3dWd6YlJpNnAzUml0L2JyRTFhWkEzZVpTQmlvc2ppUTlnR3E1aWFkNGlhMTVQVTUySTBzUC9MS3g4b3FQeDdQbWVkY3hJcmJQVjljY0RiWWNBMGdMODNHdFZzdENpSXBZNWlPOXF1ODhNWmR0ZVhMRFF5NEN2RGwwWlBEQVRWUEFEVTZHUk9XYnNmNlNLVVViMzRCeG9SRVNwTDZ0TGVFeVRjaUFM
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8IyPgjwWv39MkhxEcpw9XuaKGoEyeYWaeH1rQk7KzDLFs-sKt1jJAcAlb6KTSMHv571MS-SwnG4jb8Wpm6WXunIRb3wgQ1jrbyFnYFsZAJa7PYZQbIuvBun8oNP9xqv3hzdqAnRdIxv2juYEXAW-39M
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 88187
content-type: text/css
last-modified: Mon, 30 Jan 2023 06:07:28 GMT
accept-ranges: bytes
etag: "1d93471215ec87b"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0/5/bYwAAAADYkyytcvGoRaiNKqM6sHoSQ1BIMzBFREdFMDQxNgAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 02 Feb 2023 11:35:27 GMT
X-Firefox-Spdy: h2

www.attemplate.com/nam/8ec64476-ea09-48dd-8d5c-7bca366d9edc/131c2363-fe1e-4435-94e1-12f95a667395/81b271f9-4ead-41cc-b58e-448b838c1578/login?id=OE11WFlYQ1podUJTTkFFUTFneFh2Qk0zd1JKMzUxVFgxNktOZnYzQzZFVWI1akhsRW9ZMWJ6TTRaMWFqbDllbDh0RmwyT0pTRU5EelI0aTFxTHdERDlDZDJ5c0xXVW9mUUkyQVkzYVBDek05K3h5S3dyTWlnOG5hdzNxTlhkSnJQSy9tSWRSVXhhQjd2S25PdDZuUGZaSW1ONkhmenpJYkFGQ2traktHNndXQzUwVUtzb1RqQTA5ai83SmhEb0FDNTN6bmZVZW40RlFzdHZ4Nm1xNHNrVnZqeGN3dWd6YlJpNnAzUml0L2JyRTFhWkEzZVpTQmlvc2ppUTlnR3E1aWFkNGlhMTVQVTUySTBzUC9MS3g4b3FQeDdQbWVkY3hJcmJQVjljY0RiWWNBMGdMODNHdFZzdENpSXBZNWlPOXF1ODhNWmR0ZVhMRFF5NEN2RGwwWlBEQVRWUEFEVTZHUk9XYnNmNlNLVVViMzRCeG9SRVNwTDZ0TGVFeVRjaUFM

13.107.238.53

200 OK

28 kB

URL HTTP/2
www.attemplate.com/nam/8ec64476-ea09-48dd-8d5c-7bca366d9edc/131c2363-fe1e-4435-94e1-12f95a667395/81b271f9-4ead-41cc-b58e-448b838c1578/login?id=OE11WFlYQ1podUJTTkFFUTFneFh2Qk0zd1JKMzUxVFgxNktOZnYzQzZFVWI1akhsRW9ZMWJ6TTRaMWFqbDllbDh0RmwyT0pTRU5EelI0aTFxTHdERDlDZDJ5c0xXVW9mUUkyQVkzYVBDek05K3h5S3dyTWlnOG5hdzNxTlhkSnJQSy9tSWRSVXhhQjd2S25PdDZuUGZaSW1ONkhmenpJYkFGQ2traktHNndXQzUwVUtzb1RqQTA5ai83SmhEb0FDNTN6bmZVZW40RlFzdHZ4Nm1xNHNrVnZqeGN3dWd6YlJpNnAzUml0L2JyRTFhWkEzZVpTQmlvc2ppUTlnR3E1aWFkNGlhMTVQVTUySTBzUC9MS3g4b3FQeDdQbWVkY3hJcmJQVjljY0RiWWNBMGdMODNHdFZzdENpSXBZNWlPOXF1ODhNWmR0ZVhMRFF5NEN2RGwwWlBEQVRWUEFEVTZHUk9XYnNmNlNLVVViMzRCeG9SRVNwTDZ0TGVFeVRjaUFM
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2652), with CRLF line terminators
Size
28 kB (28187 bytes)
Hash
d08ac9a1082cd77130b634dcfe0fdb3a
00e9c7f444ef66de550e488452598589bb243f22
1a840e4d05f07d36a273770f6dd7d8b1e9f5d8e2745539002db6c31de8438737

Detections

Analyzer	Verdict	Alert
openphish	Outlook
fortinet	Phishing

HTTP Headers

GET /nam/8ec64476-ea09-48dd-8d5c-7bca366d9edc/131c2363-fe1e-4435-94e1-12f95a667395/81b271f9-4ead-41cc-b58e-448b838c1578/login?id=OE11WFlYQ1podUJTTkFFUTFneFh2Qk0zd1JKMzUxVFgxNktOZnYzQzZFVWI1akhsRW9ZMWJ6TTRaMWFqbDllbDh0RmwyT0pTRU5EelI0aTFxTHdERDlDZDJ5c0xXVW9mUUkyQVkzYVBDek05K3h5S3dyTWlnOG5hdzNxTlhkSnJQSy9tSWRSVXhhQjd2S25PdDZuUGZaSW1ONkhmenpJYkFGQ2traktHNndXQzUwVUtzb1RqQTA5ai83SmhEb0FDNTN6bmZVZW40RlFzdHZ4Nm1xNHNrVnZqeGN3dWd6YlJpNnAzUml0L2JyRTFhWkEzZVpTQmlvc2ppUTlnR3E1aWFkNGlhMTVQVTUySTBzUC9MS3g4b3FQeDdQbWVkY3hJcmJQVjljY0RiWWNBMGdMODNHdFZzdENpSXBZNWlPOXF1ODhNWmR0ZVhMRFF5NEN2RGwwWlBEQVRWUEFEVTZHUk9XYnNmNlNLVVViMzRCeG9SRVNwTDZ0TGVFeVRjaUFM HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
set-cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8IyPgjwWv39MkhxEcpw9XuaKGoEyeYWaeH1rQk7KzDLFs-sKt1jJAcAlb6KTSMHv571MS-SwnG4jb8Wpm6WXunIRb3wgQ1jrbyFnYFsZAJa7PYZQbIuvBun8oNP9xqv3hzdqAnRdIxv2juYEXAW-39M; path=/; samesite=strict; httponly
request-context: appId=
strict-transport-security: max-age=2592000
x-frame-options: SAMEORIGIN
x-cache: CONFIG_NOCACHE
x-azure-ref: 0/Z/bYwAAAAA+ewpRZayKQLRwpdWQGRM0Q1BIMzBFREdFMDQxNgAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 02 Feb 2023 11:35:26 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/firstScript.js

13.107.238.53

200 OK

54 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/firstScript.js
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (39807), with CRLF line terminators
Size
54 kB (54099 bytes)
Hash
da5d678cfa62ab32b62a8123e923f822
ea31c64aa7f094ed21ea0acaa054fbe0745235fe
9fabe69e40bbff565755bbc408ba923e8d05867969c34e5448d334c8914d2ba0

HTTP Headers

GET /Content/newSignInFiles/firstScript.js HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/nam/8ec64476-ea09-48dd-8d5c-7bca366d9edc/131c2363-fe1e-4435-94e1-12f95a667395/81b271f9-4ead-41cc-b58e-448b838c1578/login?id=OE11WFlYQ1podUJTTkFFUTFneFh2Qk0zd1JKMzUxVFgxNktOZnYzQzZFVWI1akhsRW9ZMWJ6TTRaMWFqbDllbDh0RmwyT0pTRU5EelI0aTFxTHdERDlDZDJ5c0xXVW9mUUkyQVkzYVBDek05K3h5S3dyTWlnOG5hdzNxTlhkSnJQSy9tSWRSVXhhQjd2S25PdDZuUGZaSW1ONkhmenpJYkFGQ2traktHNndXQzUwVUtzb1RqQTA5ai83SmhEb0FDNTN6bmZVZW40RlFzdHZ4Nm1xNHNrVnZqeGN3dWd6YlJpNnAzUml0L2JyRTFhWkEzZVpTQmlvc2ppUTlnR3E1aWFkNGlhMTVQVTUySTBzUC9MS3g4b3FQeDdQbWVkY3hJcmJQVjljY0RiWWNBMGdMODNHdFZzdENpSXBZNWlPOXF1ODhNWmR0ZVhMRFF5NEN2RGwwWlBEQVRWUEFEVTZHUk9XYnNmNlNLVVViMzRCeG9SRVNwTDZ0TGVFeVRjaUFM
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8IyPgjwWv39MkhxEcpw9XuaKGoEyeYWaeH1rQk7KzDLFs-sKt1jJAcAlb6KTSMHv571MS-SwnG4jb8Wpm6WXunIRb3wgQ1jrbyFnYFsZAJa7PYZQbIuvBun8oNP9xqv3hzdqAnRdIxv2juYEXAW-39M
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 54099
content-type: application/javascript
last-modified: Mon, 30 Jan 2023 05:45:42 GMT
accept-ranges: bytes
etag: "1d9346e16ef1453"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0/5/bYwAAAACpcXDXgASVQJNsjhGK+DQRQ1BIMzBFREdFMDQxNgAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 02 Feb 2023 11:35:27 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/0-small.jpg

13.107.238.53

200 OK

1.0 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/0-small.jpg
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, xresolution=98, yresolution=106, resolutionunit=2, software=paint.net 4.0.13], baseline, precision 8, 50x28, components 3\012- data
Size
1.0 kB (1029 bytes)
Hash
12f4b8b543125cc986c79cd85320812f
e3142c687fe873e1a6a7d29016c7a451b8a2850f
c13db279143e1845ee4aaee5afedc5bd75e9f7d50024b63883b45332c4960b3b

HTTP Headers

GET /Content/newSignInFiles/0-small.jpg HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/nam/8ec64476-ea09-48dd-8d5c-7bca366d9edc/131c2363-fe1e-4435-94e1-12f95a667395/81b271f9-4ead-41cc-b58e-448b838c1578/login?id=OE11WFlYQ1podUJTTkFFUTFneFh2Qk0zd1JKMzUxVFgxNktOZnYzQzZFVWI1akhsRW9ZMWJ6TTRaMWFqbDllbDh0RmwyT0pTRU5EelI0aTFxTHdERDlDZDJ5c0xXVW9mUUkyQVkzYVBDek05K3h5S3dyTWlnOG5hdzNxTlhkSnJQSy9tSWRSVXhhQjd2S25PdDZuUGZaSW1ONkhmenpJYkFGQ2traktHNndXQzUwVUtzb1RqQTA5ai83SmhEb0FDNTN6bmZVZW40RlFzdHZ4Nm1xNHNrVnZqeGN3dWd6YlJpNnAzUml0L2JyRTFhWkEzZVpTQmlvc2ppUTlnR3E1aWFkNGlhMTVQVTUySTBzUC9MS3g4b3FQeDdQbWVkY3hJcmJQVjljY0RiWWNBMGdMODNHdFZzdENpSXBZNWlPOXF1ODhNWmR0ZVhMRFF5NEN2RGwwWlBEQVRWUEFEVTZHUk9XYnNmNlNLVVViMzRCeG9SRVNwTDZ0TGVFeVRjaUFM
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8IyPgjwWv39MkhxEcpw9XuaKGoEyeYWaeH1rQk7KzDLFs-sKt1jJAcAlb6KTSMHv571MS-SwnG4jb8Wpm6WXunIRb3wgQ1jrbyFnYFsZAJa7PYZQbIuvBun8oNP9xqv3hzdqAnRdIxv2juYEXAW-39M
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 1029
content-type: image/jpeg
last-modified: Fri, 27 Jan 2023 04:58:14 GMT
accept-ranges: bytes
etag: "1d9320bf6283305"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0AKDbYwAAAACVEUMHfS+KQYLYU1lLGN8+Q1BIMzBFREdFMDQxNgAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 02 Feb 2023 11:35:28 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/prefetch.html

13.107.238.53

200 OK

1.8 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/prefetch.html
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
1.8 kB (1756 bytes)
Hash
a9661376c6d3c89c6448e8efdce7fcfe
5f861ddc8c0d18fc4f1ad6f04a1232504b0e3f27
c7972543b426a4ea331b3de94b4c29071d2b69ec5b2616b7af195c5cf531e72f

HTTP Headers

GET /Content/newSignInFiles/prefetch.html HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/nam/8ec64476-ea09-48dd-8d5c-7bca366d9edc/131c2363-fe1e-4435-94e1-12f95a667395/81b271f9-4ead-41cc-b58e-448b838c1578/login?id=OE11WFlYQ1podUJTTkFFUTFneFh2Qk0zd1JKMzUxVFgxNktOZnYzQzZFVWI1akhsRW9ZMWJ6TTRaMWFqbDllbDh0RmwyT0pTRU5EelI0aTFxTHdERDlDZDJ5c0xXVW9mUUkyQVkzYVBDek05K3h5S3dyTWlnOG5hdzNxTlhkSnJQSy9tSWRSVXhhQjd2S25PdDZuUGZaSW1ONkhmenpJYkFGQ2traktHNndXQzUwVUtzb1RqQTA5ai83SmhEb0FDNTN6bmZVZW40RlFzdHZ4Nm1xNHNrVnZqeGN3dWd6YlJpNnAzUml0L2JyRTFhWkEzZVpTQmlvc2ppUTlnR3E1aWFkNGlhMTVQVTUySTBzUC9MS3g4b3FQeDdQbWVkY3hJcmJQVjljY0RiWWNBMGdMODNHdFZzdENpSXBZNWlPOXF1ODhNWmR0ZVhMRFF5NEN2RGwwWlBEQVRWUEFEVTZHUk9XYnNmNlNLVVViMzRCeG9SRVNwTDZ0TGVFeVRjaUFM
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8IyPgjwWv39MkhxEcpw9XuaKGoEyeYWaeH1rQk7KzDLFs-sKt1jJAcAlb6KTSMHv571MS-SwnG4jb8Wpm6WXunIRb3wgQ1jrbyFnYFsZAJa7PYZQbIuvBun8oNP9xqv3hzdqAnRdIxv2juYEXAW-39M
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 1756
content-type: text/html
last-modified: Fri, 27 Jan 2023 05:18:55 GMT
accept-ranges: bytes
etag: "1d9320ed9d9cf5c"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0AKDbYwAAAADnETgNEGC8Tbra7iX8Ue3nQ1BIMzBFREdFMDQxNgAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 02 Feb 2023 11:35:28 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/0.jpg

13.107.238.53

200 OK

298 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/0.jpg
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, xresolution=98, yresolution=106, resolutionunit=2, software=paint.net 4.0.13], baseline, precision 8, 1920x1080, components 3\012- data
Size
298 kB (298105 bytes)
Hash
f5a9a9531b8f4bcc86eabb19472d15d5
0aac0b09708622c679768aa62b11d95f0e8388de
62faab60433070e2ea52c235f0f18db228759f2a08bb6f9e5711630df8321214

HTTP Headers

GET /Content/newSignInFiles/0.jpg HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/nam/8ec64476-ea09-48dd-8d5c-7bca366d9edc/131c2363-fe1e-4435-94e1-12f95a667395/81b271f9-4ead-41cc-b58e-448b838c1578/login?id=OE11WFlYQ1podUJTTkFFUTFneFh2Qk0zd1JKMzUxVFgxNktOZnYzQzZFVWI1akhsRW9ZMWJ6TTRaMWFqbDllbDh0RmwyT0pTRU5EelI0aTFxTHdERDlDZDJ5c0xXVW9mUUkyQVkzYVBDek05K3h5S3dyTWlnOG5hdzNxTlhkSnJQSy9tSWRSVXhhQjd2S25PdDZuUGZaSW1ONkhmenpJYkFGQ2traktHNndXQzUwVUtzb1RqQTA5ai83SmhEb0FDNTN6bmZVZW40RlFzdHZ4Nm1xNHNrVnZqeGN3dWd6YlJpNnAzUml0L2JyRTFhWkEzZVpTQmlvc2ppUTlnR3E1aWFkNGlhMTVQVTUySTBzUC9MS3g4b3FQeDdQbWVkY3hJcmJQVjljY0RiWWNBMGdMODNHdFZzdENpSXBZNWlPOXF1ODhNWmR0ZVhMRFF5NEN2RGwwWlBEQVRWUEFEVTZHUk9XYnNmNlNLVVViMzRCeG9SRVNwTDZ0TGVFeVRjaUFM
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8IyPgjwWv39MkhxEcpw9XuaKGoEyeYWaeH1rQk7KzDLFs-sKt1jJAcAlb6KTSMHv571MS-SwnG4jb8Wpm6WXunIRb3wgQ1jrbyFnYFsZAJa7PYZQbIuvBun8oNP9xqv3hzdqAnRdIxv2juYEXAW-39M
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 298105
content-type: image/jpeg
last-modified: Mon, 30 Jan 2023 05:24:59 GMT
accept-ranges: bytes
etag: "1d9346b32098bf9"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0AKDbYwAAAAD6imlLPR8mSqh5luKTbgNWQ1BIMzBFREdFMDQxNgAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 02 Feb 2023 11:35:28 GMT
X-Firefox-Spdy: h2

secure.aadcdn.microsoftonline-p.com/ests/2.1.7362.11/content/cdnbundles/watsonsupport.min.js

104.88.21.65

200 OK

38 kB

URL HTTP/1.1
secure.aadcdn.microsoftonline-p.com/ests/2.1.7362.11/content/cdnbundles/watsonsupport.min.js
IP
104.88.21.65:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (32083)
Size
38 kB (38473 bytes)
Hash
ba1f871fe9fbfe0ad04cebb6fadb310a
4cda39e75d7150e0848afbcc792b219b9aa94199
a012ac4ab760ff33f4687ff7a7ab204025e229ee9dd8b15f271d464f6a935c64

HTTP Headers

GET /ests/2.1.7362.11/content/cdnbundles/watsonsupport.min.js HTTP/1.1
Host: secure.aadcdn.microsoftonline-p.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Length: 38473
Content-Type: application/x-javascript
Content-Encoding: gzip
Content-MD5: uh+HH+n7/grQTOu2+tsxCg==
Last-Modified: Sat, 18 May 2019 15:11:34 GMT
Cache-Control: public, max-age=183554
Date: Thu, 02 Feb 2023 11:35:28 GMT
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Origin: *

secure.aadcdn.microsoftonline-p.com/ests/2.1.7362.11/content/cdnbundles/frameworksupport.min.js

104.88.21.65

200 OK

4.9 kB

URL HTTP/1.1
secure.aadcdn.microsoftonline-p.com/ests/2.1.7362.11/content/cdnbundles/frameworksupport.min.js
IP
104.88.21.65:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (10924)
Size
4.9 kB (4855 bytes)
Hash
d3e0516c821ba596614af3b0d3362b82
56353c5fbb6a76635521e378f91f6d6f80ccf611
e229fe312a20c124015ffbcf6f03b72fb91cef7641297d28e5e737c4bed96260

HTTP Headers

GET /ests/2.1.7362.11/content/cdnbundles/frameworksupport.min.js HTTP/1.1
Host: secure.aadcdn.microsoftonline-p.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Length: 4855
Content-Type: application/x-javascript
Content-Encoding: gzip
Content-MD5: 0+BRbIIbpZZhSvOw0zYrgg==
Last-Modified: Sat, 18 May 2019 15:12:35 GMT
Cache-Control: public, max-age=183589
Date: Thu, 02 Feb 2023 11:35:28 GMT
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Origin: *

www.attemplate.com/Content/newSignInFiles/prefetch_1.html

13.107.238.53

200 OK

3.4 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/prefetch_1.html
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (1188), with CRLF line terminators
Size
3.4 kB (3401 bytes)
Hash
64a497444d32ffc563f0acb028a00add
0128ccd7f2db9cad212bbad9604fbf375fd6e9d2
b3ed53e1ec89c55f0ad6f8241900b6fb06c8538158ae386ad18666942a6c1180

HTTP Headers

GET /Content/newSignInFiles/prefetch_1.html HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/Content/newSignInFiles/prefetch.html
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8IyPgjwWv39MkhxEcpw9XuaKGoEyeYWaeH1rQk7KzDLFs-sKt1jJAcAlb6KTSMHv571MS-SwnG4jb8Wpm6WXunIRb3wgQ1jrbyFnYFsZAJa7PYZQbIuvBun8oNP9xqv3hzdqAnRdIxv2juYEXAW-39M
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 3401
content-type: text/html
last-modified: Fri, 27 Jan 2023 05:10:55 GMT
accept-ranges: bytes
etag: "1d9320dbbbf94c9"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0AKDbYwAAAABZpVEjUyfsSo/jEHo6STIpQ1BIMzBFREdFMDQxNgAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 02 Feb 2023 11:35:28 GMT
X-Firefox-Spdy: h2

secure.aadcdn.microsoftonline-p.com/ests/2.1.7362.11/content/cdnbundles/watson.min.js

104.88.21.65

200 OK

3.8 kB

URL HTTP/1.1
secure.aadcdn.microsoftonline-p.com/ests/2.1.7362.11/content/cdnbundles/watson.min.js
IP
104.88.21.65:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (8878), with no line terminators
Size
3.8 kB (3780 bytes)
Hash
5b5f0189c1948f02eb830e159946889e
b8cc8fa54058a613c29d355d432f967390dfdf6b
63e479c4b1297ac1553593205650af172e1225447a9b8a1faac306d5d496942f

HTTP Headers

GET /ests/2.1.7362.11/content/cdnbundles/watson.min.js HTTP/1.1
Host: secure.aadcdn.microsoftonline-p.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Length: 3780
Content-Type: application/x-javascript
Content-Encoding: gzip
Content-MD5: W18BicGUjwLrgw4VmUaIng==
Last-Modified: Sat, 18 May 2019 15:11:58 GMT
Cache-Control: public, max-age=183555
Date: Thu, 02 Feb 2023 11:35:28 GMT
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Origin: *

www.attemplate.com/Content/newSignInFiles/share.html

13.107.238.53

200 OK

61 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/share.html
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (34636), with CRLF line terminators
Size
61 kB (61050 bytes)
Hash
9a3bb6d1929df442683d0042a4da4736
f40f88e9c5043f43ce176313738f0242bc741ddb
1f2052b393bc87d22c4320ac95cfa8e0e0b5e6e505be6e49c9b8158df02ff1be

HTTP Headers

GET /Content/newSignInFiles/share.html HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/Content/newSignInFiles/prefetch.html
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8IyPgjwWv39MkhxEcpw9XuaKGoEyeYWaeH1rQk7KzDLFs-sKt1jJAcAlb6KTSMHv571MS-SwnG4jb8Wpm6WXunIRb3wgQ1jrbyFnYFsZAJa7PYZQbIuvBun8oNP9xqv3hzdqAnRdIxv2juYEXAW-39M
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 61050
content-type: text/html
last-modified: Fri, 27 Jan 2023 05:42:03 GMT
accept-ranges: bytes
etag: "1d93212152929fa"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0AKDbYwAAAADMNPaI+16fSb5q3FmzNZeFQ1BIMzBFREdFMDQxNgAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 02 Feb 2023 11:35:28 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/sharedFontStyles.css

13.107.238.53

200 OK

81 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/sharedFontStyles.css
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (65536), with no line terminators
Size
81 kB (80753 bytes)
Hash
f2b550ccd5342b303f228c6c21b75a5a
1f0d44968065c0e7c6c94c48b64df85fd87319ee
0365a3907c20a89c185786deb53076a06d0c823926153a46d534359e05b3fd94

HTTP Headers

GET /Content/newSignInFiles/sharedFontStyles.css HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/Content/newSignInFiles/prefetch.html
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8IyPgjwWv39MkhxEcpw9XuaKGoEyeYWaeH1rQk7KzDLFs-sKt1jJAcAlb6KTSMHv571MS-SwnG4jb8Wpm6WXunIRb3wgQ1jrbyFnYFsZAJa7PYZQbIuvBun8oNP9xqv3hzdqAnRdIxv2juYEXAW-39M
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 80753
content-type: text/css
last-modified: Fri, 27 Jan 2023 04:45:58 GMT
accept-ranges: bytes
etag: "1d9320a3f76bc71"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0AKDbYwAAAACad9DSokjCTbCC1ri7OYXsQ1BIMzBFREdFMDQxNgAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 02 Feb 2023 11:35:28 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/boot.worldwide.3.mouse.js

13.107.238.53

200 OK

656 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/boot.worldwide.3.mouse.js
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (65339), with CRLF line terminators
Size
656 kB (656278 bytes)
Hash
97c5f8fff487304a9482b1bc49cc0d01
4e2f7c2efef5e2eb974e42c75add4c5fe62bc3f6
09b52730dfeb19700920e33d3a12060ec2c78ccb62b7336a22a3d39fb07674a5

HTTP Headers

GET /Content/newSignInFiles/boot.worldwide.3.mouse.js HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/Content/newSignInFiles/prefetch_1.html
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8IyPgjwWv39MkhxEcpw9XuaKGoEyeYWaeH1rQk7KzDLFs-sKt1jJAcAlb6KTSMHv571MS-SwnG4jb8Wpm6WXunIRb3wgQ1jrbyFnYFsZAJa7PYZQbIuvBun8oNP9xqv3hzdqAnRdIxv2juYEXAW-39M
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 656278
content-type: application/javascript
last-modified: Fri, 27 Jan 2023 04:45:58 GMT
accept-ranges: bytes
etag: "1d9320a3f7d8496"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0AKDbYwAAAAAj4MasgDdaS7Ukjl8cCaZAQ1BIMzBFREdFMDQxNgAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 02 Feb 2023 11:35:28 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/favicon_a.ico

13.107.238.53

200 OK

17 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/favicon_a.ico
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors\012- data
Size
17 kB (17174 bytes)
Hash
12e3dac858061d088023b2bd48e2fa96
e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /Content/newSignInFiles/favicon_a.ico HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/nam/8ec64476-ea09-48dd-8d5c-7bca366d9edc/131c2363-fe1e-4435-94e1-12f95a667395/81b271f9-4ead-41cc-b58e-448b838c1578/login?id=OE11WFlYQ1podUJTTkFFUTFneFh2Qk0zd1JKMzUxVFgxNktOZnYzQzZFVWI1akhsRW9ZMWJ6TTRaMWFqbDllbDh0RmwyT0pTRU5EelI0aTFxTHdERDlDZDJ5c0xXVW9mUUkyQVkzYVBDek05K3h5S3dyTWlnOG5hdzNxTlhkSnJQSy9tSWRSVXhhQjd2S25PdDZuUGZaSW1ONkhmenpJYkFGQ2traktHNndXQzUwVUtzb1RqQTA5ai83SmhEb0FDNTN6bmZVZW40RlFzdHZ4Nm1xNHNrVnZqeGN3dWd6YlJpNnAzUml0L2JyRTFhWkEzZVpTQmlvc2ppUTlnR3E1aWFkNGlhMTVQVTUySTBzUC9MS3g4b3FQeDdQbWVkY3hJcmJQVjljY0RiWWNBMGdMODNHdFZzdENpSXBZNWlPOXF1ODhNWmR0ZVhMRFF5NEN2RGwwWlBEQVRWUEFEVTZHUk9XYnNmNlNLVVViMzRCeG9SRVNwTDZ0TGVFeVRjaUFM
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8IyPgjwWv39MkhxEcpw9XuaKGoEyeYWaeH1rQk7KzDLFs-sKt1jJAcAlb6KTSMHv571MS-SwnG4jb8Wpm6WXunIRb3wgQ1jrbyFnYFsZAJa7PYZQbIuvBun8oNP9xqv3hzdqAnRdIxv2juYEXAW-39M
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 17174
content-type: image/x-icon
last-modified: Mon, 30 Jan 2023 05:45:42 GMT
accept-ranges: bytes
etag: "1d9346e16ef8416"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0AKDbYwAAAADYJDdu7IMfR6wH7VmMXAaiQ1BIMzBFREdFMDQxNgAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 02 Feb 2023 11:35:28 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/odbshare.resx-30cb8c0f.js

13.107.238.53

200 OK

55 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/odbshare.resx-30cb8c0f.js
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 text, with very long lines (54840), with no line terminators
Size
55 kB (54846 bytes)
Hash
30cb8c0f0121ecf0d7e72f25e99db372
d5569b73a452b935da0394cda601ef83e69e5361
df5b5ebcb8f62fb2e24b77c57d71f02f98705370ccad457e4ca214975ab77498

HTTP Headers

GET /Content/newSignInFiles/odbshare.resx-30cb8c0f.js HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.attemplate.com/Content/newSignInFiles/share.html
Connection: keep-alive
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8IyPgjwWv39MkhxEcpw9XuaKGoEyeYWaeH1rQk7KzDLFs-sKt1jJAcAlb6KTSMHv571MS-SwnG4jb8Wpm6WXunIRb3wgQ1jrbyFnYFsZAJa7PYZQbIuvBun8oNP9xqv3hzdqAnRdIxv2juYEXAW-39M
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 54846
content-type: application/javascript
last-modified: Mon, 30 Jan 2023 04:07:08 GMT
accept-ranges: bytes
etag: "1d9346051ea283e"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0AKDbYwAAAAA4+/F915bqRI1+PeJSntw2Q1BIMzBFREdFMDQxNgAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 02 Feb 2023 11:35:28 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/react-e173c92e.js

13.107.238.53

200 OK

151 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/react-e173c92e.js
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (65536), with no line terminators
Size
151 kB (150787 bytes)
Hash
e173c92e0f5b1f151fb56b251cacbc39
5a2ecc596693c47856d22c7f240c9b9568bb96a0
66bcaf33e9ff0218ddd697bfcc5067e10840ae8055f271dcf7d5a37ade6ee22f

HTTP Headers

GET /Content/newSignInFiles/react-e173c92e.js HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.attemplate.com/Content/newSignInFiles/share.html
Connection: keep-alive
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8IyPgjwWv39MkhxEcpw9XuaKGoEyeYWaeH1rQk7KzDLFs-sKt1jJAcAlb6KTSMHv571MS-SwnG4jb8Wpm6WXunIRb3wgQ1jrbyFnYFsZAJa7PYZQbIuvBun8oNP9xqv3hzdqAnRdIxv2juYEXAW-39M
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 150787
content-type: application/javascript
last-modified: Mon, 30 Jan 2023 05:32:48 GMT
accept-ranges: bytes
etag: "1d9346c499a8d03"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0AKDbYwAAAACkbbeAAxKSQ6Lhb+LNFCJmQ1BIMzBFREdFMDQxNgAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 02 Feb 2023 11:35:28 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/staticStylesFluent.css

13.107.238.53

200 OK

42 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/staticStylesFluent.css
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (42370), with no line terminators
Size
42 kB (42370 bytes)
Hash
91eabe9f6d879f4ca72b65493213bd68
0f6815e186b3c08e4e4aa3105282db2588c9dd33
3e17954a96ef8fdab6b6c32b08452a5e555f3c95a3ac691913542b54198c3dc5

HTTP Headers

GET /Content/newSignInFiles/staticStylesFluent.css HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/Content/newSignInFiles/prefetch.html
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8IyPgjwWv39MkhxEcpw9XuaKGoEyeYWaeH1rQk7KzDLFs-sKt1jJAcAlb6KTSMHv571MS-SwnG4jb8Wpm6WXunIRb3wgQ1jrbyFnYFsZAJa7PYZQbIuvBun8oNP9xqv3hzdqAnRdIxv2juYEXAW-39M
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 42370
content-type: text/css
last-modified: Mon, 30 Jan 2023 06:03:33 GMT
accept-ranges: bytes
etag: "1d93470954dcd02"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0AKDbYwAAAABhaQYPkVZZTJnI96+gjaYtQ1BIMzBFREdFMDQxNgAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 02 Feb 2023 11:35:29 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/knockout-b324ae36.js

13.107.238.53

200 OK

66 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/knockout-b324ae36.js
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (59466), with CRLF line terminators
Size
66 kB (65592 bytes)
Hash
1fe900de2fc85937b8fd66b912d5ec98
1aa37910ecec33bee345da74cd5ee50feb85fbe1
5052bc6222b5c7990b21575a67fbeb1396e550fb03d11b86c9bc96dbb8a9e4e7

HTTP Headers

GET /Content/newSignInFiles/knockout-b324ae36.js HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.attemplate.com/Content/newSignInFiles/share.html
Connection: keep-alive
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8IyPgjwWv39MkhxEcpw9XuaKGoEyeYWaeH1rQk7KzDLFs-sKt1jJAcAlb6KTSMHv571MS-SwnG4jb8Wpm6WXunIRb3wgQ1jrbyFnYFsZAJa7PYZQbIuvBun8oNP9xqv3hzdqAnRdIxv2juYEXAW-39M
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 65592
content-type: application/javascript
last-modified: Thu, 02 Feb 2023 05:24:47 GMT
accept-ranges: bytes
etag: "1d936c6aa2239b8"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0AKDbYwAAAABvOqaiC7lQR7fw3os+PTCyQ1BIMzBFREdFMDQxNgAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 02 Feb 2023 11:35:29 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/sprite1.mouse.png

13.107.238.53

200 OK

17 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/sprite1.mouse.png
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 600 x 75, 8-bit/color RGBA, non-interlaced\012- data
Size
17 kB (16664 bytes)
Hash
2835f067dcf4c8a12464856267ca8ff7
ab0a6ccd3932d913314b1ff617f236750781a835
4b5cc3fed2c03c158abc3634c1f7700079fbc1e6183aa5e47a2064cfed87977c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /Content/newSignInFiles/sprite1.mouse.png HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/Content/newSignInFiles/prefetch_1.html
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8IyPgjwWv39MkhxEcpw9XuaKGoEyeYWaeH1rQk7KzDLFs-sKt1jJAcAlb6KTSMHv571MS-SwnG4jb8Wpm6WXunIRb3wgQ1jrbyFnYFsZAJa7PYZQbIuvBun8oNP9xqv3hzdqAnRdIxv2juYEXAW-39M
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 16664
content-type: image/png
last-modified: Mon, 30 Jan 2023 05:53:42 GMT
accept-ranges: bytes
etag: "1d9346f3509b618"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0AKDbYwAAAACEZqc3lQ6aS7jGhFaLO3stQ1BIMzBFREdFMDQxNgAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 02 Feb 2023 11:35:29 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/boot.worldwide.mouse.css

13.107.238.53

200 OK

232 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/boot.worldwide.mouse.css
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (65536), with no line terminators
Size
232 kB (232377 bytes)
Hash
48fc1595ceb5f14fd150e4c303231a66
cfea5fe8e941a3b54c37362e21b2f64969d51bb0
1be30cb9303e429a65d50bfa98d279c803256485836027d99b4b195b7fcd9f69

HTTP Headers

GET /Content/newSignInFiles/boot.worldwide.mouse.css HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/Content/newSignInFiles/prefetch_1.html
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8IyPgjwWv39MkhxEcpw9XuaKGoEyeYWaeH1rQk7KzDLFs-sKt1jJAcAlb6KTSMHv571MS-SwnG4jb8Wpm6WXunIRb3wgQ1jrbyFnYFsZAJa7PYZQbIuvBun8oNP9xqv3hzdqAnRdIxv2juYEXAW-39M
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 232377
content-type: text/css
last-modified: Thu, 02 Feb 2023 08:37:47 GMT
accept-ranges: bytes
etag: "1d936e1a0597439"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0AKDbYwAAAAAU3STscDBSRKXg+6xPolKaQ1BIMzBFREdFMDQxNgAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 02 Feb 2023 11:35:29 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/sprite1.mouse.css

13.107.238.53

200 OK

7.6 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/sprite1.mouse.css
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (7604), with no line terminators
Size
7.6 kB (7604 bytes)
Hash
e9ba472d2ddb09fb3ec536dc240b1976
99daf55408b077f6f56daaf6cae4e54dc0fc0cfa
461f87e55bba34c4d9248d1b45685ea832eba56c15ebf6cccf75d49f1547b502

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /Content/newSignInFiles/sprite1.mouse.css HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/Content/newSignInFiles/prefetch_1.html
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8IyPgjwWv39MkhxEcpw9XuaKGoEyeYWaeH1rQk7KzDLFs-sKt1jJAcAlb6KTSMHv571MS-SwnG4jb8Wpm6WXunIRb3wgQ1jrbyFnYFsZAJa7PYZQbIuvBun8oNP9xqv3hzdqAnRdIxv2juYEXAW-39M
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 7604
content-type: text/css
last-modified: Mon, 30 Jan 2023 04:05:03 GMT
accept-ranges: bytes
etag: "1d9346007699c34"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0AKDbYwAAAAD+mZnGJLoHToKuW1w+fXVkQ1BIMzBFREdFMDQxNgAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 02 Feb 2023 11:35:29 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/boot.worldwide.0.mouse.js

13.107.238.53

200 OK

659 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/boot.worldwide.0.mouse.js
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (59852), with CRLF line terminators
Size
659 kB (658812 bytes)
Hash
ddbd3e0172d580dce1d5037ac1b7df8b
182379569666d07d0505621be9d8e1b32353bd8e
7a321e19122b4aea06314fc09e75cf19e37d4ba61e6e315371987ac895e806ce

HTTP Headers

GET /Content/newSignInFiles/boot.worldwide.0.mouse.js HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/Content/newSignInFiles/prefetch_1.html
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8IyPgjwWv39MkhxEcpw9XuaKGoEyeYWaeH1rQk7KzDLFs-sKt1jJAcAlb6KTSMHv571MS-SwnG4jb8Wpm6WXunIRb3wgQ1jrbyFnYFsZAJa7PYZQbIuvBun8oNP9xqv3hzdqAnRdIxv2juYEXAW-39M
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 658812
content-type: application/javascript
last-modified: Mon, 30 Jan 2023 05:45:42 GMT
accept-ranges: bytes
etag: "1d9346e16e5ca7c"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0AKDbYwAAAABYgFqH3WpfTpdOfKg9W/wDQ1BIMzBFREdFMDQxNgAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 02 Feb 2023 11:35:29 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/odbshare-deca58ee.js

13.107.238.53

200 OK

1.3 MB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/odbshare-deca58ee.js
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (52526), with CRLF line terminators
Size
1.3 MB (1267037 bytes)
Hash
36e4d5260114c1c0aaaf543f60242abe
216bb5e7b2d7b3ea2fa94be5bd0daaa8420d9294
23f0ff28cbffa80317fd222cb6b7857cfd2075be3bccebfac2cbc97ad1747da6

HTTP Headers

GET /Content/newSignInFiles/odbshare-deca58ee.js HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.attemplate.com/Content/newSignInFiles/share.html
Connection: keep-alive
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8IyPgjwWv39MkhxEcpw9XuaKGoEyeYWaeH1rQk7KzDLFs-sKt1jJAcAlb6KTSMHv571MS-SwnG4jb8Wpm6WXunIRb3wgQ1jrbyFnYFsZAJa7PYZQbIuvBun8oNP9xqv3hzdqAnRdIxv2juYEXAW-39M
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 1267037
content-type: application/javascript
last-modified: Mon, 30 Jan 2023 05:47:28 GMT
accept-ranges: bytes
etag: "1d9346e560d4d5d"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0AKDbYwAAAAD5qn8LGQH0RrVYVkEsxf+vQ1BIMzBFREdFMDQxNgAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 02 Feb 2023 11:35:29 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/boot.worldwide.1.mouse.js

13.107.238.53

200 OK

655 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/boot.worldwide.1.mouse.js
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (65339), with CRLF line terminators
Size
655 kB (655420 bytes)
Hash
6a959bbef782c384e9bc59b6ca8985f5
6ff91ca8fc691f7ae420d6ee41b5172b08968f3f
eccbfcf674637944b0ad6c956e8a1210838158a3fa589d9d3752bc667ecfb09b

HTTP Headers

GET /Content/newSignInFiles/boot.worldwide.1.mouse.js HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/Content/newSignInFiles/prefetch_1.html
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8IyPgjwWv39MkhxEcpw9XuaKGoEyeYWaeH1rQk7KzDLFs-sKt1jJAcAlb6KTSMHv571MS-SwnG4jb8Wpm6WXunIRb3wgQ1jrbyFnYFsZAJa7PYZQbIuvBun8oNP9xqv3hzdqAnRdIxv2juYEXAW-39M
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 655420
content-type: application/javascript
last-modified: Mon, 30 Jan 2023 04:21:12 GMT
accept-ranges: bytes
etag: "1d9346248f12c3c"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0AKDbYwAAAAC/mJcMOVd1T582o9BtgZw1Q1BIMzBFREdFMDQxNgAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 02 Feb 2023 11:35:29 GMT
X-Firefox-Spdy: h2

r4.res.office365.com/owa/prem/16.2170.8.2502626/scripts/boot.worldwide.0.mouse.js

95.101.10.209

200 OK

178 kB

URL HTTP/2
r4.res.office365.com/owa/prem/16.2170.8.2502626/scripts/boot.worldwide.0.mouse.js
IP
95.101.10.209:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (59852), with CRLF line terminators
Size
178 kB (178168 bytes)
Hash
766d8b9b12b91afafe8e4acd88b189a0
2d521e0d6078ef684ae221170e0fa983e1d44760
88d8843e944d171335d8b95a11adadc743923d629c1db108178a642920bb9c7c

HTTP Headers

GET /owa/prem/16.2170.8.2502626/scripts/boot.worldwide.0.mouse.js HTTP/1.1
Host: r4.res.office365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
last-modified: Thu, 01 Mar 2018 22:03:28 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 178168
cache-control: public,max-age=630720000, s-maxage=630720000
date: Thu, 02 Feb 2023 11:35:31 GMT
timing-allow-origin: *
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

r4.res.office365.com/owa/prem/16.2170.8.2502626/scripts/boot.worldwide.1.mouse.js

95.101.10.209

200 OK

162 kB

URL HTTP/2
r4.res.office365.com/owa/prem/16.2170.8.2502626/scripts/boot.worldwide.1.mouse.js
IP
95.101.10.209:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (65339), with CRLF line terminators
Size
162 kB (161597 bytes)
Hash
1ad01b5690ad4fb23b104fc317ad7b7f
7f49802bcfbdd4e585ffc6d691848a673ef06625
958c030322a82decf7b6da5642b8bb084c7e9d8533e59f91062734a094493851

HTTP Headers

GET /owa/prem/16.2170.8.2502626/scripts/boot.worldwide.1.mouse.js HTTP/1.1
Host: r4.res.office365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
last-modified: Thu, 01 Mar 2018 22:03:27 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 161597
cache-control: public,max-age=630720000, s-maxage=630720000
date: Thu, 02 Feb 2023 11:35:31 GMT
timing-allow-origin: *
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/boot.worldwide.2.mouse.js

13.107.238.53

200 OK

1.7 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/boot.worldwide.2.mouse.js
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
data
Size
1.7 kB (1741 bytes)
Hash
cc90e0e8ba19d2130161b29c444bb874
b36e6c060a7556a43adbf32c695b83a1530c09ba
9367e12c6dfd1bb7bcef71b9b4f7ee00e3b37403cf2957daf484795e01e5d274

HTTP Headers

GET /Content/newSignInFiles/boot.worldwide.2.mouse.js HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/Content/newSignInFiles/prefetch_1.html
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8IyPgjwWv39MkhxEcpw9XuaKGoEyeYWaeH1rQk7KzDLFs-sKt1jJAcAlb6KTSMHv571MS-SwnG4jb8Wpm6WXunIRb3wgQ1jrbyFnYFsZAJa7PYZQbIuvBun8oNP9xqv3hzdqAnRdIxv2juYEXAW-39M
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 658229
content-type: application/javascript
last-modified: Fri, 27 Jan 2023 05:09:43 GMT
accept-ranges: bytes
etag: "1d9320d90df4eb5"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0AKDbYwAAAABVTG3PHZ9dTLJJkbICG5AdQ1BIMzBFREdFMDQxNgAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 02 Feb 2023 11:35:28 GMT
X-Firefox-Spdy: h2

oneocsp.microsoft.com/ocsp

204.79.197.203

200 OK

1.7 kB

URL HTTP/1.1
oneocsp.microsoft.com/ocsp
IP
204.79.197.203:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
data
Size
1.7 kB (1741 bytes)
Hash
2c9c937703bbfdc8eb8c630e0f4a0ee6
3a76f7dd45b974b7882a102a8fe2c361739d36a1
3f000cfd208e3d4ccd48d125a06551c6dd4722c6cf9e537e2902f5ecc4856121

HTTP Headers

POST /ocsp HTTP/1.1
Host: oneocsp.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: max-age=86400
Content-Length: 1741
Content-Type: application/ocsp-response
Expires: Sun, 05 Feb 2023 15:50:09 GMT
Last-Modified: Wed, 01 Feb 2023 14:14:09 GMT
ETag: "3f000cfd208e3d4ccd48d125a06551c6dd4722c6cf9e537e2902f5ecc4856121"
X-Powered-By: ASP.NET
x-content-type-options: nosniff
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: 2FAD71F3785540638C364F3B53425B43 Ref B: OSL30EDGE0116 Ref C: 2023-02-02T11:35:32Z
Date: Thu, 02 Feb 2023 11:35:31 GMT

oneocsp.microsoft.com/ocsp

204.79.197.203

200 OK

1.7 kB

URL HTTP/1.1
oneocsp.microsoft.com/ocsp
IP
204.79.197.203:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
data
Size
1.7 kB (1741 bytes)
Hash
addd60e7806c7bd9b33d6e89f8d4903e
1aa87bcc54cffcf14b9db39560148d9b3b5d867b
73e036f0c276b7c91ab01466a945e8d663f4942ac453b3cef8fcb3bebc4a37e1

HTTP Headers

POST /ocsp HTTP/1.1
Host: oneocsp.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: max-age=86400
Content-Length: 1741
Content-Type: application/ocsp-response
Expires: Sun, 05 Feb 2023 15:50:08 GMT
Last-Modified: Thu, 02 Feb 2023 10:14:09 GMT
ETag: "73e036f0c276b7c91ab01466a945e8d663f4942ac453b3cef8fcb3bebc4a37e1"
X-Powered-By: ASP.NET
x-content-type-options: nosniff
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: 4DA9C2BF1FC24DB5A06971ACC5C71A8C Ref B: OSL30EDGE0520 Ref C: 2023-02-02T11:35:32Z
Date: Thu, 02 Feb 2023 11:35:31 GMT

oneocsp.microsoft.com/ocsp

204.79.197.203

200 OK

1.7 kB

URL HTTP/1.1
oneocsp.microsoft.com/ocsp
IP
204.79.197.203:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
data
Size
1.7 kB (1741 bytes)
Hash
0848076407afba96e394a4264dada7db
3bf01ed072bd24ea62e6f3c50965df9d7b10b138
0722334d6a021518ae997138f473e5007174d1ea858515cc01819380535f49e9

HTTP Headers

POST /ocsp HTTP/1.1
Host: oneocsp.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: max-age=86400
Content-Length: 1741
Content-Type: application/ocsp-response
Expires: Sun, 05 Feb 2023 15:50:08 GMT
Last-Modified: Wed, 01 Feb 2023 18:14:09 GMT
ETag: "0722334d6a021518ae997138f473e5007174d1ea858515cc01819380535f49e9"
X-Powered-By: ASP.NET
x-content-type-options: nosniff
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: BF6D0E2310AA4ADA91F7F717F0D09062 Ref B: OSL30EDGE0517 Ref C: 2023-02-02T11:35:32Z
Date: Thu, 02 Feb 2023 11:35:31 GMT

r4.res.office365.com/owa/prem/16.2170.8.2502626/scripts/boot.worldwide.2.mouse.js

95.101.10.209

200 OK

169 kB

URL HTTP/2
r4.res.office365.com/owa/prem/16.2170.8.2502626/scripts/boot.worldwide.2.mouse.js
IP
95.101.10.209:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (65339), with CRLF line terminators
Size
169 kB (169086 bytes)
Hash
33a2371675f9bb0d0eb8517b37ec3d0a
d7c8c6ace771737008ce3fc394fb69ec884e3918
01c5e59886323fb58a19db9f8c32cdba56edadca304e7f918f6b45bb4829c2c2

HTTP Headers

GET /owa/prem/16.2170.8.2502626/scripts/boot.worldwide.2.mouse.js HTTP/1.1
Host: r4.res.office365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
last-modified: Thu, 01 Mar 2018 22:03:28 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 169086
cache-control: public,max-age=630720000, s-maxage=630720000
date: Thu, 02 Feb 2023 11:35:32 GMT
timing-allow-origin: *
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

oneocsp.microsoft.com/ocsp

204.79.197.203

200 OK

1.7 kB

URL HTTP/1.1
oneocsp.microsoft.com/ocsp
IP
204.79.197.203:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
data
Size
1.7 kB (1741 bytes)
Hash
0848076407afba96e394a4264dada7db
3bf01ed072bd24ea62e6f3c50965df9d7b10b138
0722334d6a021518ae997138f473e5007174d1ea858515cc01819380535f49e9

HTTP Headers

POST /ocsp HTTP/1.1
Host: oneocsp.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: max-age=86400
Content-Length: 1741
Content-Type: application/ocsp-response
Expires: Sun, 05 Feb 2023 15:50:08 GMT
Last-Modified: Wed, 01 Feb 2023 18:14:09 GMT
ETag: "0722334d6a021518ae997138f473e5007174d1ea858515cc01819380535f49e9"
X-Powered-By: ASP.NET
x-content-type-options: nosniff
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: D3B0F8A49C4F496283C9DAF00235580F Ref B: OSL30EDGE0310 Ref C: 2023-02-02T11:35:32Z
Date: Thu, 02 Feb 2023 11:35:31 GMT

r4.res.office365.com/owa/prem/16.2170.8.2502626/scripts/boot.worldwide.3.mouse.js

95.101.10.209

200 OK

145 kB

URL HTTP/2
r4.res.office365.com/owa/prem/16.2170.8.2502626/scripts/boot.worldwide.3.mouse.js
IP
95.101.10.209:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (65339), with CRLF line terminators
Size
145 kB (144731 bytes)
Hash
c227bb42997647f734114335cdee8ded
61c8ca81fe5223e7f228ace674a5510e28f8bb4c
0849430ca23c787f9739969a3b8ed52cecf7f885ed177e6660e810537b4e9108

HTTP Headers

GET /owa/prem/16.2170.8.2502626/scripts/boot.worldwide.3.mouse.js HTTP/1.1
Host: r4.res.office365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
last-modified: Thu, 01 Mar 2018 22:03:28 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 144731
cache-control: public,max-age=630720000, s-maxage=630720000
date: Thu, 02 Feb 2023 11:35:32 GMT
timing-allow-origin: *
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

r4.res.office365.com/owa/prem/16.2170.8.2502626/resources/images/0/sprite1.mouse.png

95.101.10.209

200 OK

17 kB

URL HTTP/2
r4.res.office365.com/owa/prem/16.2170.8.2502626/resources/images/0/sprite1.mouse.png
IP
95.101.10.209:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 600 x 75, 8-bit/color RGBA, non-interlaced\012- data
Size
17 kB (16664 bytes)
Hash
2835f067dcf4c8a12464856267ca8ff7
ab0a6ccd3932d913314b1ff617f236750781a835
4b5cc3fed2c03c158abc3634c1f7700079fbc1e6183aa5e47a2064cfed87977c

HTTP Headers

GET /owa/prem/16.2170.8.2502626/resources/images/0/sprite1.mouse.png HTTP/1.1
Host: r4.res.office365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
last-modified: Thu, 01 Mar 2018 21:58:58 GMT
server: AkamaiNetStorage
content-length: 16664
cache-control: public,max-age=630720000, s-maxage=630720000
date: Thu, 02 Feb 2023 11:35:32 GMT
timing-allow-origin: *
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

r4.res.office365.com/owa/prem/16.2170.8.2502626/resources/images/0/sprite1.mouse.css

95.101.10.209

200 OK

1.1 kB

URL HTTP/2
r4.res.office365.com/owa/prem/16.2170.8.2502626/resources/images/0/sprite1.mouse.css
IP
95.101.10.209:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (7604), with no line terminators
Size
1.1 kB (1124 bytes)
Hash
a4e658970b457e73140a7b88a63533ae
b9f6b8d97fcade5e1bb38d48c153159af69fd68b
0be54357c66b84d5e8996b5efac2e89899b9d7481201431abe6cc806ae7c454e

HTTP Headers

GET /owa/prem/16.2170.8.2502626/resources/images/0/sprite1.mouse.css HTTP/1.1
Host: r4.res.office365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: text/css
last-modified: Thu, 01 Mar 2018 21:59:00 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 1124
cache-control: public,max-age=630720000, s-maxage=630720000
date: Thu, 02 Feb 2023 11:35:32 GMT
timing-allow-origin: *
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

r4.res.office365.com/owa/prem/16.2170.8.2502626/resources/styles/0/boot.worldwide.mouse.css

95.101.10.209

200 OK

44 kB

URL HTTP/2
r4.res.office365.com/owa/prem/16.2170.8.2502626/resources/styles/0/boot.worldwide.mouse.css
IP
95.101.10.209:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (65536), with no line terminators
Size
44 kB (44247 bytes)
Hash
5088d944056ceb529df40ac24c8b3f5b
5c8dc1ebe38e90314b2deec5ea7417888e1c731e
0cf03b1d1451e6c76c7ccd2320b11128dae2c0689f8fb1a7c5f4052c42e3ea73

HTTP Headers

GET /owa/prem/16.2170.8.2502626/resources/styles/0/boot.worldwide.mouse.css HTTP/1.1
Host: r4.res.office365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: text/css
last-modified: Thu, 01 Mar 2018 22:00:55 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 44247
cache-control: public,max-age=630720000, s-maxage=630720000
date: Thu, 02 Feb 2023 11:35:32 GMT
timing-allow-origin: *
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

wusofficehome.msocdn.com/s/6be72975/Areas/Home/Content/js/build/bundles/sharedScripts.js

23.43.138.32

403 Forbidden

0 B

URL HTTP/2
wusofficehome.msocdn.com/s/6be72975/Areas/Home/Content/js/build/bundles/sharedScripts.js
IP
23.43.138.32:0
ASN
#16625 AKAMAI-AS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s/6be72975/Areas/Home/Content/js/build/bundles/sharedScripts.js HTTP/1.1
Host: wusofficehome.msocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.attemplate.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 403 Forbidden
content-length: 0
request-context: appId=
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 02 Feb 2023 11:35:32 GMT
set-cookie: OH.SID=0e833fe0-9573-4640-b5a0-c022497f452d; path=/; secure; samesite=none; httponly
timing-allow-origin: *
X-Firefox-Spdy: h2

wusofficehome.msocdn.com/s/2f9f9c93/Areas/Home/Content/js/build/bundles/app-bundle.js

23.43.138.32

403 Forbidden

0 B

URL HTTP/2
wusofficehome.msocdn.com/s/2f9f9c93/Areas/Home/Content/js/build/bundles/app-bundle.js
IP
23.43.138.32:0
ASN
#16625 AKAMAI-AS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s/2f9f9c93/Areas/Home/Content/js/build/bundles/app-bundle.js HTTP/1.1
Host: wusofficehome.msocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.attemplate.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 403 Forbidden
content-length: 0
request-context: appId=
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 02 Feb 2023 11:35:32 GMT
set-cookie: OH.SID=37625456-e9e4-4eec-abaa-96cf75df0273; path=/; secure; samesite=none; httponly
timing-allow-origin: *
X-Firefox-Spdy: h2

wusofficehome.msocdn.com/s/19ef5923/Areas/Home/Content/js/build/bundles/vendor-bundle.js

23.43.138.32

403 Forbidden

0 B

URL HTTP/2
wusofficehome.msocdn.com/s/19ef5923/Areas/Home/Content/js/build/bundles/vendor-bundle.js
IP
23.43.138.32:0
ASN
#16625 AKAMAI-AS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s/19ef5923/Areas/Home/Content/js/build/bundles/vendor-bundle.js HTTP/1.1
Host: wusofficehome.msocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.attemplate.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 403 Forbidden
content-length: 0
request-context: appId=
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 02 Feb 2023 11:35:32 GMT
set-cookie: OH.SID=b7cb853f-00ba-4a5f-bfe1-c618baa95e1b; path=/; secure; samesite=none; httponly
timing-allow-origin: *
X-Firefox-Spdy: h2

wusofficehome.msocdn.com/s/b29e92f2/Areas/Home/Content/js/build/bundles/staticScripts.js

23.43.138.32

403 Forbidden

0 B

URL HTTP/2
wusofficehome.msocdn.com/s/b29e92f2/Areas/Home/Content/js/build/bundles/staticScripts.js
IP
23.43.138.32:0
ASN
#16625 AKAMAI-AS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s/b29e92f2/Areas/Home/Content/js/build/bundles/staticScripts.js HTTP/1.1
Host: wusofficehome.msocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.attemplate.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 403 Forbidden
content-length: 0
request-context: appId=
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 02 Feb 2023 11:35:32 GMT
set-cookie: OH.SID=0ceeac29-a1db-4375-90d5-8f0d669eef50; path=/; secure; samesite=none; httponly
timing-allow-origin: *
X-Firefox-Spdy: h2

www.attemplate.com/common/handlers/watson

13.107.238.53

500 Internal Server Error

4.3 kB

URL HTTP/2
www.attemplate.com/common/handlers/watson
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
4.3 kB (4270 bytes)
Hash
87306133c167ae6af4fcbc9fe0876b2b
4612a396f54161fbefb3a375bd8b640a302d03e8
c14468cdc2213365958a15b100e91d5b1722efed31f0eb898d838eb7114316fe

HTTP Headers

POST /common/handlers/watson HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=utf-8
canary: AQABAAAAAABHh4kmS_aKT5XrjzxRAtHzByAOmM8fpkvKw4pmLXe2B2zfR-dGJC7ZE_XiwLESgQono13jEoEudwaFfYbS-zBQP_Yi900yDXGDchlib2yXwFr4wifGHsKFmuBZ24Vjx8EyYALwzY3Ze9ETm_Pz1oKKoj5UyomNUgTMpvsO69Jo0okaQRk6XPpCpTQb8OBC9Tb79u9Xq2bMD7wtNDvalpa7j8x2WH64BMJpMNSQjMBGACAA
hpgid: 1104
hpgact: 1800
client-request-id: 72b50326-20c5-494b-941d-6db76a881875
X-Requested-With: XMLHttpRequest
Content-Length: 3833
Origin: https://www.attemplate.com
Connection: keep-alive
Referer: https://www.attemplate.com/nam/8ec64476-ea09-48dd-8d5c-7bca366d9edc/131c2363-fe1e-4435-94e1-12f95a667395/81b271f9-4ead-41cc-b58e-448b838c1578/login?id=OE11WFlYQ1podUJTTkFFUTFneFh2Qk0zd1JKMzUxVFgxNktOZnYzQzZFVWI1akhsRW9ZMWJ6TTRaMWFqbDllbDh0RmwyT0pTRU5EelI0aTFxTHdERDlDZDJ5c0xXVW9mUUkyQVkzYVBDek05K3h5S3dyTWlnOG5hdzNxTlhkSnJQSy9tSWRSVXhhQjd2S25PdDZuUGZaSW1ONkhmenpJYkFGQ2traktHNndXQzUwVUtzb1RqQTA5ai83SmhEb0FDNTN6bmZVZW40RlFzdHZ4Nm1xNHNrVnZqeGN3dWd6YlJpNnAzUml0L2JyRTFhWkEzZVpTQmlvc2ppUTlnR3E1aWFkNGlhMTVQVTUySTBzUC9MS3g4b3FQeDdQbWVkY3hJcmJQVjljY0RiWWNBMGdMODNHdFZzdENpSXBZNWlPOXF1ODhNWmR0ZVhMRFF5NEN2RGwwWlBEQVRWUEFEVTZHUk9XYnNmNlNLVVViMzRCeG9SRVNwTDZ0TGVFeVRjaUFM
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8IyPgjwWv39MkhxEcpw9XuaKGoEyeYWaeH1rQk7KzDLFs-sKt1jJAcAlb6KTSMHv571MS-SwnG4jb8Wpm6WXunIRb3wgQ1jrbyFnYFsZAJa7PYZQbIuvBun8oNP9xqv3hzdqAnRdIxv2juYEXAW-39M
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 500 Internal Server Error
content-type: text/html; charset=utf-8
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0AKDbYwAAAAAZg/97NIm2RKd2TOj8t+0MQ1BIMzBFREdFMDQxNgAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Thu, 02 Feb 2023 11:35:28 GMT
X-Firefox-Spdy: h2

wusofficehome.msocdn.com/s/7c18fcc8/Areas/Home/Content/js/build/bundles/react-bundle.js

23.43.138.32

403 Forbidden

0 B

URL HTTP/2
wusofficehome.msocdn.com/s/7c18fcc8/Areas/Home/Content/js/build/bundles/react-bundle.js
IP
23.43.138.32:0
ASN
#16625 AKAMAI-AS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s/7c18fcc8/Areas/Home/Content/js/build/bundles/react-bundle.js HTTP/1.1
Host: wusofficehome.msocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.attemplate.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 403 Forbidden
content-length: 0
request-context: appId=
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 02 Feb 2023 11:35:32 GMT
set-cookie: OH.SID=0f390245-34d0-47d6-8d47-8f54633cfac3; path=/; secure; samesite=none; httponly
timing-allow-origin: *
X-Firefox-Spdy: h2

wusofficehome.msocdn.com/s/fab5fe9a/Areas/Home/Content/images/document-sprite.png

23.43.138.32

403 Forbidden

0 B

URL HTTP/2
wusofficehome.msocdn.com/s/fab5fe9a/Areas/Home/Content/images/document-sprite.png
IP
23.43.138.32:0
ASN
#16625 AKAMAI-AS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s/fab5fe9a/Areas/Home/Content/images/document-sprite.png HTTP/1.1
Host: wusofficehome.msocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.attemplate.com/
Cookie: OH.SID=0f390245-34d0-47d6-8d47-8f54633cfac3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
content-length: 0
request-context: appId=
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 02 Feb 2023 11:35:32 GMT
set-cookie: OH.SID=a78eda72-9df6-4b12-b4eb-b614c7dea4ad; path=/; secure; samesite=none; httponly
timing-allow-origin: *
X-Firefox-Spdy: h2

wusofficehome.msocdn.com/s/c3caee40/Areas/Home/Content/images/fluent-background-sources/header-default-desktop.svg

23.43.138.32

403 Forbidden

0 B

URL HTTP/2
wusofficehome.msocdn.com/s/c3caee40/Areas/Home/Content/images/fluent-background-sources/header-default-desktop.svg
IP
23.43.138.32:0
ASN
#16625 AKAMAI-AS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s/c3caee40/Areas/Home/Content/images/fluent-background-sources/header-default-desktop.svg HTTP/1.1
Host: wusofficehome.msocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.attemplate.com/
Cookie: OH.SID=0f390245-34d0-47d6-8d47-8f54633cfac3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
content-length: 0
request-context: appId=
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 02 Feb 2023 11:35:32 GMT
set-cookie: OH.SID=a770fa06-1372-40c7-93ea-e3bea54c9e37; path=/; secure; samesite=none; httponly
timing-allow-origin: *
X-Firefox-Spdy: h2

wusofficehome.msocdn.com/s/398b5c2a/Areas/Home/Content/images/zero-docs-sprite.png

23.43.138.32

403 Forbidden

0 B

URL HTTP/2
wusofficehome.msocdn.com/s/398b5c2a/Areas/Home/Content/images/zero-docs-sprite.png
IP
23.43.138.32:0
ASN
#16625 AKAMAI-AS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s/398b5c2a/Areas/Home/Content/images/zero-docs-sprite.png HTTP/1.1
Host: wusofficehome.msocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.attemplate.com/
Cookie: OH.SID=0f390245-34d0-47d6-8d47-8f54633cfac3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
content-length: 0
request-context: appId=
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 02 Feb 2023 11:35:33 GMT
set-cookie: OH.SID=9ac9dc3a-aa32-4865-a672-3cb1218748e0; path=/; secure; samesite=none; httponly
timing-allow-origin: *
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ecb7da6-1717-43aa-b55e-cac2ea0272ce.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.0 kB (6993 bytes)
Hash
047bbffc1f0f6f90b9bccba83c5e0a9a
74d4eeea563d3d0514caf90cd7e99f368622c97b
d12c16dbb4c87c4b291fbf3b753bd330319bf7d29516669b0133391f08b9ce6c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ecb7da6-1717-43aa-b55e-cac2ea0272ce.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 6993
x-amzn-requestid: ee5c1412-d154-406e-ba9e-ea3690d949ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: flmoTE2tIAMF_KQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8849b-148eec716cba0bb43a597b37;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 03:01:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _XGsJtRAqYIjL30o4cH6u77adav7mLF2Ckbw_H2s_cCNx3hs7w-yRA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 07:02:14 GMT
age: 16400
etag: "74d4eeea563d3d0514caf90cd7e99f368622c97b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (17)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML