Report - oidc.idp.elogin.e-access.att-itservices.sbs/lrr/attLRR/LrrController?policy2023

Report Overview

Submitted URL
oidc.idp.elogin.e-access.att-itservices.sbs/lrr/attLRR/LrrController?policy2023_view=true
IP
81.161.229.180
ASN
#0
Submitted
2023-01-26 21:35:00
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
20

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	44.228.230.125
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.2 kB	42 kB	34.120.237.76
oidc.idp.elogin.e-access.att-itservices.sbs	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	15 kB	381 kB	81.161.229.180
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	7.1 kB	23.36.76.226
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	337 B	1.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-26	medium	oidc.idp.elogin.e-access.att-itservices.sbs/fonts/WOFF/ATTAleckSans_W_Bd.woff	Phishing
2023-01-26	medium	oidc.idp.elogin.e-access.att-itservices.sbs/js/jquery.blockUI.js	Phishing
2023-01-26	medium	oidc.idp.elogin.e-access.att-itservices.sbs/js/att_common.js	Phishing
2023-01-26	medium	oidc.idp.elogin.e-access.att-itservices.sbs/js/backEndFunctions.js	Phishing
2023-01-26	medium	oidc.idp.elogin.e-access.att-itservices.sbs/js/ie7.js	Phishing
2023-01-26	medium	oidc.idp.elogin.e-access.att-itservices.sbs/js/utilities.js	Phishing
2023-01-26	medium	oidc.idp.elogin.e-access.att-itservices.sbs/js/jquery-1.12.4.min.js	Phishing
2023-01-26	medium	oidc.idp.elogin.e-access.att-itservices.sbs/js/mk.js	Phishing
2023-01-26	medium	oidc.idp.elogin.e-access.att-itservices.sbs/js/script.js	Phishing
2023-01-26	medium	oidc.idp.elogin.e-access.att-itservices.sbs/img/safeNetLogo.svg	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (12)

	URL	Size	First Seen	Last Seen
	oidc.idp.elogin.e-access.att-itservices.sbs/js/backEndFunctions.js	7.3 kB	2023-03-09	2023-03-26
Pretty URL oidc.idp.elogin.e-access.att-itservices.sbs/js/backEndFunctions.js IP 81.161.229.180 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 02:58:56 Last Seen2023-03-26 11:16:27 Times Seen11 Hash 06b948759e09566e09e67a7e813204ec abbf445e64f88013d84bae5f17174340c5340aa6 a68f3e45b7cff940ff8d8b0a52a33badc3b57f4a39a2c43c4ab39e48cea01e70 Loading...

	oidc.idp.elogin.e-access.att-itservices.sbs/lrr/attLRR/LrrController?policy2023_view=true	6.1 kB	2023-03-09	2023-03-26
Pretty URL oidc.idp.elogin.e-access.att-itservices.sbs/lrr/attLRR/LrrController?policy2023_view=true IP 81.161.229.180 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 02:58:56 Last Seen2023-03-26 11:16:27 Times Seen11 Hash d21daf6a1949d1f631f64b0158e05b62 d2ec12fa19a6bac3e2aee70c5a10c8bb4d98fbbd 2e773db7a4598db729515506d81271ee2f414bba2159c3dd0e3a6fd2a263681e Loading...

	oidc.idp.elogin.e-access.att-itservices.sbs/lrr/attLRR/LrrController?policy2023_view=true	36 kB	2023-03-09	2023-03-26
Pretty URL oidc.idp.elogin.e-access.att-itservices.sbs/lrr/attLRR/LrrController?policy2023_view=true IP 81.161.229.180 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 02:58:56 Last Seen2023-03-26 11:16:27 Times Seen11 Hash 35b4c90e7d4f218d0b8ed4de8a3fad5a b003e33d4ae651f380d0a6d3dbc0a1f1093b0841 27562c43e4e81a7fce944973e187729381b4fca8be31891b833763162e0da88a Loading...

	oidc.idp.elogin.e-access.att-itservices.sbs/js/ie7.js	5.3 kB	2023-03-08	2023-04-20
Pretty URL oidc.idp.elogin.e-access.att-itservices.sbs/js/ie7.js IP 81.161.229.180 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:15:52 Last Seen2023-04-20 08:48:58 Times Seen21 Hash 5272aff028d2d0c73588a838487f542a 78efea15e55d29a61fdc655c60afc2af7ba7055a e0d8b0a3e96ae24cdfe789d7fcf700a7facdaf123df06d7aa197a3d6d8fba239 Loading...

	oidc.idp.elogin.e-access.att-itservices.sbs/lrr/attLRR/LrrController?policy2023_view=true	85 B	2023-03-09	2023-03-26
Pretty URL oidc.idp.elogin.e-access.att-itservices.sbs/lrr/attLRR/LrrController?policy2023_view=true IP 81.161.229.180 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 02:58:56 Last Seen2023-03-26 11:16:26 Times Seen11 Hash b56ab0b51a0297100e836c1375f5f4ef e8a76e7260e788051de9df5a8edf08413836ddd6 23c1c3e28925e3f4f77e5a43dcb535923d3a2edebaf15225e43f010c11b4d3dc Loading...

	oidc.idp.elogin.e-access.att-itservices.sbs/lrr/attLRR/LrrController?policy2023_view=true	30 B	2023-03-09	2023-03-26
Pretty URL oidc.idp.elogin.e-access.att-itservices.sbs/lrr/attLRR/LrrController?policy2023_view=true IP 81.161.229.180 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 02:58:56 Last Seen2023-03-26 11:16:26 Times Seen11 Hash 57df6d7f5178115be802fb72bbd36589 af1cb7e36a53d6b0d59115482d62605998ad7e1b aa827cea91103ff960edf5ad998920980eba89466a6bae92b52cb3b06f814924 Loading...

	oidc.idp.elogin.e-access.att-itservices.sbs/js/att_common.js	240 kB	2023-03-09	2023-03-26
Pretty URL oidc.idp.elogin.e-access.att-itservices.sbs/js/att_common.js IP 81.161.229.180 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 02:58:56 Last Seen2023-03-26 11:16:26 Times Seen8 Hash cb6f9774f3dbf5eddb19ae9d6b73c09f fa334ec8199360b52550bb874d4414213450944d eeb53ea50b8125332e1fefe5184772b5e5ddbcd7fc53488c11d24199c5b239b4 Loading...

	oidc.idp.elogin.e-access.att-itservices.sbs/js/jquery.blockUI.js	10 kB	2023-03-07	2023-04-20
Pretty URL oidc.idp.elogin.e-access.att-itservices.sbs/js/jquery.blockUI.js IP 81.161.229.180 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:49:49 Last Seen2023-04-20 08:48:58 Times Seen21 Hash da579477eb513681c9e1e0090553fb85 9de95360fbc22dd4342b52812cb610031ed5ef04 43d09eda46c8844e9674fe19c3efde71e12a8142491024e3d91976418e78f1c7 Loading...

	unknown	0 B	2023-03-07	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 17:07:20 Times Seen37096957 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	oidc.idp.elogin.e-access.att-itservices.sbs/js/mk.js	13 kB	2023-03-09	2023-03-26
Pretty URL oidc.idp.elogin.e-access.att-itservices.sbs/js/mk.js IP 81.161.229.180 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 02:58:56 Last Seen2023-03-26 11:16:27 Times Seen11 Hash 372364198bac55465d7e4d7e65f1396e cbbcfb9d1125a18a96bb6e80461194940d3625ef bdbedf18f8a3a36256f6819fe27c6fc76c2e64dea340bce4ed775c77fd982032 Loading...

	oidc.idp.elogin.e-access.att-itservices.sbs/js/script.js	85 kB	2023-03-09	2023-03-26
Pretty URL oidc.idp.elogin.e-access.att-itservices.sbs/js/script.js IP 81.161.229.180 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 02:58:56 Last Seen2023-03-26 11:16:27 Times Seen11 Hash b4aeae4546d0e49d3a2fdfd364694cfb b9b4e5cac2074bbdc8683a8fe697a0aa3f655c29 05ef89ea4818d5285c761e6810e57f42cb12887f87d7b551001b9fa9114ab281 Loading...

	oidc.idp.elogin.e-access.att-itservices.sbs/js/utilities.js	1.5 kB	2023-03-07	2023-03-29
Pretty URL oidc.idp.elogin.e-access.att-itservices.sbs/js/utilities.js IP 81.161.229.180 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:49:49 Last Seen2023-03-29 20:59:01 Times Seen13 Hash 6e61922bf92bbb52eeb9c34ee83b4afc 5f7ff99da2ef1d54d381338243d811df8bcd521b 79581aa279a6149075cfbc81498d3cbf1a2f97d42e18f99ac31f0df146c51352 Loading...

HTTP Transactions (41)

URL IP Response Size

oidc.idp.elogin.e-access.att-itservices.sbs/lrr/attLRR/LrrController?policy2023_view=true

81.161.229.180

301 Moved Permanently

162 B

URL HTTP/1.1
oidc.idp.elogin.e-access.att-itservices.sbs/lrr/attLRR/LrrController?policy2023_view=true
IP
81.161.229.180:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /lrr/attLRR/LrrController?policy2023_view=true HTTP/1.1
Host: oidc.idp.elogin.e-access.att-itservices.sbs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 26 Jan 2023 21:34:49 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://oidc.idp.elogin.e-access.att-itservices.sbs/lrr/attLRR/LrrController?policy2023_view=true

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2405562765b49b2782ebd2e2994851d5
be7ac8e558f7875bb1fb86ab5ec674424a5ff269
422cfa907461cb7b93b9089d600052f9e94951e5e0c93d97651905002e48ad3e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "422CFA907461CB7B93B9089D600052F9E94951E5E0C93D97651905002E48AD3E"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2241
Expires: Thu, 26 Jan 2023 22:12:11 GMT
Date: Thu, 26 Jan 2023 21:34:50 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9fbe85f42e8ae8ae41cc12df5f98b141
949fa36ff0f22f72565fd584bef094dd4de23037
184d3e4df4bce559b4d7c4836372f5fd2de9782a96b04d364230b7d695d737d8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "184D3E4DF4BCE559B4D7C4836372F5FD2DE9782A96B04D364230B7D695D737D8"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19797
Expires: Fri, 27 Jan 2023 03:04:47 GMT
Date: Thu, 26 Jan 2023 21:34:50 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 26 Jan 2023 20:42:56 GMT
content-type: application/json
age: 3114
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
69f73ac59327cd9ad7d99816ccfcc03e
c54844f82dbee0d5ee4c8ce344eb0139373e6c6b
e81c685b2d8f0e31b89e5cfc911a2c5a99a556646830ac5a8468d991b5e871a3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E81C685B2D8F0E31B89E5CFC911A2C5A99A556646830AC5A8468D991B5E871A3"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8543
Expires: Thu, 26 Jan 2023 23:57:13 GMT
Date: Thu, 26 Jan 2023 21:34:50 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: cRBypmA5dfpuZIUsEspFHhddQ/9j/U6Ow3AawA+hRVNOVMQE4sxtS6M4SswMAmXAWyMmXlO3aVc=
x-amz-request-id: TJS8SC5PGNDPK8FG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 26 Jan 2023 20:49:08 GMT
age: 2742
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 21:34:50 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

oidc.idp.elogin.e-access.att-itservices.sbs/img/att_logo_97x40.png

81.161.229.180

200 OK

3.3 kB

URL HTTP/2
oidc.idp.elogin.e-access.att-itservices.sbs/img/att_logo_97x40.png
IP
81.161.229.180:0
ASN
#0

File type
PNG image data, 97 x 40, 8-bit/color RGBA, non-interlaced\012- data
Size
3.3 kB (3312 bytes)
Hash
56fd5c8a0f89f1270fc4fa97609e77dc
51ea4228607a97fa930275e2ca88f4dd6613703d
5f43c44a03507663f45f0275597874d6ed132cf38a09775d997ba3669f64edb4

HTTP Headers

GET /img/att_logo_97x40.png HTTP/1.1
Host: oidc.idp.elogin.e-access.att-itservices.sbs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://oidc.idp.elogin.e-access.att-itservices.sbs/lrr/attLRR/LrrController?policy2023_view=true
Connection: keep-alive
Cookie: connect.sid=s%3AkavdXEPD_3ewAYeM87asV6gu4MC0s4PK.RWR6h%2FX5HwQt9Z2UaVJU8hdEgKq%2BZm7%2BKDRM0nY4V8k
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 21:34:50 GMT
content-type: image/png
content-length: 3312
x-powered-by: Express
accept-ranges: bytes
cache-control: public, max-age=0
last-modified: Wed, 09 Nov 2022 16:20:45 GMT
etag: W/"cf0-1845d31a348"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
permissions-policy: interest-cohort=()
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

oidc.idp.elogin.e-access.att-itservices.sbs/img/GLO_Question_Icon.png

81.161.229.180

200 OK

223 B

URL HTTP/2
oidc.idp.elogin.e-access.att-itservices.sbs/img/GLO_Question_Icon.png
IP
81.161.229.180:0
ASN
#0

File type
PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced\012- data
Size
223 B (223 bytes)
Hash
c96346f4c48d5dc2d54880eae4b9efd4
2ee7b337a7be077deb01912b68d08066b61426e1
4a6500fffb1823beca8bd2c203014d05111e97a82dbbb8516a642abb03bf7bf2

HTTP Headers

GET /img/GLO_Question_Icon.png HTTP/1.1
Host: oidc.idp.elogin.e-access.att-itservices.sbs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://oidc.idp.elogin.e-access.att-itservices.sbs/lrr/attLRR/LrrController?policy2023_view=true
Connection: keep-alive
Cookie: connect.sid=s%3AkavdXEPD_3ewAYeM87asV6gu4MC0s4PK.RWR6h%2FX5HwQt9Z2UaVJU8hdEgKq%2BZm7%2BKDRM0nY4V8k
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 21:34:50 GMT
content-type: image/png
content-length: 223
x-powered-by: Express
accept-ranges: bytes
cache-control: public, max-age=0
last-modified: Wed, 09 Nov 2022 16:20:43 GMT
etag: W/"df-1845d319b78"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
permissions-policy: interest-cohort=()
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

oidc.idp.elogin.e-access.att-itservices.sbs/img/mobileKeyImg.png

81.161.229.180

200 OK

2.1 kB

URL HTTP/2
oidc.idp.elogin.e-access.att-itservices.sbs/img/mobileKeyImg.png
IP
81.161.229.180:0
ASN
#0

File type
PNG image data, 63 x 63, 8-bit/color RGBA, non-interlaced\012- data
Size
2.1 kB (2132 bytes)
Hash
a671002c729f5b896aece2eff5f4dd0a
6cdf6455b0a1ed5d98997f8e8b01c45c442e7d15
af15a53c5aa232d5e484741b3ee4cb79a9389722511b68d8a6ed32d8187ff6e7

HTTP Headers

GET /img/mobileKeyImg.png HTTP/1.1
Host: oidc.idp.elogin.e-access.att-itservices.sbs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://oidc.idp.elogin.e-access.att-itservices.sbs/lrr/attLRR/LrrController?policy2023_view=true
Connection: keep-alive
Cookie: connect.sid=s%3AkavdXEPD_3ewAYeM87asV6gu4MC0s4PK.RWR6h%2FX5HwQt9Z2UaVJU8hdEgKq%2BZm7%2BKDRM0nY4V8k
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 21:34:50 GMT
content-type: image/png
content-length: 2132
x-powered-by: Express
accept-ranges: bytes
cache-control: public, max-age=0
last-modified: Wed, 09 Nov 2022 16:20:40 GMT
etag: W/"854-1845d318fc0"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
permissions-policy: interest-cohort=()
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

oidc.idp.elogin.e-access.att-itservices.sbs/img/rsaImg.png

81.161.229.180

200 OK

2.2 kB

URL HTTP/2
oidc.idp.elogin.e-access.att-itservices.sbs/img/rsaImg.png
IP
81.161.229.180:0
ASN
#0

File type
PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced\012- data
Size
2.2 kB (2185 bytes)
Hash
dbe36132958eec6cec6d5c578e629f00
622f0705755b9e13eb5c247e5ee836f61c8ae89a
b49473946e0f559b9aacced166135ed5197eff465359dc8c16b3d275902d3c1f

HTTP Headers

GET /img/rsaImg.png HTTP/1.1
Host: oidc.idp.elogin.e-access.att-itservices.sbs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://oidc.idp.elogin.e-access.att-itservices.sbs/lrr/attLRR/LrrController?policy2023_view=true
Connection: keep-alive
Cookie: connect.sid=s%3AkavdXEPD_3ewAYeM87asV6gu4MC0s4PK.RWR6h%2FX5HwQt9Z2UaVJU8hdEgKq%2BZm7%2BKDRM0nY4V8k
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 21:34:50 GMT
content-type: image/png
content-length: 2185
x-powered-by: Express
accept-ranges: bytes
cache-control: public, max-age=0
last-modified: Wed, 09 Nov 2022 16:20:38 GMT
etag: W/"889-1845d3187f0"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
permissions-policy: interest-cohort=()
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

oidc.idp.elogin.e-access.att-itservices.sbs/img/mtipsLogo.png

81.161.229.180

200 OK

9.9 kB

URL HTTP/2
oidc.idp.elogin.e-access.att-itservices.sbs/img/mtipsLogo.png
IP
81.161.229.180:0
ASN
#0

File type
PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
9.9 kB (9916 bytes)
Hash
a57743c06712e59fa3ab8be2fcf80820
b8efd86120e7aa08635f7239e691324bdea1da04
1e72341a06438f1ae82a3e9204b5f788179e0d7da87738c6fe8f4894dad63f65

HTTP Headers

GET /img/mtipsLogo.png HTTP/1.1
Host: oidc.idp.elogin.e-access.att-itservices.sbs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://oidc.idp.elogin.e-access.att-itservices.sbs/lrr/attLRR/LrrController?policy2023_view=true
Connection: keep-alive
Cookie: connect.sid=s%3AkavdXEPD_3ewAYeM87asV6gu4MC0s4PK.RWR6h%2FX5HwQt9Z2UaVJU8hdEgKq%2BZm7%2BKDRM0nY4V8k
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 21:34:50 GMT
content-type: image/png
content-length: 9916
x-powered-by: Express
accept-ranges: bytes
cache-control: public, max-age=0
last-modified: Wed, 09 Nov 2022 16:20:40 GMT
etag: W/"26bc-1845d318fc0"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
permissions-policy: interest-cohort=()
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

oidc.idp.elogin.e-access.att-itservices.sbs/img/flat_faq-reverse_icon_rgb_blu_modified_18x18.png

81.161.229.180

200 OK

1.0 kB

URL HTTP/2
oidc.idp.elogin.e-access.att-itservices.sbs/img/flat_faq-reverse_icon_rgb_blu_modified_18x18.png
IP
81.161.229.180:0
ASN
#0

File type
PNG image data, 18 x 18, 8-bit colormap, non-interlaced\012- data
Size
1.0 kB (1023 bytes)
Hash
31d0ba228aa0e675f4f39090921be708
f8bdc72c83dbd06d820a834c3426ba504f3dde12
287e57ae4b394a4912f51899e4537fb4a9c3a9f307ad0e1f539f8aeb46bdb042

HTTP Headers

GET /img/flat_faq-reverse_icon_rgb_blu_modified_18x18.png HTTP/1.1
Host: oidc.idp.elogin.e-access.att-itservices.sbs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://oidc.idp.elogin.e-access.att-itservices.sbs/lrr/attLRR/LrrController?policy2023_view=true
Connection: keep-alive
Cookie: connect.sid=s%3AkavdXEPD_3ewAYeM87asV6gu4MC0s4PK.RWR6h%2FX5HwQt9Z2UaVJU8hdEgKq%2BZm7%2BKDRM0nY4V8k
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 21:34:50 GMT
content-type: image/png
content-length: 1023
x-powered-by: Express
accept-ranges: bytes
cache-control: public, max-age=0
last-modified: Wed, 09 Nov 2022 16:20:44 GMT
etag: W/"3ff-1845d319f60"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
permissions-policy: interest-cohort=()
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

oidc.idp.elogin.e-access.att-itservices.sbs/img/howto-for-mobile-devices.gif

81.161.229.180

200 OK

97 kB

URL HTTP/2
oidc.idp.elogin.e-access.att-itservices.sbs/img/howto-for-mobile-devices.gif
IP
81.161.229.180:0
ASN
#0

File type
GIF image data, version 89a, 335 x 190\012- data
Size
97 kB (96851 bytes)
Hash
da69b029d4aa104b7137bf89cc4cd837
72703081d613e806e8bc8f16197760918ec30034
44f2d8ede3c0a0af465e298c70249dc11e197ab27f989a8533b711390cd4b3e5

HTTP Headers

GET /img/howto-for-mobile-devices.gif HTTP/1.1
Host: oidc.idp.elogin.e-access.att-itservices.sbs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://oidc.idp.elogin.e-access.att-itservices.sbs/lrr/attLRR/LrrController?policy2023_view=true
Connection: keep-alive
Cookie: connect.sid=s%3AkavdXEPD_3ewAYeM87asV6gu4MC0s4PK.RWR6h%2FX5HwQt9Z2UaVJU8hdEgKq%2BZm7%2BKDRM0nY4V8k
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 21:34:50 GMT
content-type: image/gif
content-length: 96851
x-powered-by: Express
accept-ranges: bytes
cache-control: public, max-age=0
last-modified: Wed, 09 Nov 2022 16:20:41 GMT
etag: W/"17a53-1845d3193a8"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
permissions-policy: interest-cohort=()
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

oidc.idp.elogin.e-access.att-itservices.sbs/img/flat_check_icon_rgb_wht.png

81.161.229.180

200 OK

9.4 kB

URL HTTP/2
oidc.idp.elogin.e-access.att-itservices.sbs/img/flat_check_icon_rgb_wht.png
IP
81.161.229.180:0
ASN
#0

File type
PNG image data, 750 x 750, 8-bit/color RGBA, non-interlaced\012- data
Size
9.4 kB (9394 bytes)
Hash
b00a0cdf5bc8e1aeae8c4e9f1a60cc3b
be00ce2f36527eb6013bfcd3597a875a7edf577b
adcfe7d308651f937a03cf9b9bdd684074a95be39186aa8cd229b57485f929b8

HTTP Headers

GET /img/flat_check_icon_rgb_wht.png HTTP/1.1
Host: oidc.idp.elogin.e-access.att-itservices.sbs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://oidc.idp.elogin.e-access.att-itservices.sbs/css/checkbox.css
Connection: keep-alive
Cookie: connect.sid=s%3AkavdXEPD_3ewAYeM87asV6gu4MC0s4PK.RWR6h%2FX5HwQt9Z2UaVJU8hdEgKq%2BZm7%2BKDRM0nY4V8k
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 21:34:50 GMT
content-type: image/png
content-length: 9394
x-powered-by: Express
accept-ranges: bytes
cache-control: public, max-age=0
last-modified: Wed, 09 Nov 2022 16:20:44 GMT
etag: W/"24b2-1845d319f60"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
permissions-policy: interest-cohort=()
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

oidc.idp.elogin.e-access.att-itservices.sbs/css/checkbox.css

81.161.229.180

200 OK

24 kB

URL HTTP/2
oidc.idp.elogin.e-access.att-itservices.sbs/css/checkbox.css
IP
81.161.229.180:0
ASN
#0

File type
data
Size
24 kB (23642 bytes)
Hash
b0219e2f660c62ea812d58e663d91655
1345c2ce01499d3a7f2b620c97eee88bf4f78cf9
ab6f55f025ad3b304b6260a3f00f8d7f2b429e6b927a981edf2df0c46121c4d8

HTTP Headers

GET /css/checkbox.css HTTP/1.1
Host: oidc.idp.elogin.e-access.att-itservices.sbs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://oidc.idp.elogin.e-access.att-itservices.sbs/lrr/attLRR/LrrController?policy2023_view=true
Connection: keep-alive
Cookie: connect.sid=s%3AkavdXEPD_3ewAYeM87asV6gu4MC0s4PK.RWR6h%2FX5HwQt9Z2UaVJU8hdEgKq%2BZm7%2BKDRM0nY4V8k
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 21:34:50 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
x-powered-by: Express
cache-control: public, max-age=0
last-modified: Wed, 09 Nov 2022 16:20:48 GMT
etag: W/"c09-1845d31af00"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
permissions-policy: interest-cohort=()
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2

oidc.idp.elogin.e-access.att-itservices.sbs/css/cato.css

81.161.229.180

200 OK

24 kB

URL HTTP/2
oidc.idp.elogin.e-access.att-itservices.sbs/css/cato.css
IP
81.161.229.180:0
ASN
#0

File type
data
Size
24 kB (24079 bytes)
Hash
45cae20631235a2cfa3f73522ef2cbe4
4e36a7f09cc55742a0973f7530d6ae36f9cce346
e1ba1a4a84572687ad9c1cc817f4746192d30d59999ad671710d74c432e4f990

HTTP Headers

GET /css/cato.css HTTP/1.1
Host: oidc.idp.elogin.e-access.att-itservices.sbs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://oidc.idp.elogin.e-access.att-itservices.sbs/lrr/attLRR/LrrController?policy2023_view=true
Connection: keep-alive
Cookie: connect.sid=s%3AkavdXEPD_3ewAYeM87asV6gu4MC0s4PK.RWR6h%2FX5HwQt9Z2UaVJU8hdEgKq%2BZm7%2BKDRM0nY4V8k
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 21:34:50 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
x-powered-by: Express
cache-control: public, max-age=0
last-modified: Wed, 09 Nov 2022 16:20:49 GMT
etag: W/"f0-1845d31b2e8"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
permissions-policy: interest-cohort=()
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2

oidc.idp.elogin.e-access.att-itservices.sbs/fonts/WOFF/ATTAleckSans_W_Bd.woff

81.161.229.180

200 OK

23 kB

URL HTTP/2
oidc.idp.elogin.e-access.att-itservices.sbs/fonts/WOFF/ATTAleckSans_W_Bd.woff
IP
81.161.229.180:0
ASN
#0

File type
Web Open Font Format, TrueType, length 23052, version 1.0\012- data
Size
23 kB (23052 bytes)
Hash
98fa0438e4d560c3e3f8e6279696d769
5ef54b90902a66115cee8d30ba71c21a8e2f3d15
f13ffc0adc7e47990e67bcfb8f355a65c29361b12f0f20d5067ac880393685bc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /fonts/WOFF/ATTAleckSans_W_Bd.woff HTTP/1.1
Host: oidc.idp.elogin.e-access.att-itservices.sbs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://oidc.idp.elogin.e-access.att-itservices.sbs/css/fonts.css
Connection: keep-alive
Cookie: connect.sid=s%3AkavdXEPD_3ewAYeM87asV6gu4MC0s4PK.RWR6h%2FX5HwQt9Z2UaVJU8hdEgKq%2BZm7%2BKDRM0nY4V8k
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 21:34:50 GMT
content-type: font/woff
content-length: 23052
x-powered-by: Express
accept-ranges: bytes
cache-control: public, max-age=0
last-modified: Wed, 09 Nov 2022 16:20:47 GMT
etag: W/"5a0c-1845d31ab18"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
permissions-policy: interest-cohort=()
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

oidc.idp.elogin.e-access.att-itservices.sbs/favicon.ico

81.161.229.180

200 OK

1.2 kB

URL HTTP/2
oidc.idp.elogin.e-access.att-itservices.sbs/favicon.ico
IP
81.161.229.180:0
ASN
#0

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
8cc5501351f013de0ce76fa0a2c59d50
ccc13ea6e1bf7ca9fe31b0dd997981fa8ec6a2e1
42938b72e2ec54515eb9c49145f42b8728cfc0b70170f80aef58ce93032b1c1d

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: oidc.idp.elogin.e-access.att-itservices.sbs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://oidc.idp.elogin.e-access.att-itservices.sbs/lrr/attLRR/LrrController?policy2023_view=true
Connection: keep-alive
Cookie: connect.sid=s%3AkavdXEPD_3ewAYeM87asV6gu4MC0s4PK.RWR6h%2FX5HwQt9Z2UaVJU8hdEgKq%2BZm7%2BKDRM0nY4V8k
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 21:34:50 GMT
content-type: image/x-icon
content-length: 1150
x-powered-by: Express
accept-ranges: bytes
cache-control: public, max-age=0
last-modified: Wed, 09 Nov 2022 16:20:29 GMT
etag: W/"47e-1845d3164c8"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
permissions-policy: interest-cohort=()
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

oidc.idp.elogin.e-access.att-itservices.sbs/lrr/attLRR/LrrController?policy2023_view=true

81.161.229.180

200 OK

20 kB

URL HTTP/2
oidc.idp.elogin.e-access.att-itservices.sbs/lrr/attLRR/LrrController?policy2023_view=true
IP
81.161.229.180:0
ASN
#0

File type
data
Size
20 kB (20511 bytes)
Hash
61430bec6d5d2d1014cd76045c8ba933
627bf2622c6b6f02494b5c2d7ed59598bbc06ab3
30fac2b9b86c393241e965fd1c513b1960f6d104b2b2a424184c91be86b07bdb

HTTP Headers

GET /lrr/attLRR/LrrController?policy2023_view=true HTTP/1.1
Host: oidc.idp.elogin.e-access.att-itservices.sbs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 21:34:50 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-powered-by: Express
etag: W/"224b8-Twhov/UfPrJM9JMfxlASHJeSlV8"
set-cookie: connect.sid=s%3AkavdXEPD_3ewAYeM87asV6gu4MC0s4PK.RWR6h%2FX5HwQt9Z2UaVJU8hdEgKq%2BZm7%2BKDRM0nY4V8k; Path=/; HttpOnly
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
permissions-policy: interest-cohort=()
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c398b6b39d11d25b8ae9bc5cd94a1c98
640aa8c399ced71d0c2a9f5a90fbaf091b01d642
a6f07f7c6a4746acc25457c726701df33120628dfb578bc4982448d8efee5855

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A6F07F7C6A4746ACC25457C726701DF33120628DFB578BC4982448D8EFEE5855"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16129
Expires: Fri, 27 Jan 2023 02:03:40 GMT
Date: Thu, 26 Jan 2023 21:34:51 GMT
Connection: keep-alive

push.services.mozilla.com/

44.228.230.125

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.228.230.125:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: aKEf5IPglLRDEfFadpeycA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: tuw0qUS+zDzme2J1dNqn9Fzhug8=

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16389
Expires: Fri, 27 Jan 2023 02:08:01 GMT
Date: Thu, 26 Jan 2023 21:34:52 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16389
Expires: Fri, 27 Jan 2023 02:08:01 GMT
Date: Thu, 26 Jan 2023 21:34:52 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16389
Expires: Fri, 27 Jan 2023 02:08:01 GMT
Date: Thu, 26 Jan 2023 21:34:52 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16389
Expires: Fri, 27 Jan 2023 02:08:01 GMT
Date: Thu, 26 Jan 2023 21:34:52 GMT
Connection: keep-alive

oidc.idp.elogin.e-access.att-itservices.sbs/js/jquery.blockUI.js

81.161.229.180

200 OK

9.6 kB

URL HTTP/2
oidc.idp.elogin.e-access.att-itservices.sbs/js/jquery.blockUI.js
IP
81.161.229.180:0
ASN
#0

File type
data
Size
9.6 kB (9596 bytes)
Hash
1fef4e0e0083b1d4ffa11849a3d54c14
c072cbd99f2c0f92ffca863a9d35854d4f574c33
7d0bf710fb5992335e376c69003a7a454d4710668bb8a1292c673a9922120a66

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/jquery.blockUI.js HTTP/1.1
Host: oidc.idp.elogin.e-access.att-itservices.sbs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://oidc.idp.elogin.e-access.att-itservices.sbs/lrr/attLRR/LrrController?policy2023_view=true
Connection: keep-alive
Cookie: connect.sid=s%3AkavdXEPD_3ewAYeM87asV6gu4MC0s4PK.RWR6h%2FX5HwQt9Z2UaVJU8hdEgKq%2BZm7%2BKDRM0nY4V8k
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 21:34:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-powered-by: Express
cache-control: public, max-age=0
last-modified: Wed, 09 Nov 2022 16:20:32 GMT
etag: W/"2746-1845d317080"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
permissions-policy: interest-cohort=()
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2

oidc.idp.elogin.e-access.att-itservices.sbs/js/att_common.js

81.161.229.180

200 OK

138 kB

URL HTTP/2
oidc.idp.elogin.e-access.att-itservices.sbs/js/att_common.js
IP
81.161.229.180:0
ASN
#0

File type
data
Size
138 kB (137779 bytes)
Hash
8581f7e8b5e8cb01cd3d244352a2e67e
f226d17893c928d48ca71a27177e9d2ad8e5896f
383b43d05ec40892972d767a3dab6d1ea915653307db801371e7037db8dd21d9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/att_common.js HTTP/1.1
Host: oidc.idp.elogin.e-access.att-itservices.sbs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://oidc.idp.elogin.e-access.att-itservices.sbs/lrr/attLRR/LrrController?policy2023_view=true
Connection: keep-alive
Cookie: connect.sid=s%3AkavdXEPD_3ewAYeM87asV6gu4MC0s4PK.RWR6h%2FX5HwQt9Z2UaVJU8hdEgKq%2BZm7%2BKDRM0nY4V8k
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 21:34:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-powered-by: Express
cache-control: public, max-age=0
last-modified: Wed, 09 Nov 2022 16:20:36 GMT
etag: W/"3a925-1845d318020"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
permissions-policy: interest-cohort=()
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12758 bytes)
Hash
7458f7a9b2070055df6f1d496794e43e
0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9
373097662c419eef9f4a19ce9f3bcead70f6eafbf0acf44806685eece43ce251

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12758
x-amzn-requestid: c3540562-8c62-4957-9528-7ae952daebaa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9gf1E87oAMFpsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c87acb-49fd3f78275937e24d23fca3;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 23:03:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mjK4GJ3UCEuHk4XqmXdZCWHTVvJeX8Z2HFaem2GYzqfqlPSd_h6DfA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 05:14:39 GMT
age: 58813
etag: "0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a8a63ec-e0a4-4297-b143-649ad3968ae8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9595 bytes)
Hash
f62e9b7bdca82d18c945851912d8fea8
a7ca44d337c43bc5c6145b26778661c71cc50484
5da02cc405c1cada55813ffe376844375f1d6ad222cbb63405348b1f5132a0b1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a8a63ec-e0a4-4297-b143-649ad3968ae8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9595
x-amzn-requestid: c257bfbe-1bd7-4540-bbfa-e4c49a2624a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUXwfGigoAMFvBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a002-226c08656eeefbfa3c2dddb6;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:32:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k9njnQmggD7UkVJzZqSzo90HJJjTjGK0QIoPU0HWYKrSstjM6s1rOw==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:49:37 GMT
age: 85515
etag: "a7ca44d337c43bc5c6145b26778661c71cc50484"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46a5d7d6-d259-4246-b28c-8e4355fbc747.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.6 kB (6609 bytes)
Hash
b242645f0cc22e3b12c132e6d03722ac
dec70f83182de58e03bfcb95fc240b7c33f20674
59a2d8c972d27598dfe38637197f90053186c4f68b80a5a90283cb11ddaf8a31

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46a5d7d6-d259-4246-b28c-8e4355fbc747.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6609
x-amzn-requestid: 129067f4-c79b-493d-8863-2eb6c1565ee6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fSZABF4IIAMFsig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0d533-4908ab6e5c751213084de3c6;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 07:07:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CaxCPk4-9yhypamZa96f4IyujB3AMeGmpcYP1UmJtjp275dwFjVOcw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 07:21:33 GMT
age: 51199
etag: "dec70f83182de58e03bfcb95fc240b7c33f20674"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8017df09-37d9-4c4b-9051-0442b3eb8fbf.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.3 kB (9285 bytes)
Hash
17e1b6f3caa98b0e0972802408dd3f93
07e48bf3565e00d093d72dd4ada606f5d39a4838
7094ef64e04573bea7a81bbcc8ab59d721c5ef433e3fa9203e5861040ced549c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8017df09-37d9-4c4b-9051-0442b3eb8fbf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9285
x-amzn-requestid: 526bd945-31d8-490e-af9d-5e6fc6ea3561
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUYT2HzvoAMFYYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a0e5-6812fe4354bbdac4472e7e81;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:36:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QEH9CmjfV8QZFNxFz_tEk06i_ELUSNC2QjdTF4K3xc3vS651BZ3NlQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:52:28 GMT
age: 85344
etag: "07e48bf3565e00d093d72dd4ada606f5d39a4838"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

oidc.idp.elogin.e-access.att-itservices.sbs/css/fonts.css

81.161.229.180

200 OK

0 B

URL HTTP/2
oidc.idp.elogin.e-access.att-itservices.sbs/css/fonts.css
IP
81.161.229.180:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css/fonts.css HTTP/1.1
Host: oidc.idp.elogin.e-access.att-itservices.sbs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://oidc.idp.elogin.e-access.att-itservices.sbs/lrr/attLRR/LrrController?policy2023_view=true
Connection: keep-alive
Cookie: connect.sid=s%3AkavdXEPD_3ewAYeM87asV6gu4MC0s4PK.RWR6h%2FX5HwQt9Z2UaVJU8hdEgKq%2BZm7%2BKDRM0nY4V8k
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 21:34:50 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
x-powered-by: Express
cache-control: public, max-age=0
last-modified: Wed, 09 Nov 2022 16:20:48 GMT
etag: W/"29c-1845d31af00"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
permissions-policy: interest-cohort=()
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2

oidc.idp.elogin.e-access.att-itservices.sbs/js/backEndFunctions.js

81.161.229.180

200 OK

0 B

URL HTTP/2
oidc.idp.elogin.e-access.att-itservices.sbs/js/backEndFunctions.js
IP
81.161.229.180:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/backEndFunctions.js HTTP/1.1
Host: oidc.idp.elogin.e-access.att-itservices.sbs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://oidc.idp.elogin.e-access.att-itservices.sbs/lrr/attLRR/LrrController?policy2023_view=true
Connection: keep-alive
Cookie: connect.sid=s%3AkavdXEPD_3ewAYeM87asV6gu4MC0s4PK.RWR6h%2FX5HwQt9Z2UaVJU8hdEgKq%2BZm7%2BKDRM0nY4V8k
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 21:34:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-powered-by: Express
cache-control: public, max-age=0
last-modified: Wed, 09 Nov 2022 16:20:34 GMT
etag: W/"1c5a-1845d317850"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
permissions-policy: interest-cohort=()
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2

oidc.idp.elogin.e-access.att-itservices.sbs/js/ie7.js

81.161.229.180

200 OK

0 B

URL HTTP/2
oidc.idp.elogin.e-access.att-itservices.sbs/js/ie7.js
IP
81.161.229.180:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/ie7.js HTTP/1.1
Host: oidc.idp.elogin.e-access.att-itservices.sbs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://oidc.idp.elogin.e-access.att-itservices.sbs/lrr/attLRR/LrrController?policy2023_view=true
Connection: keep-alive
Cookie: connect.sid=s%3AkavdXEPD_3ewAYeM87asV6gu4MC0s4PK.RWR6h%2FX5HwQt9Z2UaVJU8hdEgKq%2BZm7%2BKDRM0nY4V8k
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 21:34:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-powered-by: Express
cache-control: public, max-age=0
last-modified: Wed, 09 Nov 2022 16:20:33 GMT
etag: W/"14e2-1845d317468"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
permissions-policy: interest-cohort=()
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2

oidc.idp.elogin.e-access.att-itservices.sbs/js/utilities.js

81.161.229.180

200 OK

0 B

URL HTTP/2
oidc.idp.elogin.e-access.att-itservices.sbs/js/utilities.js
IP
81.161.229.180:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/utilities.js HTTP/1.1
Host: oidc.idp.elogin.e-access.att-itservices.sbs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://oidc.idp.elogin.e-access.att-itservices.sbs/lrr/attLRR/LrrController?policy2023_view=true
Connection: keep-alive
Cookie: connect.sid=s%3AkavdXEPD_3ewAYeM87asV6gu4MC0s4PK.RWR6h%2FX5HwQt9Z2UaVJU8hdEgKq%2BZm7%2BKDRM0nY4V8k
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 21:34:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-powered-by: Express
cache-control: public, max-age=0
last-modified: Wed, 09 Nov 2022 16:20:30 GMT
etag: W/"5d5-1845d3168b0"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
permissions-policy: interest-cohort=()
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2

oidc.idp.elogin.e-access.att-itservices.sbs/css/main.css

81.161.229.180

200 OK

0 B

URL HTTP/2
oidc.idp.elogin.e-access.att-itservices.sbs/css/main.css
IP
81.161.229.180:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css/main.css HTTP/1.1
Host: oidc.idp.elogin.e-access.att-itservices.sbs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://oidc.idp.elogin.e-access.att-itservices.sbs/lrr/attLRR/LrrController?policy2023_view=true
Connection: keep-alive
Cookie: connect.sid=s%3AkavdXEPD_3ewAYeM87asV6gu4MC0s4PK.RWR6h%2FX5HwQt9Z2UaVJU8hdEgKq%2BZm7%2BKDRM0nY4V8k
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 21:34:50 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
x-powered-by: Express
cache-control: public, max-age=0
last-modified: Wed, 09 Nov 2022 16:20:47 GMT
etag: W/"71e7-1845d31ab18"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
permissions-policy: interest-cohort=()
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2

oidc.idp.elogin.e-access.att-itservices.sbs/js/jquery-1.12.4.min.js

81.161.229.180

200 OK

0 B

URL HTTP/2
oidc.idp.elogin.e-access.att-itservices.sbs/js/jquery-1.12.4.min.js
IP
81.161.229.180:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/jquery-1.12.4.min.js HTTP/1.1
Host: oidc.idp.elogin.e-access.att-itservices.sbs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://oidc.idp.elogin.e-access.att-itservices.sbs/lrr/attLRR/LrrController?policy2023_view=true
Connection: keep-alive
Cookie: connect.sid=s%3AkavdXEPD_3ewAYeM87asV6gu4MC0s4PK.RWR6h%2FX5HwQt9Z2UaVJU8hdEgKq%2BZm7%2BKDRM0nY4V8k
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 21:34:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-powered-by: Express
cache-control: public, max-age=0
last-modified: Wed, 09 Nov 2022 16:20:33 GMT
etag: W/"17b8b-1845d317468"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
permissions-policy: interest-cohort=()
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2

oidc.idp.elogin.e-access.att-itservices.sbs/js/mk.js

81.161.229.180

200 OK

0 B

URL HTTP/2
oidc.idp.elogin.e-access.att-itservices.sbs/js/mk.js
IP
81.161.229.180:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/mk.js HTTP/1.1
Host: oidc.idp.elogin.e-access.att-itservices.sbs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://oidc.idp.elogin.e-access.att-itservices.sbs/lrr/attLRR/LrrController?policy2023_view=true
Connection: keep-alive
Cookie: connect.sid=s%3AkavdXEPD_3ewAYeM87asV6gu4MC0s4PK.RWR6h%2FX5HwQt9Z2UaVJU8hdEgKq%2BZm7%2BKDRM0nY4V8k
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 21:34:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-powered-by: Express
cache-control: public, max-age=0
last-modified: Wed, 09 Nov 2022 16:20:31 GMT
etag: W/"3338-1845d316c98"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
permissions-policy: interest-cohort=()
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2

oidc.idp.elogin.e-access.att-itservices.sbs/js/script.js

81.161.229.180

200 OK

0 B

URL HTTP/2
oidc.idp.elogin.e-access.att-itservices.sbs/js/script.js
IP
81.161.229.180:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/script.js HTTP/1.1
Host: oidc.idp.elogin.e-access.att-itservices.sbs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://oidc.idp.elogin.e-access.att-itservices.sbs/lrr/attLRR/LrrController?policy2023_view=true
Connection: keep-alive
Cookie: connect.sid=s%3AkavdXEPD_3ewAYeM87asV6gu4MC0s4PK.RWR6h%2FX5HwQt9Z2UaVJU8hdEgKq%2BZm7%2BKDRM0nY4V8k
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 21:34:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-powered-by: Express
cache-control: public, max-age=0
last-modified: Wed, 09 Nov 2022 16:20:31 GMT
etag: W/"14ac2-1845d316c98"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
permissions-policy: interest-cohort=()
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2

oidc.idp.elogin.e-access.att-itservices.sbs/img/safeNetLogo.svg

81.161.229.180

200 OK

0 B

URL HTTP/2
oidc.idp.elogin.e-access.att-itservices.sbs/img/safeNetLogo.svg
IP
81.161.229.180:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/safeNetLogo.svg HTTP/1.1
Host: oidc.idp.elogin.e-access.att-itservices.sbs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://oidc.idp.elogin.e-access.att-itservices.sbs/lrr/attLRR/LrrController?policy2023_view=true
Connection: keep-alive
Cookie: connect.sid=s%3AkavdXEPD_3ewAYeM87asV6gu4MC0s4PK.RWR6h%2FX5HwQt9Z2UaVJU8hdEgKq%2BZm7%2BKDRM0nY4V8k
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 21:34:50 GMT
content-type: image/svg+xml
vary: Accept-Encoding
x-powered-by: Express
cache-control: public, max-age=0
last-modified: Wed, 09 Nov 2022 16:20:38 GMT
etag: W/"63786-1845d3187f0"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
permissions-policy: interest-cohort=()
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (12)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML