Report - www.attemplate.com/nam/ae5b7749-9cf6-4462-87d2-968f84423e47/fe2bd7cf-1e2f-4fce-a0f0-2077f060a4dd/00399d01-229f-489d-8a73-d250721e3979/login?id=a2dTd1NHM1poNUlZcUwreis2ZFRXR3JiMlUxekJKOEt6TXg3SE5LSEMxQWZMMG03cGZ1a0lMdTNCZndOM09iT3ZZTkVXMmFPQ0xRam1QQmtKR3JWbFhQbWJ6WjRwai9YYXJ2UEIxYitCLzNHK04xV2Q2QWFjZmFLaUcvbmxhejkrZHY1NVM4QkRxV2F3ampYaXQrUWNkLzQvVzlVcTZVK2tKalNxaG1Ic2t4MERMRzBwaWtsVDRVbk95dUd3RW1NeWlxMXA5TC8rVmMvMk1XdU5GVHNtSm55SHZaWCtPcmpWekNCZVFER1VudVhydXhYdGVFY01URDRWcFIrYXdnYWc1cGU0WkJpR2NkVTRLUUNib3JVbFlVR3ZsOUdQOUdaMTIvQmF2TmVzUUM4VUgzdG1oVGE4YTdreVBWaUo3NERUL1ZkY2hUNllhOStkMmxNbEhFQjdoT0cwSzlURmllQ3dpbjk2MlNiczYrNlBCM0pXWVlGQnVTK3Buc29kZHdm

Report Overview

Submitted URL
www.attemplate.com/nam/ae5b7749-9cf6-4462-87d2-968f84423e47/fe2bd7cf-1e2f-4fce-a0f0-2077f060a4dd/00399d01-229f-489d-8a73-d250721e3979/login?id=a2dTd1NHM1poNUlZcUwreis2ZFRXR3JiMlUxekJKOEt6TXg3SE5LSEMxQWZMMG03cGZ1a0lMdTNCZndOM09iT3ZZTkVXMmFPQ0xRam1QQmtKR3JWbFhQbWJ6WjRwai9YYXJ2UEIxYitCLzNHK04xV2Q2QWFjZmFLaUcvbmxhejkrZHY1NVM4QkRxV2F3ampYaXQrUWNkLzQvVzlVcTZVK2tKalNxaG1Ic2t4MERMRzBwaWtsVDRVbk95dUd3RW1NeWlxMXA5TC8rVmMvMk1XdU5GVHNtSm55SHZaWCtPcmpWekNCZVFER1VudVhydXhYdGVFY01URDRWcFIrYXdnYWc1cGU0WkJpR2NkVTRLUUNib3JVbFlVR3ZsOUdQOUdaMTIvQmF2TmVzUUM4VUgzdG1oVGE4YTdreVBWaUo3NERUL1ZkY2hUNllhOStkMmxNbEhFQjdoT0cwSzlURmllQ3dpbjk2MlNiczYrNlBCM0pXWVlGQnVTK3Buc29kZHdm
IP
13.107.238.53
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Submitted
2023-02-01 10:45:44
Access
Website Title
Final URL
Tags
microsoft
urlquery detections
Phishing - Microsoft

Detections

urlquery
11
Network Intrusion Detection
5
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.8 kB	61 kB	34.120.237.76
secure.aadcdn.microsoftonline-p.com	11744	2012-09-28T18:15:01Z	2023-03-13T06:39:29Z	1.3 kB	48 kB	104.110.16.53
r4.res.office365.com	180	2017-03-03T13:49:03Z	2023-03-12T22:42:59Z	3.1 kB	719 kB	23.36.79.11
wusofficehome.msocdn.com	unknown	2017-07-13T17:37:50Z	2023-03-12T05:25:18Z	4.2 kB	2.8 kB	23.32.25.29
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.9 kB	34.160.144.191
www.attemplate.com	168105	2020-07-14T10:34:04Z	2023-03-13T08:23:51Z	28 kB	5.6 MB	13.107.237.53
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	54.189.35.180
oneocsp.microsoft.com	1473	2020-08-13T08:58:55Z	2023-03-13T05:09:17Z	1.7 kB	11 kB	204.79.197.203
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.4 kB	6.2 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-02-01 10:45:52	low	Client IP	Internal IP	ET INFO Microsoft Attack Simulation Training Domain in DNS Lookup (attemplate .com)
2023-02-01 10:45:52	low	Client IP	Internal IP	ET INFO Microsoft Attack Simulation Training Domain in DNS Lookup (attemplate .com)
2023-02-01 10:45:52	low	13.107.237.53	Client IP	ET INFO Observed Microsoft Attack Simulation Training SSL Cert (attemplate .com)
2023-02-01 10:45:56	low	Client IP	Internal IP	ET INFO Microsoft Attack Simulation Training Domain in DNS Lookup (attemplate .com)
2023-02-01 10:45:56	low	Client IP	Internal IP	ET INFO Microsoft Attack Simulation Training Domain in DNS Lookup (attemplate .com)

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-01-31	medium	www.attemplate.com/nam/ae5b7749-9cf6-4462-87d2-968f84423e47/fe2bd7cf-1e2f-4fce-a0f0-2077f060a4dd/00399d01-229f-489d-8a73-d250721e3979/login?id=a2dTd1NHM1poNUlZcUwreis2ZFRXR3JiMlUxekJKOEt6TXg3SE5LSEMxQWZMMG03cGZ1a0lMdTNCZndOM09iT3ZZTkVXMmFPQ0xRam1QQmtKR3JWbFhQbWJ6WjRwai9YYXJ2UEIxYitCLzNHK04xV2Q2QWFjZmFLaUcvbmxhejkrZHY1NVM4QkRxV2F3ampYaXQrUWNkLzQvVzlVcTZVK2tKalNxaG1Ic2t4MERMRzBwaWtsVDRVbk95dUd3RW1NeWlxMXA5TC8rVmMvMk1XdU5GVHNtSm55SHZaWCtPcmpWekNCZVFER1VudVhydXhYdGVFY01URDRWcFIrYXdnYWc1cGU0WkJpR2NkVTRLUUNib3JVbFlVR3ZsOUdQOUdaMTIvQmF2TmVzUUM4VUgzdG1oVGE4YTdreVBWaUo3NERUL1ZkY2hUNllhOStkMmxNbEhFQjdoT0cwSzlURmllQ3dpbjk2MlNiczYrNlBCM0pXWVlGQnVTK3Buc29kZHdm	Outlook

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-01	medium	www.attemplate.com/nam/ae5b7749-9cf6-4462-87d2-968f84423e47/fe2bd7cf-1e2f-4fce-a0f0-2077f060a4dd/00399d01-229f-489d-8a73-d250721e3979/login?id=a2dTd1NHM1poNUlZcUwreis2ZFRXR3JiMlUxekJKOEt6TXg3SE5LSEMxQWZMMG03cGZ1a0lMdTNCZndOM09iT3ZZTkVXMmFPQ0xRam1QQmtKR3JWbFhQbWJ6WjRwai9YYXJ2UEIxYitCLzNHK04xV2Q2QWFjZmFLaUcvbmxhejkrZHY1NVM4QkRxV2F3ampYaXQrUWNkLzQvVzlVcTZVK2tKalNxaG1Ic2t4MERMRzBwaWtsVDRVbk95dUd3RW1NeWlxMXA5TC8rVmMvMk1XdU5GVHNtSm55SHZaWCtPcmpWekNCZVFER1VudVhydXhYdGVFY01URDRWcFIrYXdnYWc1cGU0WkJpR2NkVTRLUUNib3JVbFlVR3ZsOUdQOUdaMTIvQmF2TmVzUUM4VUgzdG1oVGE4YTdreVBWaUo3NERUL1ZkY2hUNllhOStkMmxNbEhFQjdoT0cwSzlURmllQ3dpbjk2MlNiczYrNlBCM0pXWVlGQnVTK3Buc29kZHdm	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (18)

	URL	Size	First Seen	Last Seen
	www.attemplate.com/Content/newSignInFiles/react-e173c92e.js	151 kB	2023-03-07	2023-11-08
Pretty URL www.attemplate.com/Content/newSignInFiles/react-e173c92e.js IP 13.107.237.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-11-08 19:12:43 Times Seen102 Hash e173c92e0f5b1f151fb56b251cacbc39 5a2ecc596693c47856d22c7f240c9b9568bb96a0 66bcaf33e9ff0218ddd697bfcc5067e10840ae8055f271dcf7d5a37ade6ee22f Loading...

	www.attemplate.com/Content/newSignInFiles/convergedlogin_pcore.min.js	450 kB	2023-03-07	2023-11-08
Pretty URL www.attemplate.com/Content/newSignInFiles/convergedlogin_pcore.min.js IP 13.107.237.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-11-08 19:12:43 Times Seen103 Hash 9ae1e96885da36ab5aacdaf54eeb8305 34084f5f515dab11fc20b63089d5d1a80e75d478 e4a459ed9bf635aaf0bbcfb36142c32264378f2dd25aa79bae136dfd55dd5888 Loading...

	www.attemplate.com/Content/newSignInFiles/morescript.js	328 B	2023-03-07	2023-11-08
Pretty URL www.attemplate.com/Content/newSignInFiles/morescript.js IP 13.107.237.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-11-08 19:12:42 Times Seen56 Hash cdc1345ed28507c3f7f087141a5fe4fa 3d8213e5488b7d932d1ef0d12463b7f33b66002d 71eb8e5c44c27a46a180c5b1fc4a3e32105f90adb93b1f0a616a27beca3aadc4 Loading...

	secure.aadcdn.microsoftonline-p.com/ests/2.1.7362.11/content/cdnbundles/frameworksupport.min.js	12 kB	2023-03-07	2023-04-01
Pretty URL secure.aadcdn.microsoftonline-p.com/ests/2.1.7362.11/content/cdnbundles/frameworksupport.min.js IP 104.110.16.53 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-04-01 11:16:27 Times Seen8 Hash b55a6463821a68f54a3888438ddd3dd1 cb1d9cc53904b1d3ef924cf10f8fc747dc04f51d 88a2cd50484dc544c495c777714fa6f87d0bde1329d1117fd0d664522577bb27 Loading...

	www.attemplate.com/Content/newSignInFiles/share.html	35 kB	2023-03-07	2023-11-08
Pretty URL www.attemplate.com/Content/newSignInFiles/share.html IP 13.107.237.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-11-08 19:12:42 Times Seen46 Hash ef04bdeb82acf8466f7584f6cc7542cd f7eee7882c38e7e5ffa0b518e8ce31effb800243 515e769f47d67533d5b68f30d564770ad4b4d05d0cd214294f1f31546a2eac47 Loading...

	www.attemplate.com/Content/newSignInFiles/odbshare.resx-30cb8c0f.js	55 kB	2023-03-07	2023-11-08
Pretty URL www.attemplate.com/Content/newSignInFiles/odbshare.resx-30cb8c0f.js IP 13.107.237.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-11-08 19:12:43 Times Seen97 Hash 30cb8c0f0121ecf0d7e72f25e99db372 d5569b73a452b935da0394cda601ef83e69e5361 df5b5ebcb8f62fb2e24b77c57d71f02f98705370ccad457e4ca214975ab77498 Loading...

	www.attemplate.com/Content/newSignInFiles/share.html	24 kB	2023-03-07	2023-09-23
Pretty URL www.attemplate.com/Content/newSignInFiles/share.html IP 13.107.237.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-09-23 15:42:44 Times Seen15 Hash 0f5baa89ee099fbb3a035ec7f83a428c 4585a41e2d76e4bbd677150672812ff42729a97f 39aefd9185afbccba2fb3bb2a51fde5258fed555638fa18147f1b4ee54c2f562 Loading...

	www.attemplate.com/Content/newSignInFiles/convergedloginpaginatedstrings-en.min.js	12 kB	2023-03-07	2023-11-08
Pretty URL www.attemplate.com/Content/newSignInFiles/convergedloginpaginatedstrings-en.min.js IP 13.107.237.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-11-08 19:12:43 Times Seen103 Hash a43abb7b73ede723d909515b0db8567c 31a5c6d3c518e3b27d96a8c4749ef20d9b028ced 8176927c483b9c3c64aedb655264870a59e608a653ed5045c3091382829b4f89 Loading...

	www.attemplate.com/nam/ae5b7749-9cf6-4462-87d2-968f84423e47/fe2bd7cf-1e2f-4fce-a0f0-2077f060a4dd/00399d01-229f-489d-8a73-d250721e3979/login?id=a2dTd1NHM1poNUlZcUwreis2ZFRXR3JiMlUxekJKOEt6TXg3SE5LSEMxQWZMMG03cGZ1a0lMdTNCZndOM09iT3ZZTkVXMmFPQ0xRam1QQmtKR3JWbFhQbWJ6WjRwai9YYXJ2UEIxYitCLzNHK04xV2Q2QWFjZmFLaUcvbmxhejkrZHY1NVM4QkRxV2F3ampYaXQrUWNkLzQvVzlVcTZVK2tKalNxaG1Ic2t4MERMRzBwaWtsVDRVbk95dUd3RW1NeWlxMXA5TC8rVmMvMk1XdU5GVHNtSm55SHZaWCtPcmpWekNCZVFER1VudVhydXhYdGVFY01URDRWcFIrYXdnYWc1cGU0WkJpR2NkVTRLUUNib3JVbFlVR3ZsOUdQOUdaMTIvQmF2TmVzUUM4VUgzdG1oVGE4YTdreVBWaUo3NERUL1ZkY2hUNllhOStkMmxNbEhFQjdoT0cwSzlURmllQ3dpbjk2MlNiczYrNlBCM0pXWVlGQnVTK3Buc29kZHdm	35 B	2023-03-07	2024-04-26
Pretty URL www.attemplate.com/nam/ae5b7749-9cf6-4462-87d2-968f84423e47/fe2bd7cf-1e2f-4fce-a0f0-2077f060a4dd/00399d01-229f-489d-8a73-d250721e3979/login?id=a2dTd1NHM1poNUlZcUwreis2ZFRXR3JiMlUxekJKOEt6TXg3SE5LSEMxQWZMMG03cGZ1a0lMdTNCZndOM09iT3ZZTkVXMmFPQ0xRam1QQmtKR3JWbFhQbWJ6WjRwai9YYXJ2UEIxYitCLzNHK04xV2Q2QWFjZmFLaUcvbmxhejkrZHY1NVM4QkRxV2F3ampYaXQrUWNkLzQvVzlVcTZVK2tKalNxaG1Ic2t4MERMRzBwaWtsVDRVbk95dUd3RW1NeWlxMXA5TC8rVmMvMk1XdU5GVHNtSm55SHZaWCtPcmpWekNCZVFER1VudVhydXhYdGVFY01URDRWcFIrYXdnYWc1cGU0WkJpR2NkVTRLUUNib3JVbFlVR3ZsOUdQOUdaMTIvQmF2TmVzUUM4VUgzdG1oVGE4YTdreVBWaUo3NERUL1ZkY2hUNllhOStkMmxNbEhFQjdoT0cwSzlURmllQ3dpbjk2MlNiczYrNlBCM0pXWVlGQnVTK3Buc29kZHdm IP 13.107.237.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:22 Last Seen2024-04-26 19:54:20 Times Seen47273 Hash 2badc56bc4d494e70d476b2e4efd31da 384c5f0842cd2f786b0acc4cb159b75ad3620d46 8684cc6fc8b42cd798a7e1416fda8af6cea601dca2ecd3a253acfd9649f58fcb Loading...

	www.attemplate.com/nam/ae5b7749-9cf6-4462-87d2-968f84423e47/fe2bd7cf-1e2f-4fce-a0f0-2077f060a4dd/00399d01-229f-489d-8a73-d250721e3979/login?id=a2dTd1NHM1poNUlZcUwreis2ZFRXR3JiMlUxekJKOEt6TXg3SE5LSEMxQWZMMG03cGZ1a0lMdTNCZndOM09iT3ZZTkVXMmFPQ0xRam1QQmtKR3JWbFhQbWJ6WjRwai9YYXJ2UEIxYitCLzNHK04xV2Q2QWFjZmFLaUcvbmxhejkrZHY1NVM4QkRxV2F3ampYaXQrUWNkLzQvVzlVcTZVK2tKalNxaG1Ic2t4MERMRzBwaWtsVDRVbk95dUd3RW1NeWlxMXA5TC8rVmMvMk1XdU5GVHNtSm55SHZaWCtPcmpWekNCZVFER1VudVhydXhYdGVFY01URDRWcFIrYXdnYWc1cGU0WkJpR2NkVTRLUUNib3JVbFlVR3ZsOUdQOUdaMTIvQmF2TmVzUUM4VUgzdG1oVGE4YTdreVBWaUo3NERUL1ZkY2hUNllhOStkMmxNbEhFQjdoT0cwSzlURmllQ3dpbjk2MlNiczYrNlBCM0pXWVlGQnVTK3Buc29kZHdm	221 B	2023-03-07	2023-04-01
Pretty URL www.attemplate.com/nam/ae5b7749-9cf6-4462-87d2-968f84423e47/fe2bd7cf-1e2f-4fce-a0f0-2077f060a4dd/00399d01-229f-489d-8a73-d250721e3979/login?id=a2dTd1NHM1poNUlZcUwreis2ZFRXR3JiMlUxekJKOEt6TXg3SE5LSEMxQWZMMG03cGZ1a0lMdTNCZndOM09iT3ZZTkVXMmFPQ0xRam1QQmtKR3JWbFhQbWJ6WjRwai9YYXJ2UEIxYitCLzNHK04xV2Q2QWFjZmFLaUcvbmxhejkrZHY1NVM4QkRxV2F3ampYaXQrUWNkLzQvVzlVcTZVK2tKalNxaG1Ic2t4MERMRzBwaWtsVDRVbk95dUd3RW1NeWlxMXA5TC8rVmMvMk1XdU5GVHNtSm55SHZaWCtPcmpWekNCZVFER1VudVhydXhYdGVFY01URDRWcFIrYXdnYWc1cGU0WkJpR2NkVTRLUUNib3JVbFlVR3ZsOUdQOUdaMTIvQmF2TmVzUUM4VUgzdG1oVGE4YTdreVBWaUo3NERUL1ZkY2hUNllhOStkMmxNbEhFQjdoT0cwSzlURmllQ3dpbjk2MlNiczYrNlBCM0pXWVlGQnVTK3Buc29kZHdm IP 13.107.237.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-04-01 11:16:27 Times Seen8 Hash a9ec8a33ba1064ce8bbc83ad69efa945 3828ee725a60da38881aef8fd0e0ebeca06c6c21 f73547e27486fa96a96268157e5c3ce357dbaca7fa90414f76ff50acbcf6079c Loading...

	secure.aadcdn.microsoftonline-p.com/ests/2.1.7362.11/content/cdnbundles/watsonsupport.min.js	110 kB	2023-03-07	2023-04-01
Pretty URL secure.aadcdn.microsoftonline-p.com/ests/2.1.7362.11/content/cdnbundles/watsonsupport.min.js IP 104.110.16.53 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-04-01 11:16:27 Times Seen8 Hash fc098ef8e126673c91f8ded2b3838d29 60a2d48e2f02a8cbe51cabe43570d87467596399 080ff245615e719959bc5537e164ac4495c4b8036462dfee2076dd92f22c8491 Loading...

	www.attemplate.com/Content/newSignInFiles/share.html	621 B	2023-03-07	2023-09-23
Pretty URL www.attemplate.com/Content/newSignInFiles/share.html IP 13.107.237.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-09-23 15:42:44 Times Seen15 Hash 3fdeba0eb1acd02cd6045f34eb526aa7 7970356bc379bd64c5c42b0baed6b25d886c979c 92dde2be41a02bee18b719bd3ac8a75a90e98233dce02f5340f1f78e2fc9b10c Loading...

	www.attemplate.com/Content/newSignInFiles/jsonjs.js	10 kB	2023-03-07	2023-11-08
Pretty URL www.attemplate.com/Content/newSignInFiles/jsonjs.js IP 13.107.237.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-11-08 19:12:43 Times Seen103 Hash 37ea9ecfb21e1348970d981b0cc9f68c 2c74e0956dd4e1f49f7726eedec967d43c9221b5 3c49e5eeb628e98c3dfc5282c440d21b38a0d42bf45d8e281c1a7478d200c793 Loading...

	www.attemplate.com/Content/newSignInFiles/firstScript.js	54 kB	2023-03-07	2023-11-08
Pretty URL www.attemplate.com/Content/newSignInFiles/firstScript.js IP 13.107.237.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-11-08 19:12:42 Times Seen56 Hash 47a8ef7b2b7935647a084ddfd48bef89 7651b909aeee3e7c84dc3203a821f1267f44f92f 9379ff0c77be162cf90c75a24bf557433ae2612e05594988317f7fb4f164bda9 Loading...

	secure.aadcdn.microsoftonline-p.com/ests/2.1.7362.11/content/cdnbundles/watson.min.js	8.9 kB	2023-03-07	2023-04-01
Pretty URL secure.aadcdn.microsoftonline-p.com/ests/2.1.7362.11/content/cdnbundles/watson.min.js IP 104.110.16.53 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-04-01 11:16:27 Times Seen8 Hash 85ae679948ef1ef084a07eb290777f91 c61b332b6d8a3782c29b299de5c6a218e6e33a5c 87eaf7626d0083e4a253666a1c95d8e44cb17f80d854d499d942d8f65cca7b62 Loading...

	www.attemplate.com/Content/newSignInFiles/odbshare-deca58ee.js	1.3 MB	2023-03-07	2023-11-08
Pretty URL www.attemplate.com/Content/newSignInFiles/odbshare-deca58ee.js IP 13.107.237.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-11-08 19:12:43 Times Seen98 Hash 36e4d5260114c1c0aaaf543f60242abe 216bb5e7b2d7b3ea2fa94be5bd0daaa8420d9294 23f0ff28cbffa80317fd222cb6b7857cfd2075be3bccebfac2cbc97ad1747da6 Loading...

	www.attemplate.com/Content/newSignInFiles/knockout-b324ae36.js	66 kB	2023-03-07	2023-11-08
Pretty URL www.attemplate.com/Content/newSignInFiles/knockout-b324ae36.js IP 13.107.237.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-11-08 19:12:43 Times Seen102 Hash 1fe900de2fc85937b8fd66b912d5ec98 1aa37910ecec33bee345da74cd5ee50feb85fbe1 5052bc6222b5c7990b21575a67fbeb1396e550fb03d11b86c9bc96dbb8a9e4e7 Loading...

	www.attemplate.com/Content/newSignInFiles/prefetch_1.html	1.9 kB	2023-03-07	2023-04-01
Pretty URL www.attemplate.com/Content/newSignInFiles/prefetch_1.html IP 13.107.237.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-04-01 11:16:27 Times Seen8 Hash 05dc58ba58975f98bbf4f48f21e234cb 7610b0032f2073231a3c2a39ad1d9d7e87ff1422 d22b93001fac13bd145370d6377a7fe2ebceff36fc612218aab69e45fd6c4f62 Loading...

HTTP Transactions (72)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13572
Expires: Wed, 01 Feb 2023 14:31:43 GMT
Date: Wed, 01 Feb 2023 10:45:31 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7e05c8461bd2dc5a149f71e2c465ea29
705983959c887e243cb55a8a1796757b579ee977
4d9ea085d5dda9dabed11af9847c2b0aa6182358673b356a4e2bd631e22a9922

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D9EA085D5DDA9DABED11AF9847C2B0AA6182358673B356A4E2BD631E22A9922"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7806
Expires: Wed, 01 Feb 2023 12:55:37 GMT
Date: Wed, 01 Feb 2023 10:45:31 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 01 Feb 2023 10:36:01 GMT
content-type: application/json
age: 570
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3637
Expires: Wed, 01 Feb 2023 11:46:08 GMT
Date: Wed, 01 Feb 2023 10:45:31 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: tW6YzJZi3kX/zE71Tnkqmm51CYzfukjOEr0JfVNhXqQmv7JZcQXyscuZ8zDuKVD11Vxj+iYX2CN6jId7y/1IPw==
x-amz-request-id: JBGBK1DH7CVY4K42
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 01 Feb 2023 10:22:37 GMT
age: 1374
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 10:45:31 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 01 Feb 2023 10:41:42 GMT
age: 230
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7779
Expires: Wed, 01 Feb 2023 12:55:11 GMT
Date: Wed, 01 Feb 2023 10:45:32 GMT
Connection: keep-alive

push.services.mozilla.com/

54.189.35.180

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.189.35.180:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: jCld+fztYWzCP29gGRY2ew==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: k1JXHdZ475AikihNi9zfnA5rzXk=

www.attemplate.com/Content/newSignInFiles/jsonjs.js

13.107.237.53

200 OK

10 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/jsonjs.js
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (9380), with CRLF line terminators
Size
10 kB (10323 bytes)
Hash
37ea9ecfb21e1348970d981b0cc9f68c
2c74e0956dd4e1f49f7726eedec967d43c9221b5
3c49e5eeb628e98c3dfc5282c440d21b38a0d42bf45d8e281c1a7478d200c793

HTTP Headers

GET /Content/newSignInFiles/jsonjs.js HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/nam/ae5b7749-9cf6-4462-87d2-968f84423e47/fe2bd7cf-1e2f-4fce-a0f0-2077f060a4dd/00399d01-229f-489d-8a73-d250721e3979/login?id=a2dTd1NHM1poNUlZcUwreis2ZFRXR3JiMlUxekJKOEt6TXg3SE5LSEMxQWZMMG03cGZ1a0lMdTNCZndOM09iT3ZZTkVXMmFPQ0xRam1QQmtKR3JWbFhQbWJ6WjRwai9YYXJ2UEIxYitCLzNHK04xV2Q2QWFjZmFLaUcvbmxhejkrZHY1NVM4QkRxV2F3ampYaXQrUWNkLzQvVzlVcTZVK2tKalNxaG1Ic2t4MERMRzBwaWtsVDRVbk95dUd3RW1NeWlxMXA5TC8rVmMvMk1XdU5GVHNtSm55SHZaWCtPcmpWekNCZVFER1VudVhydXhYdGVFY01URDRWcFIrYXdnYWc1cGU0WkJpR2NkVTRLUUNib3JVbFlVR3ZsOUdQOUdaMTIvQmF2TmVzUUM4VUgzdG1oVGE4YTdreVBWaUo3NERUL1ZkY2hUNllhOStkMmxNbEhFQjdoT0cwSzlURmllQ3dpbjk2MlNiczYrNlBCM0pXWVlGQnVTK3Buc29kZHdm
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8IyPgjwWv39MkhxEcpw9XuY-OavfZ0w3Ptkb5UtjXQlco2oktZKGvJuR87AEoqUof4UXZ4AA60bL-BIX1koCa3iEyZNQP6bC_YWuqPF2d_xwUrsQTAAjwk8Nyy2kkkUZm7rrKBS4tmfUpHW64Onx_v8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 10323
content-type: application/javascript
last-modified: Fri, 27 Jan 2023 04:53:51 GMT
accept-ranges: bytes
etag: "1d9320b5965b1d3"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0zELaYwAAAAAa5hvt7W7FSqusgV56IFxNQ1BIMzBFREdFMDQxMgAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Wed, 01 Feb 2023 10:45:32 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/ellipsis_grey.svg

13.107.237.53

200 OK

915 B

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/ellipsis_grey.svg
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (915), with no line terminators
Size
915 B (915 bytes)
Hash
2b5d393db04a5e6e1f739cb266e65b4c
6a435df5cac3d58ccad655fe022ccf3dd4b9b721
16c3f6531d0fa5b4d16e82abf066233b2a9f284c068c663699313c09f5e8d6e6

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /Content/newSignInFiles/ellipsis_grey.svg HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/nam/ae5b7749-9cf6-4462-87d2-968f84423e47/fe2bd7cf-1e2f-4fce-a0f0-2077f060a4dd/00399d01-229f-489d-8a73-d250721e3979/login?id=a2dTd1NHM1poNUlZcUwreis2ZFRXR3JiMlUxekJKOEt6TXg3SE5LSEMxQWZMMG03cGZ1a0lMdTNCZndOM09iT3ZZTkVXMmFPQ0xRam1QQmtKR3JWbFhQbWJ6WjRwai9YYXJ2UEIxYitCLzNHK04xV2Q2QWFjZmFLaUcvbmxhejkrZHY1NVM4QkRxV2F3ampYaXQrUWNkLzQvVzlVcTZVK2tKalNxaG1Ic2t4MERMRzBwaWtsVDRVbk95dUd3RW1NeWlxMXA5TC8rVmMvMk1XdU5GVHNtSm55SHZaWCtPcmpWekNCZVFER1VudVhydXhYdGVFY01URDRWcFIrYXdnYWc1cGU0WkJpR2NkVTRLUUNib3JVbFlVR3ZsOUdQOUdaMTIvQmF2TmVzUUM4VUgzdG1oVGE4YTdreVBWaUo3NERUL1ZkY2hUNllhOStkMmxNbEhFQjdoT0cwSzlURmllQ3dpbjk2MlNiczYrNlBCM0pXWVlGQnVTK3Buc29kZHdm
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8IyPgjwWv39MkhxEcpw9XuY-OavfZ0w3Ptkb5UtjXQlco2oktZKGvJuR87AEoqUof4UXZ4AA60bL-BIX1koCa3iEyZNQP6bC_YWuqPF2d_xwUrsQTAAjwk8Nyy2kkkUZm7rrKBS4tmfUpHW64Onx_v8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 915
content-type: image/svg+xml
last-modified: Fri, 27 Jan 2023 05:17:58 GMT
accept-ranges: bytes
etag: "1d9320eb7e04493"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0zULaYwAAAAAMQJp4M8CDQbPKisPt5RaFQ1BIMzBFREdFMDQxMgAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Wed, 01 Feb 2023 10:45:32 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/firstScript.js

13.107.237.53

200 OK

54 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/firstScript.js
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (39807), with CRLF line terminators
Size
54 kB (54099 bytes)
Hash
da5d678cfa62ab32b62a8123e923f822
ea31c64aa7f094ed21ea0acaa054fbe0745235fe
9fabe69e40bbff565755bbc408ba923e8d05867969c34e5448d334c8914d2ba0

HTTP Headers

GET /Content/newSignInFiles/firstScript.js HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/nam/ae5b7749-9cf6-4462-87d2-968f84423e47/fe2bd7cf-1e2f-4fce-a0f0-2077f060a4dd/00399d01-229f-489d-8a73-d250721e3979/login?id=a2dTd1NHM1poNUlZcUwreis2ZFRXR3JiMlUxekJKOEt6TXg3SE5LSEMxQWZMMG03cGZ1a0lMdTNCZndOM09iT3ZZTkVXMmFPQ0xRam1QQmtKR3JWbFhQbWJ6WjRwai9YYXJ2UEIxYitCLzNHK04xV2Q2QWFjZmFLaUcvbmxhejkrZHY1NVM4QkRxV2F3ampYaXQrUWNkLzQvVzlVcTZVK2tKalNxaG1Ic2t4MERMRzBwaWtsVDRVbk95dUd3RW1NeWlxMXA5TC8rVmMvMk1XdU5GVHNtSm55SHZaWCtPcmpWekNCZVFER1VudVhydXhYdGVFY01URDRWcFIrYXdnYWc1cGU0WkJpR2NkVTRLUUNib3JVbFlVR3ZsOUdQOUdaMTIvQmF2TmVzUUM4VUgzdG1oVGE4YTdreVBWaUo3NERUL1ZkY2hUNllhOStkMmxNbEhFQjdoT0cwSzlURmllQ3dpbjk2MlNiczYrNlBCM0pXWVlGQnVTK3Buc29kZHdm
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8IyPgjwWv39MkhxEcpw9XuY-OavfZ0w3Ptkb5UtjXQlco2oktZKGvJuR87AEoqUof4UXZ4AA60bL-BIX1koCa3iEyZNQP6bC_YWuqPF2d_xwUrsQTAAjwk8Nyy2kkkUZm7rrKBS4tmfUpHW64Onx_v8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 54099
content-type: application/javascript
last-modified: Fri, 27 Jan 2023 05:18:54 GMT
accept-ranges: bytes
etag: "1d9320ed941e053"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0zELaYwAAAADQYZmEDoAARYHTiCQCh3+JQ1BIMzBFREdFMDQxMgAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Wed, 01 Feb 2023 10:45:32 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/morescript.js

13.107.237.53

200 OK

331 B

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/morescript.js
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (326), with CRLF line terminators
Size
331 B (331 bytes)
Hash
8bc03f0ed1d4ec8b123abc818f236ec9
8d5327da68684b0949c5b388f2b2eab3dc77b42e
58fa1f189953f9c0b6209827f64e8ce65318374e075c30f74cad566ed733fe69

HTTP Headers

GET /Content/newSignInFiles/morescript.js HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/nam/ae5b7749-9cf6-4462-87d2-968f84423e47/fe2bd7cf-1e2f-4fce-a0f0-2077f060a4dd/00399d01-229f-489d-8a73-d250721e3979/login?id=a2dTd1NHM1poNUlZcUwreis2ZFRXR3JiMlUxekJKOEt6TXg3SE5LSEMxQWZMMG03cGZ1a0lMdTNCZndOM09iT3ZZTkVXMmFPQ0xRam1QQmtKR3JWbFhQbWJ6WjRwai9YYXJ2UEIxYitCLzNHK04xV2Q2QWFjZmFLaUcvbmxhejkrZHY1NVM4QkRxV2F3ampYaXQrUWNkLzQvVzlVcTZVK2tKalNxaG1Ic2t4MERMRzBwaWtsVDRVbk95dUd3RW1NeWlxMXA5TC8rVmMvMk1XdU5GVHNtSm55SHZaWCtPcmpWekNCZVFER1VudVhydXhYdGVFY01URDRWcFIrYXdnYWc1cGU0WkJpR2NkVTRLUUNib3JVbFlVR3ZsOUdQOUdaMTIvQmF2TmVzUUM4VUgzdG1oVGE4YTdreVBWaUo3NERUL1ZkY2hUNllhOStkMmxNbEhFQjdoT0cwSzlURmllQ3dpbjk2MlNiczYrNlBCM0pXWVlGQnVTK3Buc29kZHdm
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8IyPgjwWv39MkhxEcpw9XuY-OavfZ0w3Ptkb5UtjXQlco2oktZKGvJuR87AEoqUof4UXZ4AA60bL-BIX1koCa3iEyZNQP6bC_YWuqPF2d_xwUrsQTAAjwk8Nyy2kkkUZm7rrKBS4tmfUpHW64Onx_v8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 331
content-type: application/javascript
last-modified: Wed, 25 Jan 2023 10:42:40 GMT
accept-ranges: bytes
etag: "1d930a9bf3a114b"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0zELaYwAAAAC/scC3e/p/RaTZdwfngp75Q1BIMzBFREdFMDQxMgAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Wed, 01 Feb 2023 10:45:32 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/converged.login.min.css

13.107.237.53

200 OK

88 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/converged.login.min.css
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (61123), with CRLF line terminators
Size
88 kB (88187 bytes)
Hash
962d66b5fa6c30ab93ed4762d692b0b6
264402864833193dc83aea439dfc26bbeae4199e
b975857eea84eb27fe2effc01b4045800b81d6e358b37a7a876ba813351745ce

HTTP Headers

GET /Content/newSignInFiles/converged.login.min.css HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/nam/ae5b7749-9cf6-4462-87d2-968f84423e47/fe2bd7cf-1e2f-4fce-a0f0-2077f060a4dd/00399d01-229f-489d-8a73-d250721e3979/login?id=a2dTd1NHM1poNUlZcUwreis2ZFRXR3JiMlUxekJKOEt6TXg3SE5LSEMxQWZMMG03cGZ1a0lMdTNCZndOM09iT3ZZTkVXMmFPQ0xRam1QQmtKR3JWbFhQbWJ6WjRwai9YYXJ2UEIxYitCLzNHK04xV2Q2QWFjZmFLaUcvbmxhejkrZHY1NVM4QkRxV2F3ampYaXQrUWNkLzQvVzlVcTZVK2tKalNxaG1Ic2t4MERMRzBwaWtsVDRVbk95dUd3RW1NeWlxMXA5TC8rVmMvMk1XdU5GVHNtSm55SHZaWCtPcmpWekNCZVFER1VudVhydXhYdGVFY01URDRWcFIrYXdnYWc1cGU0WkJpR2NkVTRLUUNib3JVbFlVR3ZsOUdQOUdaMTIvQmF2TmVzUUM4VUgzdG1oVGE4YTdreVBWaUo3NERUL1ZkY2hUNllhOStkMmxNbEhFQjdoT0cwSzlURmllQ3dpbjk2MlNiczYrNlBCM0pXWVlGQnVTK3Buc29kZHdm
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8IyPgjwWv39MkhxEcpw9XuY-OavfZ0w3Ptkb5UtjXQlco2oktZKGvJuR87AEoqUof4UXZ4AA60bL-BIX1koCa3iEyZNQP6bC_YWuqPF2d_xwUrsQTAAjwk8Nyy2kkkUZm7rrKBS4tmfUpHW64Onx_v8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 88187
content-type: text/css
last-modified: Mon, 30 Jan 2023 10:22:59 GMT
accept-ranges: bytes
etag: "1d93494d35ddbfb"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0zELaYwAAAAC+xMCBFvPJQIqn6TQjbTSdQ1BIMzBFREdFMDQxMgAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Wed, 01 Feb 2023 10:45:32 GMT
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13478
Expires: Wed, 01 Feb 2023 14:30:11 GMT
Date: Wed, 01 Feb 2023 10:45:33 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13478
Expires: Wed, 01 Feb 2023 14:30:11 GMT
Date: Wed, 01 Feb 2023 10:45:33 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13478
Expires: Wed, 01 Feb 2023 14:30:11 GMT
Date: Wed, 01 Feb 2023 10:45:33 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57810a89-c2fa-4da6-8c38-d7ab4682343c.jpeg

34.120.237.76

200 OK

4.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57810a89-c2fa-4da6-8c38-d7ab4682343c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.6 kB (4588 bytes)
Hash
23fba3309226071f6f44081c3a92bc0b
21119ea71d26ab157ec491f9cf68918d63310fb4
b29c1f3f6966e08bd3954275c8d2a3ae44a352b41e5d3f04203b55f65708fafc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57810a89-c2fa-4da6-8c38-d7ab4682343c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4588
x-amzn-requestid: 1d726cce-35c6-42d7-a592-8f22f1bd310a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJr4GXvoAMFXvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bcb2-71af755c24ba2e9a39f17451;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:01:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DzgQlPECoiRf-pZjVVk-EsjIl0kVj0b-BfiWBgUEFamma1pYDUMP6A==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 14:29:26 GMT
age: 72967
etag: "21119ea71d26ab157ec491f9cf68918d63310fb4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8735 bytes)
Hash
23db22ce2120fbb0ae6109e1a046062d
2068c8d9a5bc30a17be658e198e26c64a80703cf
f307ba6c4929d9f0c9354334b7baea878da379138489d9689bb777c4da308dab

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8735
x-amzn-requestid: f466c962-7b12-4923-a4be-7ff9fce372a0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaWFP_IAMF9wA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-7a8c027d58f5b9132bb68a33;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XtqfgDxskGIUmZdRj2nrGDpo9KvECk528eLZV29xNx3h7CLOu49mnQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:42:19 GMT
age: 46994
etag: "2068c8d9a5bc30a17be658e198e26c64a80703cf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8597 bytes)
Hash
27e95b7912edc909d6b031e36fe83534
eb27fae0bb17dbe0929a620002195233ef50c1d0
b32e7e1a2eee367c5bf9e99bcb38f4c74c4e9e7bdfe7fb0f8f2a657060c0624c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8597
x-amzn-requestid: e7bf4ac9-d86d-4ee9-9e10-8a42e5dfe2c6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fcRaNEW4IAMFatA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d4c90d-7731312f630b00ba028836ca;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 07:04:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: z3ZJ7bq6LuJd-9I9D22VIs0avctNGVDKnYmt-fxevCheQibivmUomQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 13:15:35 GMT
age: 77398
etag: "eb27fae0bb17dbe0929a620002195233ef50c1d0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9600 bytes)
Hash
3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aZOeDFqBJQoGwLpIs-GpPvY0FKGCAOXY6MgzG32qzX-kVzUCKKv-kw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 02:29:58 GMT
age: 29735
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb48b6dde-a831-4a2a-91f4-75df52be0b31.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6773 bytes)
Hash
d2189ff7eee65e0fde9be79c994b1d1e
c82caabf73415755643b9ab874364162e798f58c
f0d08ab954f728a73a30d22c874019789d55b64a6160d5dafe4d08249f2e9ed4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb48b6dde-a831-4a2a-91f4-75df52be0b31.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6773
x-amzn-requestid: b3b6b388-dd50-4a4d-83e0-219b0d285f4c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foee_GcdoAMFRWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9aac6-286883827020ff9a1412030c;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 23:56:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 59jJ-7FGO_UqZi7pUGx6h9imXp1a5bOeAbKFkDQBC91qQ2lnyyl11w==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 00:13:02 GMT
etag: "c82caabf73415755643b9ab874364162e798f58c"
content-type: image/jpeg
age: 37951
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49ea501c-c491-40c1-82ec-c750680af9df.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.3 kB (9282 bytes)
Hash
e4354120b504a8b1d1c3f4e206eb4611
ba854dec74347525b20dbf3b4e5c13876d56aa1c
bc921fe78a71864819998207c13b5c3ca7913275a4503119c5d105ad7827c377

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49ea501c-c491-40c1-82ec-c750680af9df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9282
x-amzn-requestid: f448477b-b445-46fa-8aee-8c5c527ee95b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: feqp8FuToAMFxDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5be3f-30fbf0dd70d17878651809a0;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 00:30:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XGTtVMp42cyJ-Xmh0D-ECG50tJe_AZWIir602PjdJ1CwsAygJpbJyA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 04:00:34 GMT
age: 24299
etag: "ba854dec74347525b20dbf3b4e5c13876d56aa1c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.attemplate.com/nam/ae5b7749-9cf6-4462-87d2-968f84423e47/fe2bd7cf-1e2f-4fce-a0f0-2077f060a4dd/00399d01-229f-489d-8a73-d250721e3979/login?id=a2dTd1NHM1poNUlZcUwreis2ZFRXR3JiMlUxekJKOEt6TXg3SE5LSEMxQWZMMG03cGZ1a0lMdTNCZndOM09iT3ZZTkVXMmFPQ0xRam1QQmtKR3JWbFhQbWJ6WjRwai9YYXJ2UEIxYitCLzNHK04xV2Q2QWFjZmFLaUcvbmxhejkrZHY1NVM4QkRxV2F3ampYaXQrUWNkLzQvVzlVcTZVK2tKalNxaG1Ic2t4MERMRzBwaWtsVDRVbk95dUd3RW1NeWlxMXA5TC8rVmMvMk1XdU5GVHNtSm55SHZaWCtPcmpWekNCZVFER1VudVhydXhYdGVFY01URDRWcFIrYXdnYWc1cGU0WkJpR2NkVTRLUUNib3JVbFlVR3ZsOUdQOUdaMTIvQmF2TmVzUUM4VUgzdG1oVGE4YTdreVBWaUo3NERUL1ZkY2hUNllhOStkMmxNbEhFQjdoT0cwSzlURmllQ3dpbjk2MlNiczYrNlBCM0pXWVlGQnVTK3Buc29kZHdm

13.107.237.53

200 OK

28 kB

URL HTTP/2
www.attemplate.com/nam/ae5b7749-9cf6-4462-87d2-968f84423e47/fe2bd7cf-1e2f-4fce-a0f0-2077f060a4dd/00399d01-229f-489d-8a73-d250721e3979/login?id=a2dTd1NHM1poNUlZcUwreis2ZFRXR3JiMlUxekJKOEt6TXg3SE5LSEMxQWZMMG03cGZ1a0lMdTNCZndOM09iT3ZZTkVXMmFPQ0xRam1QQmtKR3JWbFhQbWJ6WjRwai9YYXJ2UEIxYitCLzNHK04xV2Q2QWFjZmFLaUcvbmxhejkrZHY1NVM4QkRxV2F3ampYaXQrUWNkLzQvVzlVcTZVK2tKalNxaG1Ic2t4MERMRzBwaWtsVDRVbk95dUd3RW1NeWlxMXA5TC8rVmMvMk1XdU5GVHNtSm55SHZaWCtPcmpWekNCZVFER1VudVhydXhYdGVFY01URDRWcFIrYXdnYWc1cGU0WkJpR2NkVTRLUUNib3JVbFlVR3ZsOUdQOUdaMTIvQmF2TmVzUUM4VUgzdG1oVGE4YTdreVBWaUo3NERUL1ZkY2hUNllhOStkMmxNbEhFQjdoT0cwSzlURmllQ3dpbjk2MlNiczYrNlBCM0pXWVlGQnVTK3Buc29kZHdm
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2652), with CRLF line terminators
Size
28 kB (28187 bytes)
Hash
1b3ef12e81cadb4ba945252d5928b3d7
0e50ea22245e4a774b4032899697e7ce78810bf4
189dcdbf3c270a272ccd48a38732fec3c3f4860220985e444993e7a345d091dc

Detections

Analyzer	Verdict	Alert
openphish	Outlook
fortinet	Phishing

HTTP Headers

GET /nam/ae5b7749-9cf6-4462-87d2-968f84423e47/fe2bd7cf-1e2f-4fce-a0f0-2077f060a4dd/00399d01-229f-489d-8a73-d250721e3979/login?id=a2dTd1NHM1poNUlZcUwreis2ZFRXR3JiMlUxekJKOEt6TXg3SE5LSEMxQWZMMG03cGZ1a0lMdTNCZndOM09iT3ZZTkVXMmFPQ0xRam1QQmtKR3JWbFhQbWJ6WjRwai9YYXJ2UEIxYitCLzNHK04xV2Q2QWFjZmFLaUcvbmxhejkrZHY1NVM4QkRxV2F3ampYaXQrUWNkLzQvVzlVcTZVK2tKalNxaG1Ic2t4MERMRzBwaWtsVDRVbk95dUd3RW1NeWlxMXA5TC8rVmMvMk1XdU5GVHNtSm55SHZaWCtPcmpWekNCZVFER1VudVhydXhYdGVFY01URDRWcFIrYXdnYWc1cGU0WkJpR2NkVTRLUUNib3JVbFlVR3ZsOUdQOUdaMTIvQmF2TmVzUUM4VUgzdG1oVGE4YTdreVBWaUo3NERUL1ZkY2hUNllhOStkMmxNbEhFQjdoT0cwSzlURmllQ3dpbjk2MlNiczYrNlBCM0pXWVlGQnVTK3Buc29kZHdm HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
set-cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8IyPgjwWv39MkhxEcpw9XuY-OavfZ0w3Ptkb5UtjXQlco2oktZKGvJuR87AEoqUof4UXZ4AA60bL-BIX1koCa3iEyZNQP6bC_YWuqPF2d_xwUrsQTAAjwk8Nyy2kkkUZm7rrKBS4tmfUpHW64Onx_v8; path=/; samesite=strict; httponly
request-context: appId=
strict-transport-security: max-age=2592000
x-frame-options: SAMEORIGIN
x-cache: CONFIG_NOCACHE
x-azure-ref: 0y0LaYwAAAABmXwtNMYjtQ7KytsJI31HiQ1BIMzBFREdFMDQxMgAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Wed, 01 Feb 2023 10:45:31 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/microsoft_logo.svg

13.107.237.53

200 OK

3.7 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/microsoft_logo.svg
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (3651), with no line terminators
Size
3.7 kB (3651 bytes)
Hash
ee5c8d9fb6248c938fd0dc19370e90bd
d01a22720918b781338b5bbf9202b241a5f99ee4
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /Content/newSignInFiles/microsoft_logo.svg HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/nam/ae5b7749-9cf6-4462-87d2-968f84423e47/fe2bd7cf-1e2f-4fce-a0f0-2077f060a4dd/00399d01-229f-489d-8a73-d250721e3979/login?id=a2dTd1NHM1poNUlZcUwreis2ZFRXR3JiMlUxekJKOEt6TXg3SE5LSEMxQWZMMG03cGZ1a0lMdTNCZndOM09iT3ZZTkVXMmFPQ0xRam1QQmtKR3JWbFhQbWJ6WjRwai9YYXJ2UEIxYitCLzNHK04xV2Q2QWFjZmFLaUcvbmxhejkrZHY1NVM4QkRxV2F3ampYaXQrUWNkLzQvVzlVcTZVK2tKalNxaG1Ic2t4MERMRzBwaWtsVDRVbk95dUd3RW1NeWlxMXA5TC8rVmMvMk1XdU5GVHNtSm55SHZaWCtPcmpWekNCZVFER1VudVhydXhYdGVFY01URDRWcFIrYXdnYWc1cGU0WkJpR2NkVTRLUUNib3JVbFlVR3ZsOUdQOUdaMTIvQmF2TmVzUUM4VUgzdG1oVGE4YTdreVBWaUo3NERUL1ZkY2hUNllhOStkMmxNbEhFQjdoT0cwSzlURmllQ3dpbjk2MlNiczYrNlBCM0pXWVlGQnVTK3Buc29kZHdm
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8IyPgjwWv39MkhxEcpw9XuY-OavfZ0w3Ptkb5UtjXQlco2oktZKGvJuR87AEoqUof4UXZ4AA60bL-BIX1koCa3iEyZNQP6bC_YWuqPF2d_xwUrsQTAAjwk8Nyy2kkkUZm7rrKBS4tmfUpHW64Onx_v8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 3651
content-type: image/svg+xml
last-modified: Fri, 27 Jan 2023 04:53:43 GMT
accept-ranges: bytes
etag: "1d9320b54a0ebc3"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0zELaYwAAAAA3SgRsw2rlTra3uubg7ifRQ1BIMzBFREdFMDQxMgAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Wed, 01 Feb 2023 10:45:33 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/convergedloginpaginatedstrings-en.min.js

13.107.237.53

200 OK

12 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/convergedloginpaginatedstrings-en.min.js
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 text, with very long lines (12112), with no line terminators
Size
12 kB (12121 bytes)
Hash
a43abb7b73ede723d909515b0db8567c
31a5c6d3c518e3b27d96a8c4749ef20d9b028ced
8176927c483b9c3c64aedb655264870a59e608a653ed5045c3091382829b4f89

HTTP Headers

GET /Content/newSignInFiles/convergedloginpaginatedstrings-en.min.js HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/nam/ae5b7749-9cf6-4462-87d2-968f84423e47/fe2bd7cf-1e2f-4fce-a0f0-2077f060a4dd/00399d01-229f-489d-8a73-d250721e3979/login?id=a2dTd1NHM1poNUlZcUwreis2ZFRXR3JiMlUxekJKOEt6TXg3SE5LSEMxQWZMMG03cGZ1a0lMdTNCZndOM09iT3ZZTkVXMmFPQ0xRam1QQmtKR3JWbFhQbWJ6WjRwai9YYXJ2UEIxYitCLzNHK04xV2Q2QWFjZmFLaUcvbmxhejkrZHY1NVM4QkRxV2F3ampYaXQrUWNkLzQvVzlVcTZVK2tKalNxaG1Ic2t4MERMRzBwaWtsVDRVbk95dUd3RW1NeWlxMXA5TC8rVmMvMk1XdU5GVHNtSm55SHZaWCtPcmpWekNCZVFER1VudVhydXhYdGVFY01URDRWcFIrYXdnYWc1cGU0WkJpR2NkVTRLUUNib3JVbFlVR3ZsOUdQOUdaMTIvQmF2TmVzUUM4VUgzdG1oVGE4YTdreVBWaUo3NERUL1ZkY2hUNllhOStkMmxNbEhFQjdoT0cwSzlURmllQ3dpbjk2MlNiczYrNlBCM0pXWVlGQnVTK3Buc29kZHdm
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8IyPgjwWv39MkhxEcpw9XuY-OavfZ0w3Ptkb5UtjXQlco2oktZKGvJuR87AEoqUof4UXZ4AA60bL-BIX1koCa3iEyZNQP6bC_YWuqPF2d_xwUrsQTAAjwk8Nyy2kkkUZm7rrKBS4tmfUpHW64Onx_v8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 12121
content-type: application/javascript
last-modified: Fri, 27 Jan 2023 05:17:46 GMT
accept-ranges: bytes
etag: "1d9320eb0b91659"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0zELaYwAAAADj4B3nek5ZT7PBN5WSMHhyQ1BIMzBFREdFMDQxMgAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Wed, 01 Feb 2023 10:45:33 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/convergedlogin_pcore.min.js

13.107.237.53

200 OK

450 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/convergedlogin_pcore.min.js
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (32002), with CRLF line terminators
Size
450 kB (450214 bytes)
Hash
9ae1e96885da36ab5aacdaf54eeb8305
34084f5f515dab11fc20b63089d5d1a80e75d478
e4a459ed9bf635aaf0bbcfb36142c32264378f2dd25aa79bae136dfd55dd5888

HTTP Headers

GET /Content/newSignInFiles/convergedlogin_pcore.min.js HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/nam/ae5b7749-9cf6-4462-87d2-968f84423e47/fe2bd7cf-1e2f-4fce-a0f0-2077f060a4dd/00399d01-229f-489d-8a73-d250721e3979/login?id=a2dTd1NHM1poNUlZcUwreis2ZFRXR3JiMlUxekJKOEt6TXg3SE5LSEMxQWZMMG03cGZ1a0lMdTNCZndOM09iT3ZZTkVXMmFPQ0xRam1QQmtKR3JWbFhQbWJ6WjRwai9YYXJ2UEIxYitCLzNHK04xV2Q2QWFjZmFLaUcvbmxhejkrZHY1NVM4QkRxV2F3ampYaXQrUWNkLzQvVzlVcTZVK2tKalNxaG1Ic2t4MERMRzBwaWtsVDRVbk95dUd3RW1NeWlxMXA5TC8rVmMvMk1XdU5GVHNtSm55SHZaWCtPcmpWekNCZVFER1VudVhydXhYdGVFY01URDRWcFIrYXdnYWc1cGU0WkJpR2NkVTRLUUNib3JVbFlVR3ZsOUdQOUdaMTIvQmF2TmVzUUM4VUgzdG1oVGE4YTdreVBWaUo3NERUL1ZkY2hUNllhOStkMmxNbEhFQjdoT0cwSzlURmllQ3dpbjk2MlNiczYrNlBCM0pXWVlGQnVTK3Buc29kZHdm
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8IyPgjwWv39MkhxEcpw9XuY-OavfZ0w3Ptkb5UtjXQlco2oktZKGvJuR87AEoqUof4UXZ4AA60bL-BIX1koCa3iEyZNQP6bC_YWuqPF2d_xwUrsQTAAjwk8Nyy2kkkUZm7rrKBS4tmfUpHW64Onx_v8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 450214
content-type: application/javascript
last-modified: Fri, 27 Jan 2023 04:46:35 GMT
accept-ranges: bytes
etag: "1d9320a55839926"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0zELaYwAAAADjRI8NGZMeQYRiv5a49zLvQ1BIMzBFREdFMDQxMgAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Wed, 01 Feb 2023 10:45:32 GMT
X-Firefox-Spdy: h2

secure.aadcdn.microsoftonline-p.com/ests/2.1.7362.11/content/cdnbundles/watsonsupport.min.js

104.110.16.53

200 OK

38 kB

URL HTTP/1.1
secure.aadcdn.microsoftonline-p.com/ests/2.1.7362.11/content/cdnbundles/watsonsupport.min.js
IP
104.110.16.53:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (32083)
Size
38 kB (38473 bytes)
Hash
ba1f871fe9fbfe0ad04cebb6fadb310a
4cda39e75d7150e0848afbcc792b219b9aa94199
a012ac4ab760ff33f4687ff7a7ab204025e229ee9dd8b15f271d464f6a935c64

HTTP Headers

GET /ests/2.1.7362.11/content/cdnbundles/watsonsupport.min.js HTTP/1.1
Host: secure.aadcdn.microsoftonline-p.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Length: 38473
Content-Type: application/x-javascript
Content-Encoding: gzip
Content-MD5: uh+HH+n7/grQTOu2+tsxCg==
Last-Modified: Sat, 18 May 2019 15:11:34 GMT
Cache-Control: public, max-age=93592
Date: Wed, 01 Feb 2023 10:45:35 GMT
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Origin: *

secure.aadcdn.microsoftonline-p.com/ests/2.1.7362.11/content/cdnbundles/frameworksupport.min.js

104.110.16.53

200 OK

4.9 kB

URL HTTP/1.1
secure.aadcdn.microsoftonline-p.com/ests/2.1.7362.11/content/cdnbundles/frameworksupport.min.js
IP
104.110.16.53:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (10924)
Size
4.9 kB (4855 bytes)
Hash
d3e0516c821ba596614af3b0d3362b82
56353c5fbb6a76635521e378f91f6d6f80ccf611
e229fe312a20c124015ffbcf6f03b72fb91cef7641297d28e5e737c4bed96260

HTTP Headers

GET /ests/2.1.7362.11/content/cdnbundles/frameworksupport.min.js HTTP/1.1
Host: secure.aadcdn.microsoftonline-p.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Length: 4855
Content-Type: application/x-javascript
Content-Encoding: gzip
Content-MD5: 0+BRbIIbpZZhSvOw0zYrgg==
Last-Modified: Sat, 18 May 2019 15:12:35 GMT
Cache-Control: public, max-age=93541
Date: Wed, 01 Feb 2023 10:45:35 GMT
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Origin: *

secure.aadcdn.microsoftonline-p.com/ests/2.1.7362.11/content/cdnbundles/watson.min.js

104.110.16.53

200 OK

3.8 kB

URL HTTP/1.1
secure.aadcdn.microsoftonline-p.com/ests/2.1.7362.11/content/cdnbundles/watson.min.js
IP
104.110.16.53:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (8878), with no line terminators
Size
3.8 kB (3780 bytes)
Hash
5b5f0189c1948f02eb830e159946889e
b8cc8fa54058a613c29d355d432f967390dfdf6b
63e479c4b1297ac1553593205650af172e1225447a9b8a1faac306d5d496942f

HTTP Headers

GET /ests/2.1.7362.11/content/cdnbundles/watson.min.js HTTP/1.1
Host: secure.aadcdn.microsoftonline-p.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Length: 3780
Content-Type: application/x-javascript
Content-Encoding: gzip
Content-MD5: W18BicGUjwLrgw4VmUaIng==
Last-Modified: Sat, 18 May 2019 15:11:58 GMT
Cache-Control: public, max-age=93505
Date: Wed, 01 Feb 2023 10:45:35 GMT
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Origin: *

www.attemplate.com/Content/newSignInFiles/0-small.jpg

13.107.237.53

200 OK

1.0 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/0-small.jpg
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, xresolution=98, yresolution=106, resolutionunit=2, software=paint.net 4.0.13], baseline, precision 8, 50x28, components 3\012- data
Size
1.0 kB (1029 bytes)
Hash
12f4b8b543125cc986c79cd85320812f
e3142c687fe873e1a6a7d29016c7a451b8a2850f
c13db279143e1845ee4aaee5afedc5bd75e9f7d50024b63883b45332c4960b3b

HTTP Headers

GET /Content/newSignInFiles/0-small.jpg HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/nam/ae5b7749-9cf6-4462-87d2-968f84423e47/fe2bd7cf-1e2f-4fce-a0f0-2077f060a4dd/00399d01-229f-489d-8a73-d250721e3979/login?id=a2dTd1NHM1poNUlZcUwreis2ZFRXR3JiMlUxekJKOEt6TXg3SE5LSEMxQWZMMG03cGZ1a0lMdTNCZndOM09iT3ZZTkVXMmFPQ0xRam1QQmtKR3JWbFhQbWJ6WjRwai9YYXJ2UEIxYitCLzNHK04xV2Q2QWFjZmFLaUcvbmxhejkrZHY1NVM4QkRxV2F3ampYaXQrUWNkLzQvVzlVcTZVK2tKalNxaG1Ic2t4MERMRzBwaWtsVDRVbk95dUd3RW1NeWlxMXA5TC8rVmMvMk1XdU5GVHNtSm55SHZaWCtPcmpWekNCZVFER1VudVhydXhYdGVFY01URDRWcFIrYXdnYWc1cGU0WkJpR2NkVTRLUUNib3JVbFlVR3ZsOUdQOUdaMTIvQmF2TmVzUUM4VUgzdG1oVGE4YTdreVBWaUo3NERUL1ZkY2hUNllhOStkMmxNbEhFQjdoT0cwSzlURmllQ3dpbjk2MlNiczYrNlBCM0pXWVlGQnVTK3Buc29kZHdm
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8IyPgjwWv39MkhxEcpw9XuY-OavfZ0w3Ptkb5UtjXQlco2oktZKGvJuR87AEoqUof4UXZ4AA60bL-BIX1koCa3iEyZNQP6bC_YWuqPF2d_xwUrsQTAAjwk8Nyy2kkkUZm7rrKBS4tmfUpHW64Onx_v8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 1029
content-type: image/jpeg
last-modified: Fri, 27 Jan 2023 04:46:35 GMT
accept-ranges: bytes
etag: "1d9320a55854385"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0z0LaYwAAAABoSLW+YphOR4umP/eZUgLYQ1BIMzBFREdFMDQxMgAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Wed, 01 Feb 2023 10:45:34 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/0.jpg

13.107.237.53

200 OK

298 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/0.jpg
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, xresolution=98, yresolution=106, resolutionunit=2, software=paint.net 4.0.13], baseline, precision 8, 1920x1080, components 3\012- data
Size
298 kB (298105 bytes)
Hash
f5a9a9531b8f4bcc86eabb19472d15d5
0aac0b09708622c679768aa62b11d95f0e8388de
62faab60433070e2ea52c235f0f18db228759f2a08bb6f9e5711630df8321214

HTTP Headers

GET /Content/newSignInFiles/0.jpg HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/nam/ae5b7749-9cf6-4462-87d2-968f84423e47/fe2bd7cf-1e2f-4fce-a0f0-2077f060a4dd/00399d01-229f-489d-8a73-d250721e3979/login?id=a2dTd1NHM1poNUlZcUwreis2ZFRXR3JiMlUxekJKOEt6TXg3SE5LSEMxQWZMMG03cGZ1a0lMdTNCZndOM09iT3ZZTkVXMmFPQ0xRam1QQmtKR3JWbFhQbWJ6WjRwai9YYXJ2UEIxYitCLzNHK04xV2Q2QWFjZmFLaUcvbmxhejkrZHY1NVM4QkRxV2F3ampYaXQrUWNkLzQvVzlVcTZVK2tKalNxaG1Ic2t4MERMRzBwaWtsVDRVbk95dUd3RW1NeWlxMXA5TC8rVmMvMk1XdU5GVHNtSm55SHZaWCtPcmpWekNCZVFER1VudVhydXhYdGVFY01URDRWcFIrYXdnYWc1cGU0WkJpR2NkVTRLUUNib3JVbFlVR3ZsOUdQOUdaMTIvQmF2TmVzUUM4VUgzdG1oVGE4YTdreVBWaUo3NERUL1ZkY2hUNllhOStkMmxNbEhFQjdoT0cwSzlURmllQ3dpbjk2MlNiczYrNlBCM0pXWVlGQnVTK3Buc29kZHdm
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8IyPgjwWv39MkhxEcpw9XuY-OavfZ0w3Ptkb5UtjXQlco2oktZKGvJuR87AEoqUof4UXZ4AA60bL-BIX1koCa3iEyZNQP6bC_YWuqPF2d_xwUrsQTAAjwk8Nyy2kkkUZm7rrKBS4tmfUpHW64Onx_v8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 298105
content-type: image/jpeg
last-modified: Fri, 27 Jan 2023 05:02:53 GMT
accept-ranges: bytes
etag: "1d9320c9c70b0f9"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0z0LaYwAAAAActga3BddwR4ewMuXhP8JtQ1BIMzBFREdFMDQxMgAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Wed, 01 Feb 2023 10:45:34 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/prefetch.html

13.107.237.53

200 OK

1.8 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/prefetch.html
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
1.8 kB (1756 bytes)
Hash
a9661376c6d3c89c6448e8efdce7fcfe
5f861ddc8c0d18fc4f1ad6f04a1232504b0e3f27
c7972543b426a4ea331b3de94b4c29071d2b69ec5b2616b7af195c5cf531e72f

HTTP Headers

GET /Content/newSignInFiles/prefetch.html HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/nam/ae5b7749-9cf6-4462-87d2-968f84423e47/fe2bd7cf-1e2f-4fce-a0f0-2077f060a4dd/00399d01-229f-489d-8a73-d250721e3979/login?id=a2dTd1NHM1poNUlZcUwreis2ZFRXR3JiMlUxekJKOEt6TXg3SE5LSEMxQWZMMG03cGZ1a0lMdTNCZndOM09iT3ZZTkVXMmFPQ0xRam1QQmtKR3JWbFhQbWJ6WjRwai9YYXJ2UEIxYitCLzNHK04xV2Q2QWFjZmFLaUcvbmxhejkrZHY1NVM4QkRxV2F3ampYaXQrUWNkLzQvVzlVcTZVK2tKalNxaG1Ic2t4MERMRzBwaWtsVDRVbk95dUd3RW1NeWlxMXA5TC8rVmMvMk1XdU5GVHNtSm55SHZaWCtPcmpWekNCZVFER1VudVhydXhYdGVFY01URDRWcFIrYXdnYWc1cGU0WkJpR2NkVTRLUUNib3JVbFlVR3ZsOUdQOUdaMTIvQmF2TmVzUUM4VUgzdG1oVGE4YTdreVBWaUo3NERUL1ZkY2hUNllhOStkMmxNbEhFQjdoT0cwSzlURmllQ3dpbjk2MlNiczYrNlBCM0pXWVlGQnVTK3Buc29kZHdm
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8IyPgjwWv39MkhxEcpw9XuY-OavfZ0w3Ptkb5UtjXQlco2oktZKGvJuR87AEoqUof4UXZ4AA60bL-BIX1koCa3iEyZNQP6bC_YWuqPF2d_xwUrsQTAAjwk8Nyy2kkkUZm7rrKBS4tmfUpHW64Onx_v8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 1756
content-type: text/html
last-modified: Mon, 30 Jan 2023 06:03:31 GMT
accept-ranges: bytes
etag: "1d93470941c3d5c"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0z0LaYwAAAABXwTMIBqQxS6udCyN+iz/VQ1BIMzBFREdFMDQxMgAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Wed, 01 Feb 2023 10:45:34 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/staticStylesFluent.css

13.107.237.53

200 OK

42 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/staticStylesFluent.css
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (42370), with no line terminators
Size
42 kB (42370 bytes)
Hash
91eabe9f6d879f4ca72b65493213bd68
0f6815e186b3c08e4e4aa3105282db2588c9dd33
3e17954a96ef8fdab6b6c32b08452a5e555f3c95a3ac691913542b54198c3dc5

HTTP Headers

GET /Content/newSignInFiles/staticStylesFluent.css HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/Content/newSignInFiles/prefetch.html
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8IyPgjwWv39MkhxEcpw9XuY-OavfZ0w3Ptkb5UtjXQlco2oktZKGvJuR87AEoqUof4UXZ4AA60bL-BIX1koCa3iEyZNQP6bC_YWuqPF2d_xwUrsQTAAjwk8Nyy2kkkUZm7rrKBS4tmfUpHW64Onx_v8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 42370
content-type: text/css
last-modified: Fri, 27 Jan 2023 05:14:18 GMT
accept-ranges: bytes
etag: "1d9320e34be5482"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0z0LaYwAAAAAyCglvZ5CGT6Ny2UNtPM0PQ1BIMzBFREdFMDQxMgAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Wed, 01 Feb 2023 10:45:35 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/sharedFontStyles.css

13.107.237.53

200 OK

81 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/sharedFontStyles.css
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (65536), with no line terminators
Size
81 kB (80753 bytes)
Hash
f2b550ccd5342b303f228c6c21b75a5a
1f0d44968065c0e7c6c94c48b64df85fd87319ee
0365a3907c20a89c185786deb53076a06d0c823926153a46d534359e05b3fd94

HTTP Headers

GET /Content/newSignInFiles/sharedFontStyles.css HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/Content/newSignInFiles/prefetch.html
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8IyPgjwWv39MkhxEcpw9XuY-OavfZ0w3Ptkb5UtjXQlco2oktZKGvJuR87AEoqUof4UXZ4AA60bL-BIX1koCa3iEyZNQP6bC_YWuqPF2d_xwUrsQTAAjwk8Nyy2kkkUZm7rrKBS4tmfUpHW64Onx_v8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 80753
content-type: text/css
last-modified: Thu, 26 Jan 2023 04:07:24 GMT
accept-ranges: bytes
etag: "1d9313bb1cc5d71"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0z0LaYwAAAAA/YhZywBMgSLdgVv70jKbtQ1BIMzBFREdFMDQxMgAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Wed, 01 Feb 2023 10:45:35 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/share.html

13.107.237.53

200 OK

61 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/share.html
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (34636), with CRLF line terminators
Size
61 kB (61050 bytes)
Hash
9a3bb6d1929df442683d0042a4da4736
f40f88e9c5043f43ce176313738f0242bc741ddb
1f2052b393bc87d22c4320ac95cfa8e0e0b5e6e505be6e49c9b8158df02ff1be

HTTP Headers

GET /Content/newSignInFiles/share.html HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/Content/newSignInFiles/prefetch.html
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8IyPgjwWv39MkhxEcpw9XuY-OavfZ0w3Ptkb5UtjXQlco2oktZKGvJuR87AEoqUof4UXZ4AA60bL-BIX1koCa3iEyZNQP6bC_YWuqPF2d_xwUrsQTAAjwk8Nyy2kkkUZm7rrKBS4tmfUpHW64Onx_v8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 61050
content-type: text/html
last-modified: Fri, 27 Jan 2023 04:46:35 GMT
accept-ranges: bytes
etag: "1d9320a5585a9fa"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0z0LaYwAAAAAS8vIugcOpR7+iQ9hUpDMSQ1BIMzBFREdFMDQxMgAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Wed, 01 Feb 2023 10:45:35 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/favicon_a.ico

13.107.237.53

200 OK

17 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/favicon_a.ico
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors\012- data
Size
17 kB (17174 bytes)
Hash
12e3dac858061d088023b2bd48e2fa96
e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /Content/newSignInFiles/favicon_a.ico HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/nam/ae5b7749-9cf6-4462-87d2-968f84423e47/fe2bd7cf-1e2f-4fce-a0f0-2077f060a4dd/00399d01-229f-489d-8a73-d250721e3979/login?id=a2dTd1NHM1poNUlZcUwreis2ZFRXR3JiMlUxekJKOEt6TXg3SE5LSEMxQWZMMG03cGZ1a0lMdTNCZndOM09iT3ZZTkVXMmFPQ0xRam1QQmtKR3JWbFhQbWJ6WjRwai9YYXJ2UEIxYitCLzNHK04xV2Q2QWFjZmFLaUcvbmxhejkrZHY1NVM4QkRxV2F3ampYaXQrUWNkLzQvVzlVcTZVK2tKalNxaG1Ic2t4MERMRzBwaWtsVDRVbk95dUd3RW1NeWlxMXA5TC8rVmMvMk1XdU5GVHNtSm55SHZaWCtPcmpWekNCZVFER1VudVhydXhYdGVFY01URDRWcFIrYXdnYWc1cGU0WkJpR2NkVTRLUUNib3JVbFlVR3ZsOUdQOUdaMTIvQmF2TmVzUUM4VUgzdG1oVGE4YTdreVBWaUo3NERUL1ZkY2hUNllhOStkMmxNbEhFQjdoT0cwSzlURmllQ3dpbjk2MlNiczYrNlBCM0pXWVlGQnVTK3Buc29kZHdm
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8IyPgjwWv39MkhxEcpw9XuY-OavfZ0w3Ptkb5UtjXQlco2oktZKGvJuR87AEoqUof4UXZ4AA60bL-BIX1koCa3iEyZNQP6bC_YWuqPF2d_xwUrsQTAAjwk8Nyy2kkkUZm7rrKBS4tmfUpHW64Onx_v8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 17174
content-type: image/x-icon
last-modified: Thu, 26 Jan 2023 03:50:41 GMT
accept-ranges: bytes
etag: "1d931395bf7fd96"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0z0LaYwAAAABuiTn0zgaNQqGkXvk32q7XQ1BIMzBFREdFMDQxMgAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Wed, 01 Feb 2023 10:45:35 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/odbshare.resx-30cb8c0f.js

13.107.237.53

200 OK

55 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/odbshare.resx-30cb8c0f.js
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 text, with very long lines (54840), with no line terminators
Size
55 kB (54846 bytes)
Hash
30cb8c0f0121ecf0d7e72f25e99db372
d5569b73a452b935da0394cda601ef83e69e5361
df5b5ebcb8f62fb2e24b77c57d71f02f98705370ccad457e4ca214975ab77498

HTTP Headers

GET /Content/newSignInFiles/odbshare.resx-30cb8c0f.js HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.attemplate.com/Content/newSignInFiles/share.html
Connection: keep-alive
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8IyPgjwWv39MkhxEcpw9XuY-OavfZ0w3Ptkb5UtjXQlco2oktZKGvJuR87AEoqUof4UXZ4AA60bL-BIX1koCa3iEyZNQP6bC_YWuqPF2d_xwUrsQTAAjwk8Nyy2kkkUZm7rrKBS4tmfUpHW64Onx_v8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 54846
content-type: application/javascript
last-modified: Fri, 27 Jan 2023 04:53:51 GMT
accept-ranges: bytes
etag: "1d9320b59654fbe"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 00ELaYwAAAABX+3o8EI+KSZjLM1OmDDpPQ1BIMzBFREdFMDQxMgAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Wed, 01 Feb 2023 10:45:35 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/react-e173c92e.js

13.107.237.53

200 OK

151 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/react-e173c92e.js
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (65536), with no line terminators
Size
151 kB (150787 bytes)
Hash
e173c92e0f5b1f151fb56b251cacbc39
5a2ecc596693c47856d22c7f240c9b9568bb96a0
66bcaf33e9ff0218ddd697bfcc5067e10840ae8055f271dcf7d5a37ade6ee22f

HTTP Headers

GET /Content/newSignInFiles/react-e173c92e.js HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.attemplate.com/Content/newSignInFiles/share.html
Connection: keep-alive
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8IyPgjwWv39MkhxEcpw9XuY-OavfZ0w3Ptkb5UtjXQlco2oktZKGvJuR87AEoqUof4UXZ4AA60bL-BIX1koCa3iEyZNQP6bC_YWuqPF2d_xwUrsQTAAjwk8Nyy2kkkUZm7rrKBS4tmfUpHW64Onx_v8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 150787
content-type: application/javascript
last-modified: Fri, 27 Jan 2023 05:18:54 GMT
accept-ranges: bytes
etag: "1d9320ed9437e03"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 00ELaYwAAAABxu1pKpRdvSK5aYqmE5r7wQ1BIMzBFREdFMDQxMgAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Wed, 01 Feb 2023 10:45:35 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/odbshare-deca58ee.js

13.107.237.53

200 OK

1.3 MB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/odbshare-deca58ee.js
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (52526), with CRLF line terminators
Size
1.3 MB (1267037 bytes)
Hash
36e4d5260114c1c0aaaf543f60242abe
216bb5e7b2d7b3ea2fa94be5bd0daaa8420d9294
23f0ff28cbffa80317fd222cb6b7857cfd2075be3bccebfac2cbc97ad1747da6

HTTP Headers

GET /Content/newSignInFiles/odbshare-deca58ee.js HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.attemplate.com/Content/newSignInFiles/share.html
Connection: keep-alive
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8IyPgjwWv39MkhxEcpw9XuY-OavfZ0w3Ptkb5UtjXQlco2oktZKGvJuR87AEoqUof4UXZ4AA60bL-BIX1koCa3iEyZNQP6bC_YWuqPF2d_xwUrsQTAAjwk8Nyy2kkkUZm7rrKBS4tmfUpHW64Onx_v8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 1267037
content-type: application/javascript
last-modified: Fri, 27 Jan 2023 05:14:18 GMT
accept-ranges: bytes
etag: "1d9320e34ada45d"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 00ELaYwAAAAB4oK54WfN9RINPSbNUtRDuQ1BIMzBFREdFMDQxMgAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Wed, 01 Feb 2023 10:45:35 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/prefetch_1.html

13.107.237.53

200 OK

3.4 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/prefetch_1.html
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (1188), with CRLF line terminators
Size
3.4 kB (3401 bytes)
Hash
64a497444d32ffc563f0acb028a00add
0128ccd7f2db9cad212bbad9604fbf375fd6e9d2
b3ed53e1ec89c55f0ad6f8241900b6fb06c8538158ae386ad18666942a6c1180

HTTP Headers

GET /Content/newSignInFiles/prefetch_1.html HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/Content/newSignInFiles/prefetch.html
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8IyPgjwWv39MkhxEcpw9XuY-OavfZ0w3Ptkb5UtjXQlco2oktZKGvJuR87AEoqUof4UXZ4AA60bL-BIX1koCa3iEyZNQP6bC_YWuqPF2d_xwUrsQTAAjwk8Nyy2kkkUZm7rrKBS4tmfUpHW64Onx_v8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 3401
content-type: text/html
last-modified: Wed, 25 Jan 2023 11:00:37 GMT
accept-ranges: bytes
etag: "1d930ac412b35c9"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0z0LaYwAAAABFzIiHGBkSSLgMwYDSdq4gQ1BIMzBFREdFMDQxMgAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Wed, 01 Feb 2023 10:45:35 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/boot.worldwide.0.mouse.js

13.107.237.53

200 OK

659 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/boot.worldwide.0.mouse.js
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (59852), with CRLF line terminators
Size
659 kB (658812 bytes)
Hash
ddbd3e0172d580dce1d5037ac1b7df8b
182379569666d07d0505621be9d8e1b32353bd8e
7a321e19122b4aea06314fc09e75cf19e37d4ba61e6e315371987ac895e806ce

HTTP Headers

GET /Content/newSignInFiles/boot.worldwide.0.mouse.js HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/Content/newSignInFiles/prefetch_1.html
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8IyPgjwWv39MkhxEcpw9XuY-OavfZ0w3Ptkb5UtjXQlco2oktZKGvJuR87AEoqUof4UXZ4AA60bL-BIX1koCa3iEyZNQP6bC_YWuqPF2d_xwUrsQTAAjwk8Nyy2kkkUZm7rrKBS4tmfUpHW64Onx_v8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 658812
content-type: application/javascript
last-modified: Fri, 27 Jan 2023 05:17:58 GMT
accept-ranges: bytes
etag: "1d9320eb7ea4a7c"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 00ELaYwAAAAB0CkkttUHlQK6hS8iIuyUEQ1BIMzBFREdFMDQxMgAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Wed, 01 Feb 2023 10:45:35 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/sprite1.mouse.css

13.107.237.53

200 OK

7.6 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/sprite1.mouse.css
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (7604), with no line terminators
Size
7.6 kB (7604 bytes)
Hash
e9ba472d2ddb09fb3ec536dc240b1976
99daf55408b077f6f56daaf6cae4e54dc0fc0cfa
461f87e55bba34c4d9248d1b45685ea832eba56c15ebf6cccf75d49f1547b502

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /Content/newSignInFiles/sprite1.mouse.css HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/Content/newSignInFiles/prefetch_1.html
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8IyPgjwWv39MkhxEcpw9XuY-OavfZ0w3Ptkb5UtjXQlco2oktZKGvJuR87AEoqUof4UXZ4AA60bL-BIX1koCa3iEyZNQP6bC_YWuqPF2d_xwUrsQTAAjwk8Nyy2kkkUZm7rrKBS4tmfUpHW64Onx_v8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 7604
content-type: text/css
last-modified: Mon, 30 Jan 2023 05:32:48 GMT
accept-ranges: bytes
etag: "1d9346c4998ddb4"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 00ELaYwAAAAB4FQTsg7z4T7LPGXm8BlJZQ1BIMzBFREdFMDQxMgAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Wed, 01 Feb 2023 10:45:36 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/knockout-b324ae36.js

13.107.237.53

200 OK

66 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/knockout-b324ae36.js
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (59466), with CRLF line terminators
Size
66 kB (65592 bytes)
Hash
1fe900de2fc85937b8fd66b912d5ec98
1aa37910ecec33bee345da74cd5ee50feb85fbe1
5052bc6222b5c7990b21575a67fbeb1396e550fb03d11b86c9bc96dbb8a9e4e7

HTTP Headers

GET /Content/newSignInFiles/knockout-b324ae36.js HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.attemplate.com/Content/newSignInFiles/share.html
Connection: keep-alive
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8IyPgjwWv39MkhxEcpw9XuY-OavfZ0w3Ptkb5UtjXQlco2oktZKGvJuR87AEoqUof4UXZ4AA60bL-BIX1koCa3iEyZNQP6bC_YWuqPF2d_xwUrsQTAAjwk8Nyy2kkkUZm7rrKBS4tmfUpHW64Onx_v8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 65592
content-type: application/javascript
last-modified: Fri, 27 Jan 2023 04:42:20 GMT
accept-ranges: bytes
etag: "1d93209bd865e38"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 00ELaYwAAAACMW8SSYjfQQ7y6P37XvozsQ1BIMzBFREdFMDQxMgAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Wed, 01 Feb 2023 10:45:36 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/boot.worldwide.1.mouse.js

13.107.237.53

200 OK

655 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/boot.worldwide.1.mouse.js
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (65339), with CRLF line terminators
Size
655 kB (655420 bytes)
Hash
6a959bbef782c384e9bc59b6ca8985f5
6ff91ca8fc691f7ae420d6ee41b5172b08968f3f
eccbfcf674637944b0ad6c956e8a1210838158a3fa589d9d3752bc667ecfb09b

HTTP Headers

GET /Content/newSignInFiles/boot.worldwide.1.mouse.js HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/Content/newSignInFiles/prefetch_1.html
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8IyPgjwWv39MkhxEcpw9XuY-OavfZ0w3Ptkb5UtjXQlco2oktZKGvJuR87AEoqUof4UXZ4AA60bL-BIX1koCa3iEyZNQP6bC_YWuqPF2d_xwUrsQTAAjwk8Nyy2kkkUZm7rrKBS4tmfUpHW64Onx_v8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 655420
content-type: application/javascript
last-modified: Thu, 26 Jan 2023 03:50:41 GMT
accept-ranges: bytes
etag: "1d931395bfdbebc"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 00ELaYwAAAAB0cdKjFlfAR4W2517ACWTEQ1BIMzBFREdFMDQxMgAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Wed, 01 Feb 2023 10:45:36 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/sprite1.mouse.png

13.107.237.53

200 OK

17 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/sprite1.mouse.png
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 600 x 75, 8-bit/color RGBA, non-interlaced\012- data
Size
17 kB (16664 bytes)
Hash
2835f067dcf4c8a12464856267ca8ff7
ab0a6ccd3932d913314b1ff617f236750781a835
4b5cc3fed2c03c158abc3634c1f7700079fbc1e6183aa5e47a2064cfed87977c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /Content/newSignInFiles/sprite1.mouse.png HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/Content/newSignInFiles/prefetch_1.html
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8IyPgjwWv39MkhxEcpw9XuY-OavfZ0w3Ptkb5UtjXQlco2oktZKGvJuR87AEoqUof4UXZ4AA60bL-BIX1koCa3iEyZNQP6bC_YWuqPF2d_xwUrsQTAAjwk8Nyy2kkkUZm7rrKBS4tmfUpHW64Onx_v8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 16664
content-type: image/png
last-modified: Mon, 30 Jan 2023 04:37:12 GMT
accept-ranges: bytes
etag: "1d93464852fcd18"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 00ELaYwAAAACA1EYqqEycQaOb3zJGCmgpQ1BIMzBFREdFMDQxMgAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Wed, 01 Feb 2023 10:45:36 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/boot.worldwide.mouse.css

13.107.237.53

200 OK

232 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/boot.worldwide.mouse.css
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (65536), with no line terminators
Size
232 kB (232377 bytes)
Hash
48fc1595ceb5f14fd150e4c303231a66
cfea5fe8e941a3b54c37362e21b2f64969d51bb0
1be30cb9303e429a65d50bfa98d279c803256485836027d99b4b195b7fcd9f69

HTTP Headers

GET /Content/newSignInFiles/boot.worldwide.mouse.css HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/Content/newSignInFiles/prefetch_1.html
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8IyPgjwWv39MkhxEcpw9XuY-OavfZ0w3Ptkb5UtjXQlco2oktZKGvJuR87AEoqUof4UXZ4AA60bL-BIX1koCa3iEyZNQP6bC_YWuqPF2d_xwUrsQTAAjwk8Nyy2kkkUZm7rrKBS4tmfUpHW64Onx_v8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 232377
content-type: text/css
last-modified: Thu, 26 Jan 2023 04:06:42 GMT
accept-ranges: bytes
etag: "1d9313b98c73eb9"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 00ELaYwAAAAC3fZHdmTA4SqzcobDmCqtVQ1BIMzBFREdFMDQxMgAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Wed, 01 Feb 2023 10:45:36 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/boot.worldwide.3.mouse.js

13.107.237.53

200 OK

656 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/boot.worldwide.3.mouse.js
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (65339), with CRLF line terminators
Size
656 kB (656278 bytes)
Hash
97c5f8fff487304a9482b1bc49cc0d01
4e2f7c2efef5e2eb974e42c75add4c5fe62bc3f6
09b52730dfeb19700920e33d3a12060ec2c78ccb62b7336a22a3d39fb07674a5

HTTP Headers

GET /Content/newSignInFiles/boot.worldwide.3.mouse.js HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/Content/newSignInFiles/prefetch_1.html
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8IyPgjwWv39MkhxEcpw9XuY-OavfZ0w3Ptkb5UtjXQlco2oktZKGvJuR87AEoqUof4UXZ4AA60bL-BIX1koCa3iEyZNQP6bC_YWuqPF2d_xwUrsQTAAjwk8Nyy2kkkUZm7rrKBS4tmfUpHW64Onx_v8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 656278
content-type: application/javascript
last-modified: Mon, 30 Jan 2023 06:09:40 GMT
accept-ranges: bytes
etag: "1d9347170072996"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 00ELaYwAAAAAsUWf+/uZeR5UzQmN53wqLQ1BIMzBFREdFMDQxMgAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Wed, 01 Feb 2023 10:45:36 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/boot.worldwide.2.mouse.js

13.107.237.53

200 OK

658 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/boot.worldwide.2.mouse.js
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (65339), with CRLF line terminators
Size
658 kB (658229 bytes)
Hash
4b4b962b7bcb6374b576fb44fb24a871
d8dcadb5752a2549f8321ac022edb6be3c7ca51f
f5ea68a1c0bb90325f9a53432026888725dacc91574702856db1d628c3f9c5df

HTTP Headers

GET /Content/newSignInFiles/boot.worldwide.2.mouse.js HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/Content/newSignInFiles/prefetch_1.html
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8IyPgjwWv39MkhxEcpw9XuY-OavfZ0w3Ptkb5UtjXQlco2oktZKGvJuR87AEoqUof4UXZ4AA60bL-BIX1koCa3iEyZNQP6bC_YWuqPF2d_xwUrsQTAAjwk8Nyy2kkkUZm7rrKBS4tmfUpHW64Onx_v8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 658229
content-type: application/javascript
last-modified: Mon, 30 Jan 2023 05:35:22 GMT
accept-ranges: bytes
etag: "1d9346ca5694235"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 00ELaYwAAAAACr1/z30I1So3dOzmq6+rtQ1BIMzBFREdFMDQxMgAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Wed, 01 Feb 2023 10:45:36 GMT
X-Firefox-Spdy: h2

r4.res.office365.com/owa/prem/16.2170.8.2502626/scripts/boot.worldwide.0.mouse.js

23.36.79.11

200 OK

178 kB

URL HTTP/2
r4.res.office365.com/owa/prem/16.2170.8.2502626/scripts/boot.worldwide.0.mouse.js
IP
23.36.79.11:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (59852), with CRLF line terminators
Size
178 kB (178168 bytes)
Hash
766d8b9b12b91afafe8e4acd88b189a0
2d521e0d6078ef684ae221170e0fa983e1d44760
88d8843e944d171335d8b95a11adadc743923d629c1db108178a642920bb9c7c

HTTP Headers

GET /owa/prem/16.2170.8.2502626/scripts/boot.worldwide.0.mouse.js HTTP/1.1
Host: r4.res.office365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
last-modified: Thu, 01 Mar 2018 22:03:28 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 178168
cache-control: public,max-age=630720000, s-maxage=630720000
date: Wed, 01 Feb 2023 10:45:38 GMT
timing-allow-origin: *
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

r4.res.office365.com/owa/prem/16.2170.8.2502626/scripts/boot.worldwide.1.mouse.js

23.36.79.11

200 OK

162 kB

URL HTTP/2
r4.res.office365.com/owa/prem/16.2170.8.2502626/scripts/boot.worldwide.1.mouse.js
IP
23.36.79.11:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (65339), with CRLF line terminators
Size
162 kB (161597 bytes)
Hash
1ad01b5690ad4fb23b104fc317ad7b7f
7f49802bcfbdd4e585ffc6d691848a673ef06625
958c030322a82decf7b6da5642b8bb084c7e9d8533e59f91062734a094493851

HTTP Headers

GET /owa/prem/16.2170.8.2502626/scripts/boot.worldwide.1.mouse.js HTTP/1.1
Host: r4.res.office365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
last-modified: Thu, 01 Mar 2018 22:03:27 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 161597
cache-control: public,max-age=630720000, s-maxage=630720000
date: Wed, 01 Feb 2023 10:45:38 GMT
timing-allow-origin: *
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

r4.res.office365.com/owa/prem/16.2170.8.2502626/scripts/boot.worldwide.2.mouse.js

23.36.79.11

200 OK

169 kB

URL HTTP/2
r4.res.office365.com/owa/prem/16.2170.8.2502626/scripts/boot.worldwide.2.mouse.js
IP
23.36.79.11:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (65339), with CRLF line terminators
Size
169 kB (169086 bytes)
Hash
33a2371675f9bb0d0eb8517b37ec3d0a
d7c8c6ace771737008ce3fc394fb69ec884e3918
01c5e59886323fb58a19db9f8c32cdba56edadca304e7f918f6b45bb4829c2c2

HTTP Headers

GET /owa/prem/16.2170.8.2502626/scripts/boot.worldwide.2.mouse.js HTTP/1.1
Host: r4.res.office365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
last-modified: Thu, 01 Mar 2018 22:03:28 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 169086
cache-control: public,max-age=630720000, s-maxage=630720000
date: Wed, 01 Feb 2023 10:45:38 GMT
timing-allow-origin: *
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

oneocsp.microsoft.com/ocsp

204.79.197.203

200 OK

1.8 kB

URL HTTP/1.1
oneocsp.microsoft.com/ocsp
IP
204.79.197.203:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
data
Size
1.8 kB (1777 bytes)
Hash
8740ad683c29942b0ecbf5f146e6171c
87598a6ecf95c235bf1f77f2da2c8341f39d7578
7f2ad6c0c9a847e5cd45f97a521aa866c0b2ca254397b212320f3ee6088a0831

HTTP Headers

POST /ocsp HTTP/1.1
Host: oneocsp.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: max-age=86400
Content-Length: 1777
Content-Type: application/ocsp-response
Expires: Sun, 05 Feb 2023 15:50:09 GMT
Last-Modified: Tue, 31 Jan 2023 14:14:09 GMT
ETag: "7f2ad6c0c9a847e5cd45f97a521aa866c0b2ca254397b212320f3ee6088a0831"
X-Powered-By: ASP.NET
x-content-type-options: nosniff
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: AB756F123F8C4E0CBFBF3FA12AF0AD33 Ref B: OSL30EDGE0117 Ref C: 2023-02-01T10:45:38Z
Date: Wed, 01 Feb 2023 10:45:38 GMT

oneocsp.microsoft.com/ocsp

204.79.197.203

200 OK

1.7 kB

URL HTTP/1.1
oneocsp.microsoft.com/ocsp
IP
204.79.197.203:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
data
Size
1.7 kB (1741 bytes)
Hash
73da1b9b515a7302fa897ade99343968
f6cd94d1a40b4e49754a208f552f11749534326f
d2f71d0b2b1a40e93c3d3b19104405bf38327324ee7f8d1f8bc67420c7de7275

HTTP Headers

POST /ocsp HTTP/1.1
Host: oneocsp.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: max-age=86400
Content-Length: 1741
Content-Type: application/ocsp-response
Expires: Sun, 05 Feb 2023 15:50:08 GMT
Last-Modified: Tue, 31 Jan 2023 18:14:09 GMT
ETag: "d2f71d0b2b1a40e93c3d3b19104405bf38327324ee7f8d1f8bc67420c7de7275"
X-Powered-By: ASP.NET
x-content-type-options: nosniff
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: 4E8DE859362D4896BD33530CE7E384A7 Ref B: OSL30EDGE0406 Ref C: 2023-02-01T10:45:38Z
Date: Wed, 01 Feb 2023 10:45:38 GMT

r4.res.office365.com/owa/prem/16.2170.8.2502626/scripts/boot.worldwide.3.mouse.js

23.36.79.11

200 OK

145 kB

URL HTTP/2
r4.res.office365.com/owa/prem/16.2170.8.2502626/scripts/boot.worldwide.3.mouse.js
IP
23.36.79.11:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (65339), with CRLF line terminators
Size
145 kB (144731 bytes)
Hash
c227bb42997647f734114335cdee8ded
61c8ca81fe5223e7f228ace674a5510e28f8bb4c
0849430ca23c787f9739969a3b8ed52cecf7f885ed177e6660e810537b4e9108

HTTP Headers

GET /owa/prem/16.2170.8.2502626/scripts/boot.worldwide.3.mouse.js HTTP/1.1
Host: r4.res.office365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
last-modified: Thu, 01 Mar 2018 22:03:28 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 144731
cache-control: public,max-age=630720000, s-maxage=630720000
date: Wed, 01 Feb 2023 10:45:38 GMT
timing-allow-origin: *
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

oneocsp.microsoft.com/ocsp

204.79.197.203

200 OK

1.8 kB

URL HTTP/1.1
oneocsp.microsoft.com/ocsp
IP
204.79.197.203:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
data
Size
1.8 kB (1777 bytes)
Hash
7a95b50dbb58c10fe822758239834510
0328d4ee49188380e5a5f2e7d2de846c011dea94
e1892fa5ecfc197e384d40dac8878b198696cc332b2381ddf000ef06daf82a22

HTTP Headers

POST /ocsp HTTP/1.1
Host: oneocsp.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: max-age=86400
Content-Length: 1777
Content-Type: application/ocsp-response
Expires: Sun, 05 Feb 2023 15:50:08 GMT
Last-Modified: Tue, 31 Jan 2023 10:14:09 GMT
ETag: "e1892fa5ecfc197e384d40dac8878b198696cc332b2381ddf000ef06daf82a22"
X-Powered-By: ASP.NET
x-content-type-options: nosniff
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: B66C731832094BF992974B306CFC063E Ref B: OSL30EDGE0511 Ref C: 2023-02-01T10:45:38Z
Date: Wed, 01 Feb 2023 10:45:38 GMT

oneocsp.microsoft.com/ocsp

204.79.197.203

200 OK

1.8 kB

URL HTTP/1.1
oneocsp.microsoft.com/ocsp
IP
204.79.197.203:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
data
Size
1.8 kB (1777 bytes)
Hash
45ccfd41e2c9b14f2cb658be4b54e5ec
0f7e65fb2876ab9b31a537423d2bacb8a727e7e6
1113ebc1872b241c4bd82d33f5d3f2399ca7f39b9a876ed23d295d3f4b06bd34

HTTP Headers

POST /ocsp HTTP/1.1
Host: oneocsp.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: max-age=86400
Content-Length: 1777
Content-Type: application/ocsp-response
Expires: Sun, 05 Feb 2023 15:50:08 GMT
Last-Modified: Tue, 31 Jan 2023 10:14:09 GMT
ETag: "1113ebc1872b241c4bd82d33f5d3f2399ca7f39b9a876ed23d295d3f4b06bd34"
X-Powered-By: ASP.NET
x-content-type-options: nosniff
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: FBE61E14281A4CB186973959CB8BEB42 Ref B: OSL30EDGE0220 Ref C: 2023-02-01T10:45:38Z
Date: Wed, 01 Feb 2023 10:45:38 GMT

r4.res.office365.com/owa/prem/16.2170.8.2502626/resources/images/0/sprite1.mouse.png

23.36.79.11

200 OK

17 kB

URL HTTP/2
r4.res.office365.com/owa/prem/16.2170.8.2502626/resources/images/0/sprite1.mouse.png
IP
23.36.79.11:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 600 x 75, 8-bit/color RGBA, non-interlaced\012- data
Size
17 kB (16664 bytes)
Hash
2835f067dcf4c8a12464856267ca8ff7
ab0a6ccd3932d913314b1ff617f236750781a835
4b5cc3fed2c03c158abc3634c1f7700079fbc1e6183aa5e47a2064cfed87977c

HTTP Headers

GET /owa/prem/16.2170.8.2502626/resources/images/0/sprite1.mouse.png HTTP/1.1
Host: r4.res.office365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
last-modified: Thu, 01 Mar 2018 21:58:58 GMT
server: AkamaiNetStorage
content-length: 16664
cache-control: public,max-age=630720000, s-maxage=630720000
date: Wed, 01 Feb 2023 10:45:38 GMT
timing-allow-origin: *
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

r4.res.office365.com/owa/prem/16.2170.8.2502626/resources/images/0/sprite1.mouse.css

23.36.79.11

200 OK

1.1 kB

URL HTTP/2
r4.res.office365.com/owa/prem/16.2170.8.2502626/resources/images/0/sprite1.mouse.css
IP
23.36.79.11:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (7604), with no line terminators
Size
1.1 kB (1124 bytes)
Hash
a4e658970b457e73140a7b88a63533ae
b9f6b8d97fcade5e1bb38d48c153159af69fd68b
0be54357c66b84d5e8996b5efac2e89899b9d7481201431abe6cc806ae7c454e

HTTP Headers

GET /owa/prem/16.2170.8.2502626/resources/images/0/sprite1.mouse.css HTTP/1.1
Host: r4.res.office365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: text/css
last-modified: Thu, 01 Mar 2018 21:59:00 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 1124
cache-control: public,max-age=630720000, s-maxage=630720000
date: Wed, 01 Feb 2023 10:45:38 GMT
timing-allow-origin: *
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

r4.res.office365.com/owa/prem/16.2170.8.2502626/resources/styles/0/boot.worldwide.mouse.css

23.36.79.11

200 OK

44 kB

URL HTTP/2
r4.res.office365.com/owa/prem/16.2170.8.2502626/resources/styles/0/boot.worldwide.mouse.css
IP
23.36.79.11:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (65536), with no line terminators
Size
44 kB (44247 bytes)
Hash
5088d944056ceb529df40ac24c8b3f5b
5c8dc1ebe38e90314b2deec5ea7417888e1c731e
0cf03b1d1451e6c76c7ccd2320b11128dae2c0689f8fb1a7c5f4052c42e3ea73

HTTP Headers

GET /owa/prem/16.2170.8.2502626/resources/styles/0/boot.worldwide.mouse.css HTTP/1.1
Host: r4.res.office365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: text/css
last-modified: Thu, 01 Mar 2018 22:00:55 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 44247
cache-control: public,max-age=630720000, s-maxage=630720000
date: Wed, 01 Feb 2023 10:45:38 GMT
timing-allow-origin: *
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

oneocsp.microsoft.com/ocsp

204.79.197.203

200 OK

1.8 kB

URL HTTP/1.1
oneocsp.microsoft.com/ocsp
IP
204.79.197.203:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
data
Size
1.8 kB (1777 bytes)
Hash
463d0f3bff2fc20ddf47d40cab77ec00
d5f173a93acf04355080d46667c4e9837f6554a8
fc195a09aee5b98ac66829ad54e19925c079f858967c65877dbe22a3cff9bfcd

HTTP Headers

POST /ocsp HTTP/1.1
Host: oneocsp.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: max-age=86400
Content-Length: 1777
Content-Type: application/ocsp-response
Expires: Sun, 05 Feb 2023 15:50:08 GMT
Last-Modified: Tue, 31 Jan 2023 10:14:09 GMT
ETag: "fc195a09aee5b98ac66829ad54e19925c079f858967c65877dbe22a3cff9bfcd"
X-Powered-By: ASP.NET
x-content-type-options: nosniff
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: 960044A33C9A4633BBC5385F80708D65 Ref B: OSL30EDGE0212 Ref C: 2023-02-01T10:45:38Z
Date: Wed, 01 Feb 2023 10:45:38 GMT

wusofficehome.msocdn.com/s/7c18fcc8/Areas/Home/Content/js/build/bundles/react-bundle.js

23.32.25.29

403 Forbidden

0 B

URL HTTP/2
wusofficehome.msocdn.com/s/7c18fcc8/Areas/Home/Content/js/build/bundles/react-bundle.js
IP
23.32.25.29:0
ASN
#16625 AKAMAI-AS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s/7c18fcc8/Areas/Home/Content/js/build/bundles/react-bundle.js HTTP/1.1
Host: wusofficehome.msocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.attemplate.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 403 Forbidden
content-length: 0
request-context: appId=
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 01 Feb 2023 10:45:39 GMT
set-cookie: OH.SID=aca8c031-f416-4594-a870-d6e224446150; path=/; secure; samesite=none; httponly
timing-allow-origin: *
X-Firefox-Spdy: h2

wusofficehome.msocdn.com/s/f5628679/Areas/Home/Content/js/build/bundles/polyfills-bundle.js

23.32.25.29

403 Forbidden

0 B

URL HTTP/2
wusofficehome.msocdn.com/s/f5628679/Areas/Home/Content/js/build/bundles/polyfills-bundle.js
IP
23.32.25.29:0
ASN
#16625 AKAMAI-AS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s/f5628679/Areas/Home/Content/js/build/bundles/polyfills-bundle.js HTTP/1.1
Host: wusofficehome.msocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.attemplate.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 403 Forbidden
content-length: 0
request-context: appId=
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 01 Feb 2023 10:45:39 GMT
set-cookie: OH.SID=4c2fc7ef-911a-4168-9b76-4119742fc62a; path=/; secure; samesite=none; httponly
timing-allow-origin: *
X-Firefox-Spdy: h2

wusofficehome.msocdn.com/s/19ef5923/Areas/Home/Content/js/build/bundles/vendor-bundle.js

23.32.25.29

403 Forbidden

0 B

URL HTTP/2
wusofficehome.msocdn.com/s/19ef5923/Areas/Home/Content/js/build/bundles/vendor-bundle.js
IP
23.32.25.29:0
ASN
#16625 AKAMAI-AS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s/19ef5923/Areas/Home/Content/js/build/bundles/vendor-bundle.js HTTP/1.1
Host: wusofficehome.msocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.attemplate.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 403 Forbidden
content-length: 0
request-context: appId=
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 01 Feb 2023 10:45:39 GMT
set-cookie: OH.SID=7879b394-ae85-4da2-9b1d-4f46cce6cff5; path=/; secure; samesite=none; httponly
timing-allow-origin: *
X-Firefox-Spdy: h2

wusofficehome.msocdn.com/s/b29e92f2/Areas/Home/Content/js/build/bundles/staticScripts.js

23.32.25.29

403 Forbidden

0 B

URL HTTP/2
wusofficehome.msocdn.com/s/b29e92f2/Areas/Home/Content/js/build/bundles/staticScripts.js
IP
23.32.25.29:0
ASN
#16625 AKAMAI-AS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s/b29e92f2/Areas/Home/Content/js/build/bundles/staticScripts.js HTTP/1.1
Host: wusofficehome.msocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.attemplate.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 403 Forbidden
content-length: 0
request-context: appId=
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 01 Feb 2023 10:45:39 GMT
set-cookie: OH.SID=615c3310-b01d-456d-be1c-47de142cd3a2; path=/; secure; samesite=none; httponly
timing-allow-origin: *
X-Firefox-Spdy: h2

wusofficehome.msocdn.com/s/2f9f9c93/Areas/Home/Content/js/build/bundles/app-bundle.js

23.32.25.29

403 Forbidden

0 B

URL HTTP/2
wusofficehome.msocdn.com/s/2f9f9c93/Areas/Home/Content/js/build/bundles/app-bundle.js
IP
23.32.25.29:0
ASN
#16625 AKAMAI-AS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s/2f9f9c93/Areas/Home/Content/js/build/bundles/app-bundle.js HTTP/1.1
Host: wusofficehome.msocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.attemplate.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 403 Forbidden
content-length: 0
request-context: appId=
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 01 Feb 2023 10:45:39 GMT
set-cookie: OH.SID=9e8f3418-a3be-4b2f-a8b6-d54e1f3d6254; path=/; secure; samesite=none; httponly
timing-allow-origin: *
X-Firefox-Spdy: h2

wusofficehome.msocdn.com/s/c3caee40/Areas/Home/Content/images/fluent-background-sources/header-default-desktop.svg

23.32.25.29

403 Forbidden

0 B

URL HTTP/2
wusofficehome.msocdn.com/s/c3caee40/Areas/Home/Content/images/fluent-background-sources/header-default-desktop.svg
IP
23.32.25.29:0
ASN
#16625 AKAMAI-AS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s/c3caee40/Areas/Home/Content/images/fluent-background-sources/header-default-desktop.svg HTTP/1.1
Host: wusofficehome.msocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.attemplate.com/
Cookie: OH.SID=9e8f3418-a3be-4b2f-a8b6-d54e1f3d6254
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
content-length: 0
request-context: appId=
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 01 Feb 2023 10:45:39 GMT
set-cookie: OH.SID=a765559c-eed9-49c6-af48-256704ebf2b4; path=/; secure; samesite=none; httponly
timing-allow-origin: *
X-Firefox-Spdy: h2

wusofficehome.msocdn.com/s/398b5c2a/Areas/Home/Content/images/zero-docs-sprite.png

23.32.25.29

403 Forbidden

0 B

URL HTTP/2
wusofficehome.msocdn.com/s/398b5c2a/Areas/Home/Content/images/zero-docs-sprite.png
IP
23.32.25.29:0
ASN
#16625 AKAMAI-AS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s/398b5c2a/Areas/Home/Content/images/zero-docs-sprite.png HTTP/1.1
Host: wusofficehome.msocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.attemplate.com/
Cookie: OH.SID=9e8f3418-a3be-4b2f-a8b6-d54e1f3d6254
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
content-length: 0
request-context: appId=
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 01 Feb 2023 10:45:39 GMT
set-cookie: OH.SID=6d244ece-669a-4752-a0ed-412e2ffe6dc5; path=/; secure; samesite=none; httponly
timing-allow-origin: *
X-Firefox-Spdy: h2

wusofficehome.msocdn.com/s/fab5fe9a/Areas/Home/Content/images/document-sprite.png

23.32.25.29

403 Forbidden

0 B

URL HTTP/2
wusofficehome.msocdn.com/s/fab5fe9a/Areas/Home/Content/images/document-sprite.png
IP
23.32.25.29:0
ASN
#16625 AKAMAI-AS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s/fab5fe9a/Areas/Home/Content/images/document-sprite.png HTTP/1.1
Host: wusofficehome.msocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.attemplate.com/
Cookie: OH.SID=9e8f3418-a3be-4b2f-a8b6-d54e1f3d6254
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
content-length: 0
request-context: appId=
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 01 Feb 2023 10:45:39 GMT
set-cookie: OH.SID=1e3a935d-677a-4542-8664-8883e001ce82; path=/; secure; samesite=none; httponly
timing-allow-origin: *
X-Firefox-Spdy: h2

wusofficehome.msocdn.com/s/6be72975/Areas/Home/Content/js/build/bundles/sharedScripts.js

23.32.25.29

403 Forbidden

0 B

URL HTTP/2
wusofficehome.msocdn.com/s/6be72975/Areas/Home/Content/js/build/bundles/sharedScripts.js
IP
23.32.25.29:0
ASN
#16625 AKAMAI-AS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s/6be72975/Areas/Home/Content/js/build/bundles/sharedScripts.js HTTP/1.1
Host: wusofficehome.msocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.attemplate.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 403 Forbidden
content-length: 0
request-context: appId=
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 01 Feb 2023 10:45:39 GMT
set-cookie: OH.SID=e444cb0f-7f57-4f32-8d24-2a2aaac31e12; path=/; secure; samesite=none; httponly
timing-allow-origin: *
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.7 kB (5736 bytes)
Hash
2998f7f50ac0eec931c348e8a0fb0c60
f5e411cda74cb7fb4a662f4787e9543b9749c8b5
0c81413a819e379212bf757b1c9469415aec2ac8fdf47f94ff23c420a1da20e1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 5736
x-amzn-requestid: 895ee89b-8d2e-42f9-a392-466557f8a0d3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffEtEGk_oAMFYPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e7ed-026a1b0d79dc7eb572317bd2;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:28:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4yxwz2MFTdpb8I56VVbFU2Zz0qG_uHcYc3aDtn6boQPjhw7UFLLnYw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 10:37:09 GMT
age: 511
etag: "f5e411cda74cb7fb4a662f4787e9543b9749c8b5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.attemplate.com/common/handlers/watson

13.107.237.53

500 Internal Server Error

0 B

URL HTTP/2
www.attemplate.com/common/handlers/watson
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /common/handlers/watson HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=utf-8
canary: AQABAAAAAABHh4kmS_aKT5XrjzxRAtHzByAOmM8fpkvKw4pmLXe2B2zfR-dGJC7ZE_XiwLESgQono13jEoEudwaFfYbS-zBQP_Yi900yDXGDchlib2yXwFr4wifGHsKFmuBZ24Vjx8EyYALwzY3Ze9ETm_Pz1oKKoj5UyomNUgTMpvsO69Jo0okaQRk6XPpCpTQb8OBC9Tb79u9Xq2bMD7wtNDvalpa7j8x2WH64BMJpMNSQjMBGACAA
hpgid: 1104
hpgact: 1800
client-request-id: 72b50326-20c5-494b-941d-6db76a881875
X-Requested-With: XMLHttpRequest
Content-Length: 3833
Origin: https://www.attemplate.com
Connection: keep-alive
Referer: https://www.attemplate.com/nam/ae5b7749-9cf6-4462-87d2-968f84423e47/fe2bd7cf-1e2f-4fce-a0f0-2077f060a4dd/00399d01-229f-489d-8a73-d250721e3979/login?id=a2dTd1NHM1poNUlZcUwreis2ZFRXR3JiMlUxekJKOEt6TXg3SE5LSEMxQWZMMG03cGZ1a0lMdTNCZndOM09iT3ZZTkVXMmFPQ0xRam1QQmtKR3JWbFhQbWJ6WjRwai9YYXJ2UEIxYitCLzNHK04xV2Q2QWFjZmFLaUcvbmxhejkrZHY1NVM4QkRxV2F3ampYaXQrUWNkLzQvVzlVcTZVK2tKalNxaG1Ic2t4MERMRzBwaWtsVDRVbk95dUd3RW1NeWlxMXA5TC8rVmMvMk1XdU5GVHNtSm55SHZaWCtPcmpWekNCZVFER1VudVhydXhYdGVFY01URDRWcFIrYXdnYWc1cGU0WkJpR2NkVTRLUUNib3JVbFlVR3ZsOUdQOUdaMTIvQmF2TmVzUUM4VUgzdG1oVGE4YTdreVBWaUo3NERUL1ZkY2hUNllhOStkMmxNbEhFQjdoT0cwSzlURmllQ3dpbjk2MlNiczYrNlBCM0pXWVlGQnVTK3Buc29kZHdm
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8IyPgjwWv39MkhxEcpw9XuY-OavfZ0w3Ptkb5UtjXQlco2oktZKGvJuR87AEoqUof4UXZ4AA60bL-BIX1koCa3iEyZNQP6bC_YWuqPF2d_xwUrsQTAAjwk8Nyy2kkkUZm7rrKBS4tmfUpHW64Onx_v8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 500 Internal Server Error
content-type: text/html; charset=utf-8
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 0z0LaYwAAAADk/+/Qsdw9Q7yu/JPrC4tCQ1BIMzBFREdFMDQxMgAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Wed, 01 Feb 2023 10:45:34 GMT
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (18)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML