Report - www.attemplate.com/nam/ae5b7749-9cf6-4462-87d2-968f84423e47/fe2bd7cf-1e2f-4fce-a0f0-2077f060a4dd/00399d01-229f-489d-8a73-d250721e3979/login?id=a2dTd1NHM1poNUlZcUwreis2ZFRXR3JiMlUxekJKOEt6TXg3SE5LSEMxQWZMMG03cGZ1a0lMdTNCZndOM09iT3ZZTkVXMmFPQ0xRam1QQmtKR3JWbFhQbWJ6WjRwai9YYXJ2UEIxYitCLzNHK04xV2Q2QWFjZmFLaUcvbmxhejkrZHY1NVM4QkRxV2F3ampYaXQrUWNkLzQvVzlVcTZVK2tKalNxaG1Ic2t4MERMRzBwaWtsVDRVbk95dUd3RW1NeWlxMXA5TC8rVmMvMk1XdU5GVHNtSm55SHZaWCtPcmpWekNCZVFER1VudVhydXhYdGVFY01URDRWcFIrYXdnYWc1cGU0WkJpR2NkVTRLUUNib3JVbFlVR3ZsOUdQOUdaMTIvQmF2TmVzUUM4VUgzdG1oVGE4YTdreVBWaUo3NERUL1ZkY2hUNllhOStkMmxNbEhFQjdoT0cwSzlURmllQ3dpbjk2MlNiczYrNlBCM0pXWVlGQnVTK3Buc29kZHdm

Report Overview

Submitted URL
www.attemplate.com/nam/ae5b7749-9cf6-4462-87d2-968f84423e47/fe2bd7cf-1e2f-4fce-a0f0-2077f060a4dd/00399d01-229f-489d-8a73-d250721e3979/login?id=a2dTd1NHM1poNUlZcUwreis2ZFRXR3JiMlUxekJKOEt6TXg3SE5LSEMxQWZMMG03cGZ1a0lMdTNCZndOM09iT3ZZTkVXMmFPQ0xRam1QQmtKR3JWbFhQbWJ6WjRwai9YYXJ2UEIxYitCLzNHK04xV2Q2QWFjZmFLaUcvbmxhejkrZHY1NVM4QkRxV2F3ampYaXQrUWNkLzQvVzlVcTZVK2tKalNxaG1Ic2t4MERMRzBwaWtsVDRVbk95dUd3RW1NeWlxMXA5TC8rVmMvMk1XdU5GVHNtSm55SHZaWCtPcmpWekNCZVFER1VudVhydXhYdGVFY01URDRWcFIrYXdnYWc1cGU0WkJpR2NkVTRLUUNib3JVbFlVR3ZsOUdQOUdaMTIvQmF2TmVzUUM4VUgzdG1oVGE4YTdreVBWaUo3NERUL1ZkY2hUNllhOStkMmxNbEhFQjdoT0cwSzlURmllQ3dpbjk2MlNiczYrNlBCM0pXWVlGQnVTK3Buc29kZHdm
IP
13.107.237.53
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Submitted
2023-02-01 13:32:21
Access
Website Title
Final URL
Tags
microsoft
urlquery detections
Phishing - Microsoft

Detections

urlquery
6
Network Intrusion Detection
5
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	54.185.138.177
secure.aadcdn.microsoftonline-p.com	11744	2012-09-28T18:15:01Z	2023-03-13T06:39:29Z	1.3 kB	48 kB	104.110.16.53
r4.res.office365.com	180	2017-03-03T13:49:03Z	2023-03-12T22:42:59Z	880 B	179 kB	95.101.10.208
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.4 kB	6.2 kB	23.36.76.226
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
www.attemplate.com	168105	2020-07-14T10:34:04Z	2023-03-13T08:23:51Z	28 kB	5.6 MB	13.107.237.53
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.3 kB	62 kB	34.120.237.76
oneocsp.microsoft.com	1473	2020-08-13T08:58:55Z	2023-03-13T05:09:17Z	1.4 kB	9.1 kB	204.79.197.203

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-02-01 13:32:30	low	Client IP	Internal IP	ET INFO Microsoft Attack Simulation Training Domain in DNS Lookup (attemplate .com)
2023-02-01 13:32:30	low	Client IP	Internal IP	ET INFO Microsoft Attack Simulation Training Domain in DNS Lookup (attemplate .com)
2023-02-01 13:32:30	low	13.107.237.53	Client IP	ET INFO Observed Microsoft Attack Simulation Training SSL Cert (attemplate .com)
2023-02-01 13:32:35	low	Client IP	Internal IP	ET INFO Microsoft Attack Simulation Training Domain in DNS Lookup (attemplate .com)
2023-02-01 13:32:35	low	Client IP	Internal IP	ET INFO Microsoft Attack Simulation Training Domain in DNS Lookup (attemplate .com)

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-01-31	medium	www.attemplate.com/nam/ae5b7749-9cf6-4462-87d2-968f84423e47/fe2bd7cf-1e2f-4fce-a0f0-2077f060a4dd/00399d01-229f-489d-8a73-d250721e3979/login?id=a2dTd1NHM1poNUlZcUwreis2ZFRXR3JiMlUxekJKOEt6TXg3SE5LSEMxQWZMMG03cGZ1a0lMdTNCZndOM09iT3ZZTkVXMmFPQ0xRam1QQmtKR3JWbFhQbWJ6WjRwai9YYXJ2UEIxYitCLzNHK04xV2Q2QWFjZmFLaUcvbmxhejkrZHY1NVM4QkRxV2F3ampYaXQrUWNkLzQvVzlVcTZVK2tKalNxaG1Ic2t4MERMRzBwaWtsVDRVbk95dUd3RW1NeWlxMXA5TC8rVmMvMk1XdU5GVHNtSm55SHZaWCtPcmpWekNCZVFER1VudVhydXhYdGVFY01URDRWcFIrYXdnYWc1cGU0WkJpR2NkVTRLUUNib3JVbFlVR3ZsOUdQOUdaMTIvQmF2TmVzUUM4VUgzdG1oVGE4YTdreVBWaUo3NERUL1ZkY2hUNllhOStkMmxNbEhFQjdoT0cwSzlURmllQ3dpbjk2MlNiczYrNlBCM0pXWVlGQnVTK3Buc29kZHdm	Outlook

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-01	medium	www.attemplate.com/nam/ae5b7749-9cf6-4462-87d2-968f84423e47/fe2bd7cf-1e2f-4fce-a0f0-2077f060a4dd/00399d01-229f-489d-8a73-d250721e3979/login?id=a2dTd1NHM1poNUlZcUwreis2ZFRXR3JiMlUxekJKOEt6TXg3SE5LSEMxQWZMMG03cGZ1a0lMdTNCZndOM09iT3ZZTkVXMmFPQ0xRam1QQmtKR3JWbFhQbWJ6WjRwai9YYXJ2UEIxYitCLzNHK04xV2Q2QWFjZmFLaUcvbmxhejkrZHY1NVM4QkRxV2F3ampYaXQrUWNkLzQvVzlVcTZVK2tKalNxaG1Ic2t4MERMRzBwaWtsVDRVbk95dUd3RW1NeWlxMXA5TC8rVmMvMk1XdU5GVHNtSm55SHZaWCtPcmpWekNCZVFER1VudVhydXhYdGVFY01URDRWcFIrYXdnYWc1cGU0WkJpR2NkVTRLUUNib3JVbFlVR3ZsOUdQOUdaMTIvQmF2TmVzUUM4VUgzdG1oVGE4YTdreVBWaUo3NERUL1ZkY2hUNllhOStkMmxNbEhFQjdoT0cwSzlURmllQ3dpbjk2MlNiczYrNlBCM0pXWVlGQnVTK3Buc29kZHdm	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (18)

	URL	Size	First Seen	Last Seen
	www.attemplate.com/Content/newSignInFiles/firstScript.js	54 kB	2023-03-07	2023-11-08
Pretty URL www.attemplate.com/Content/newSignInFiles/firstScript.js IP 13.107.237.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-11-08 19:12:42 Times Seen56 Hash 47a8ef7b2b7935647a084ddfd48bef89 7651b909aeee3e7c84dc3203a821f1267f44f92f 9379ff0c77be162cf90c75a24bf557433ae2612e05594988317f7fb4f164bda9 Loading...

	secure.aadcdn.microsoftonline-p.com/ests/2.1.7362.11/content/cdnbundles/frameworksupport.min.js	12 kB	2023-03-07	2023-04-01
Pretty URL secure.aadcdn.microsoftonline-p.com/ests/2.1.7362.11/content/cdnbundles/frameworksupport.min.js IP 104.110.16.53 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-04-01 11:16:27 Times Seen8 Hash b55a6463821a68f54a3888438ddd3dd1 cb1d9cc53904b1d3ef924cf10f8fc747dc04f51d 88a2cd50484dc544c495c777714fa6f87d0bde1329d1117fd0d664522577bb27 Loading...

	www.attemplate.com/Content/newSignInFiles/prefetch_1.html	1.9 kB	2023-03-07	2023-04-01
Pretty URL www.attemplate.com/Content/newSignInFiles/prefetch_1.html IP 13.107.237.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-04-01 11:16:27 Times Seen8 Hash 05dc58ba58975f98bbf4f48f21e234cb 7610b0032f2073231a3c2a39ad1d9d7e87ff1422 d22b93001fac13bd145370d6377a7fe2ebceff36fc612218aab69e45fd6c4f62 Loading...

	www.attemplate.com/Content/newSignInFiles/knockout-b324ae36.js	66 kB	2023-03-07	2023-11-08
Pretty URL www.attemplate.com/Content/newSignInFiles/knockout-b324ae36.js IP 13.107.237.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-11-08 19:12:43 Times Seen102 Hash 1fe900de2fc85937b8fd66b912d5ec98 1aa37910ecec33bee345da74cd5ee50feb85fbe1 5052bc6222b5c7990b21575a67fbeb1396e550fb03d11b86c9bc96dbb8a9e4e7 Loading...

	www.attemplate.com/Content/newSignInFiles/react-e173c92e.js	151 kB	2023-03-07	2023-11-08
Pretty URL www.attemplate.com/Content/newSignInFiles/react-e173c92e.js IP 13.107.237.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-11-08 19:12:43 Times Seen102 Hash e173c92e0f5b1f151fb56b251cacbc39 5a2ecc596693c47856d22c7f240c9b9568bb96a0 66bcaf33e9ff0218ddd697bfcc5067e10840ae8055f271dcf7d5a37ade6ee22f Loading...

	www.attemplate.com/Content/newSignInFiles/jsonjs.js	10 kB	2023-03-07	2023-11-08
Pretty URL www.attemplate.com/Content/newSignInFiles/jsonjs.js IP 13.107.237.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-11-08 19:12:43 Times Seen103 Hash 37ea9ecfb21e1348970d981b0cc9f68c 2c74e0956dd4e1f49f7726eedec967d43c9221b5 3c49e5eeb628e98c3dfc5282c440d21b38a0d42bf45d8e281c1a7478d200c793 Loading...

	www.attemplate.com/Content/newSignInFiles/convergedlogin_pcore.min.js	450 kB	2023-03-07	2023-11-08
Pretty URL www.attemplate.com/Content/newSignInFiles/convergedlogin_pcore.min.js IP 13.107.237.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-11-08 19:12:43 Times Seen103 Hash 9ae1e96885da36ab5aacdaf54eeb8305 34084f5f515dab11fc20b63089d5d1a80e75d478 e4a459ed9bf635aaf0bbcfb36142c32264378f2dd25aa79bae136dfd55dd5888 Loading...

	www.attemplate.com/Content/newSignInFiles/morescript.js	328 B	2023-03-07	2023-11-08
Pretty URL www.attemplate.com/Content/newSignInFiles/morescript.js IP 13.107.237.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-11-08 19:12:42 Times Seen56 Hash cdc1345ed28507c3f7f087141a5fe4fa 3d8213e5488b7d932d1ef0d12463b7f33b66002d 71eb8e5c44c27a46a180c5b1fc4a3e32105f90adb93b1f0a616a27beca3aadc4 Loading...

	www.attemplate.com/nam/ae5b7749-9cf6-4462-87d2-968f84423e47/fe2bd7cf-1e2f-4fce-a0f0-2077f060a4dd/00399d01-229f-489d-8a73-d250721e3979/login?id=a2dTd1NHM1poNUlZcUwreis2ZFRXR3JiMlUxekJKOEt6TXg3SE5LSEMxQWZMMG03cGZ1a0lMdTNCZndOM09iT3ZZTkVXMmFPQ0xRam1QQmtKR3JWbFhQbWJ6WjRwai9YYXJ2UEIxYitCLzNHK04xV2Q2QWFjZmFLaUcvbmxhejkrZHY1NVM4QkRxV2F3ampYaXQrUWNkLzQvVzlVcTZVK2tKalNxaG1Ic2t4MERMRzBwaWtsVDRVbk95dUd3RW1NeWlxMXA5TC8rVmMvMk1XdU5GVHNtSm55SHZaWCtPcmpWekNCZVFER1VudVhydXhYdGVFY01URDRWcFIrYXdnYWc1cGU0WkJpR2NkVTRLUUNib3JVbFlVR3ZsOUdQOUdaMTIvQmF2TmVzUUM4VUgzdG1oVGE4YTdreVBWaUo3NERUL1ZkY2hUNllhOStkMmxNbEhFQjdoT0cwSzlURmllQ3dpbjk2MlNiczYrNlBCM0pXWVlGQnVTK3Buc29kZHdm	221 B	2023-03-07	2023-04-01
Pretty URL www.attemplate.com/nam/ae5b7749-9cf6-4462-87d2-968f84423e47/fe2bd7cf-1e2f-4fce-a0f0-2077f060a4dd/00399d01-229f-489d-8a73-d250721e3979/login?id=a2dTd1NHM1poNUlZcUwreis2ZFRXR3JiMlUxekJKOEt6TXg3SE5LSEMxQWZMMG03cGZ1a0lMdTNCZndOM09iT3ZZTkVXMmFPQ0xRam1QQmtKR3JWbFhQbWJ6WjRwai9YYXJ2UEIxYitCLzNHK04xV2Q2QWFjZmFLaUcvbmxhejkrZHY1NVM4QkRxV2F3ampYaXQrUWNkLzQvVzlVcTZVK2tKalNxaG1Ic2t4MERMRzBwaWtsVDRVbk95dUd3RW1NeWlxMXA5TC8rVmMvMk1XdU5GVHNtSm55SHZaWCtPcmpWekNCZVFER1VudVhydXhYdGVFY01URDRWcFIrYXdnYWc1cGU0WkJpR2NkVTRLUUNib3JVbFlVR3ZsOUdQOUdaMTIvQmF2TmVzUUM4VUgzdG1oVGE4YTdreVBWaUo3NERUL1ZkY2hUNllhOStkMmxNbEhFQjdoT0cwSzlURmllQ3dpbjk2MlNiczYrNlBCM0pXWVlGQnVTK3Buc29kZHdm IP 13.107.237.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-04-01 11:16:27 Times Seen8 Hash a9ec8a33ba1064ce8bbc83ad69efa945 3828ee725a60da38881aef8fd0e0ebeca06c6c21 f73547e27486fa96a96268157e5c3ce357dbaca7fa90414f76ff50acbcf6079c Loading...

	www.attemplate.com/Content/newSignInFiles/odbshare-deca58ee.js	1.3 MB	2023-03-07	2023-11-08
Pretty URL www.attemplate.com/Content/newSignInFiles/odbshare-deca58ee.js IP 13.107.237.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-11-08 19:12:43 Times Seen98 Hash 36e4d5260114c1c0aaaf543f60242abe 216bb5e7b2d7b3ea2fa94be5bd0daaa8420d9294 23f0ff28cbffa80317fd222cb6b7857cfd2075be3bccebfac2cbc97ad1747da6 Loading...

	www.attemplate.com/Content/newSignInFiles/odbshare.resx-30cb8c0f.js	55 kB	2023-03-07	2023-11-08
Pretty URL www.attemplate.com/Content/newSignInFiles/odbshare.resx-30cb8c0f.js IP 13.107.237.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-11-08 19:12:43 Times Seen97 Hash 30cb8c0f0121ecf0d7e72f25e99db372 d5569b73a452b935da0394cda601ef83e69e5361 df5b5ebcb8f62fb2e24b77c57d71f02f98705370ccad457e4ca214975ab77498 Loading...

	www.attemplate.com/Content/newSignInFiles/convergedloginpaginatedstrings-en.min.js	12 kB	2023-03-07	2023-11-08
Pretty URL www.attemplate.com/Content/newSignInFiles/convergedloginpaginatedstrings-en.min.js IP 13.107.237.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-11-08 19:12:43 Times Seen103 Hash a43abb7b73ede723d909515b0db8567c 31a5c6d3c518e3b27d96a8c4749ef20d9b028ced 8176927c483b9c3c64aedb655264870a59e608a653ed5045c3091382829b4f89 Loading...

	secure.aadcdn.microsoftonline-p.com/ests/2.1.7362.11/content/cdnbundles/watson.min.js	8.9 kB	2023-03-07	2023-04-01
Pretty URL secure.aadcdn.microsoftonline-p.com/ests/2.1.7362.11/content/cdnbundles/watson.min.js IP 104.110.16.53 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-04-01 11:16:27 Times Seen8 Hash 85ae679948ef1ef084a07eb290777f91 c61b332b6d8a3782c29b299de5c6a218e6e33a5c 87eaf7626d0083e4a253666a1c95d8e44cb17f80d854d499d942d8f65cca7b62 Loading...

	www.attemplate.com/Content/newSignInFiles/share.html	24 kB	2023-03-07	2023-09-23
Pretty URL www.attemplate.com/Content/newSignInFiles/share.html IP 13.107.237.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-09-23 15:42:44 Times Seen15 Hash 0f5baa89ee099fbb3a035ec7f83a428c 4585a41e2d76e4bbd677150672812ff42729a97f 39aefd9185afbccba2fb3bb2a51fde5258fed555638fa18147f1b4ee54c2f562 Loading...

	www.attemplate.com/nam/ae5b7749-9cf6-4462-87d2-968f84423e47/fe2bd7cf-1e2f-4fce-a0f0-2077f060a4dd/00399d01-229f-489d-8a73-d250721e3979/login?id=a2dTd1NHM1poNUlZcUwreis2ZFRXR3JiMlUxekJKOEt6TXg3SE5LSEMxQWZMMG03cGZ1a0lMdTNCZndOM09iT3ZZTkVXMmFPQ0xRam1QQmtKR3JWbFhQbWJ6WjRwai9YYXJ2UEIxYitCLzNHK04xV2Q2QWFjZmFLaUcvbmxhejkrZHY1NVM4QkRxV2F3ampYaXQrUWNkLzQvVzlVcTZVK2tKalNxaG1Ic2t4MERMRzBwaWtsVDRVbk95dUd3RW1NeWlxMXA5TC8rVmMvMk1XdU5GVHNtSm55SHZaWCtPcmpWekNCZVFER1VudVhydXhYdGVFY01URDRWcFIrYXdnYWc1cGU0WkJpR2NkVTRLUUNib3JVbFlVR3ZsOUdQOUdaMTIvQmF2TmVzUUM4VUgzdG1oVGE4YTdreVBWaUo3NERUL1ZkY2hUNllhOStkMmxNbEhFQjdoT0cwSzlURmllQ3dpbjk2MlNiczYrNlBCM0pXWVlGQnVTK3Buc29kZHdm	35 B	2023-03-07	2024-04-19
Pretty URL www.attemplate.com/nam/ae5b7749-9cf6-4462-87d2-968f84423e47/fe2bd7cf-1e2f-4fce-a0f0-2077f060a4dd/00399d01-229f-489d-8a73-d250721e3979/login?id=a2dTd1NHM1poNUlZcUwreis2ZFRXR3JiMlUxekJKOEt6TXg3SE5LSEMxQWZMMG03cGZ1a0lMdTNCZndOM09iT3ZZTkVXMmFPQ0xRam1QQmtKR3JWbFhQbWJ6WjRwai9YYXJ2UEIxYitCLzNHK04xV2Q2QWFjZmFLaUcvbmxhejkrZHY1NVM4QkRxV2F3ampYaXQrUWNkLzQvVzlVcTZVK2tKalNxaG1Ic2t4MERMRzBwaWtsVDRVbk95dUd3RW1NeWlxMXA5TC8rVmMvMk1XdU5GVHNtSm55SHZaWCtPcmpWekNCZVFER1VudVhydXhYdGVFY01URDRWcFIrYXdnYWc1cGU0WkJpR2NkVTRLUUNib3JVbFlVR3ZsOUdQOUdaMTIvQmF2TmVzUUM4VUgzdG1oVGE4YTdreVBWaUo3NERUL1ZkY2hUNllhOStkMmxNbEhFQjdoT0cwSzlURmllQ3dpbjk2MlNiczYrNlBCM0pXWVlGQnVTK3Buc29kZHdm IP 13.107.237.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:22 Last Seen2024-04-19 19:43:32 Times Seen46897 Hash 2badc56bc4d494e70d476b2e4efd31da 384c5f0842cd2f786b0acc4cb159b75ad3620d46 8684cc6fc8b42cd798a7e1416fda8af6cea601dca2ecd3a253acfd9649f58fcb Loading...

	www.attemplate.com/Content/newSignInFiles/share.html	621 B	2023-03-07	2023-09-23
Pretty URL www.attemplate.com/Content/newSignInFiles/share.html IP 13.107.237.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-09-23 15:42:44 Times Seen15 Hash 3fdeba0eb1acd02cd6045f34eb526aa7 7970356bc379bd64c5c42b0baed6b25d886c979c 92dde2be41a02bee18b719bd3ac8a75a90e98233dce02f5340f1f78e2fc9b10c Loading...

	www.attemplate.com/Content/newSignInFiles/share.html	35 kB	2023-03-07	2023-11-08
Pretty URL www.attemplate.com/Content/newSignInFiles/share.html IP 13.107.237.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-11-08 19:12:42 Times Seen46 Hash ef04bdeb82acf8466f7584f6cc7542cd f7eee7882c38e7e5ffa0b518e8ce31effb800243 515e769f47d67533d5b68f30d564770ad4b4d05d0cd214294f1f31546a2eac47 Loading...

	secure.aadcdn.microsoftonline-p.com/ests/2.1.7362.11/content/cdnbundles/watsonsupport.min.js	110 kB	2023-03-07	2023-04-01
Pretty URL secure.aadcdn.microsoftonline-p.com/ests/2.1.7362.11/content/cdnbundles/watsonsupport.min.js IP 104.110.16.53 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:24 Last Seen2023-04-01 11:16:27 Times Seen8 Hash fc098ef8e126673c91f8ded2b3838d29 60a2d48e2f02a8cbe51cabe43570d87467596399 080ff245615e719959bc5537e164ac4495c4b8036462dfee2076dd92f22c8491 Loading...

HTTP Transactions (56)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d2e72d45afe3d391c204b5391599607c
149d68b9d00a720b6f380fa2324779dca9dbe26d
f6f1c295c68dfebadacb1fc812b44e01c7ede0e203615ef3e2cced2ce2251e7e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6F1C295C68DFEBADACB1FC812B44E01C7EDE0E203615EF3E2CCED2CE2251E7E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17082
Expires: Wed, 01 Feb 2023 18:16:51 GMT
Date: Wed, 01 Feb 2023 13:32:09 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3535
Expires: Wed, 01 Feb 2023 14:31:04 GMT
Date: Wed, 01 Feb 2023 13:32:09 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a8d45deaa7ebfcd996c2055dae592ab8
55befe074589fe7b39757c145968058162a8fc6b
50d7d516f446458145a304b288a0a39d391cd37ea50dabea36ae48d291c65ba7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50D7D516F446458145A304B288A0A39D391CD37EA50DABEA36AE48D291C65BA7"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3473
Expires: Wed, 01 Feb 2023 14:30:02 GMT
Date: Wed, 01 Feb 2023 13:32:09 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 01 Feb 2023 12:36:01 GMT
content-type: application/json
age: 3368
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: ORyc0e23Ga/XDRDQ3FmmCE2IDB2ethR6Qsus4wZbkyPHf/s4MckEEMurZkc+JrEgS1PATSMtZY0=
x-amz-request-id: F5JW9MPYW57BKMZW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 01 Feb 2023 12:51:34 GMT
age: 2435
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 13:32:09 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 01 Feb 2023 12:41:42 GMT
age: 3027
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14023
Expires: Wed, 01 Feb 2023 17:25:52 GMT
Date: Wed, 01 Feb 2023 13:32:09 GMT
Connection: keep-alive

push.services.mozilla.com/

54.185.138.177

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.185.138.177:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: dk4ZiunEjxJHm/FifHWFhg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: SRh1pseXqeZWOLXvlceFUAfXP+4=

www.attemplate.com/Content/newSignInFiles/convergedloginpaginatedstrings-en.min.js

13.107.237.53

200 OK

12 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/convergedloginpaginatedstrings-en.min.js
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 text, with very long lines (12112), with no line terminators
Size
12 kB (12121 bytes)
Hash
a43abb7b73ede723d909515b0db8567c
31a5c6d3c518e3b27d96a8c4749ef20d9b028ced
8176927c483b9c3c64aedb655264870a59e608a653ed5045c3091382829b4f89

HTTP Headers

GET /Content/newSignInFiles/convergedloginpaginatedstrings-en.min.js HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/nam/ae5b7749-9cf6-4462-87d2-968f84423e47/fe2bd7cf-1e2f-4fce-a0f0-2077f060a4dd/00399d01-229f-489d-8a73-d250721e3979/login?id=a2dTd1NHM1poNUlZcUwreis2ZFRXR3JiMlUxekJKOEt6TXg3SE5LSEMxQWZMMG03cGZ1a0lMdTNCZndOM09iT3ZZTkVXMmFPQ0xRam1QQmtKR3JWbFhQbWJ6WjRwai9YYXJ2UEIxYitCLzNHK04xV2Q2QWFjZmFLaUcvbmxhejkrZHY1NVM4QkRxV2F3ampYaXQrUWNkLzQvVzlVcTZVK2tKalNxaG1Ic2t4MERMRzBwaWtsVDRVbk95dUd3RW1NeWlxMXA5TC8rVmMvMk1XdU5GVHNtSm55SHZaWCtPcmpWekNCZVFER1VudVhydXhYdGVFY01URDRWcFIrYXdnYWc1cGU0WkJpR2NkVTRLUUNib3JVbFlVR3ZsOUdQOUdaMTIvQmF2TmVzUUM4VUgzdG1oVGE4YTdreVBWaUo3NERUL1ZkY2hUNllhOStkMmxNbEhFQjdoT0cwSzlURmllQ3dpbjk2MlNiczYrNlBCM0pXWVlGQnVTK3Buc29kZHdm
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8CtHQyWPj91Ekil1lfsX_LzfRBNiyp0P8yhIfS2goErjF0nDLrCtljIbRTRMtxbRQvym7X7IWW337UmFpJNNjeVbsqU79U_O2WOmkicbzUpdCrB62GPQ6zhtctMlNl8OPk7DiaMf0it3oIHNLk3aJ04
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 12121
content-type: application/javascript
last-modified: Fri, 27 Jan 2023 05:02:49 GMT
accept-ranges: bytes
etag: "1d9320c9a11cdd9"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 02mnaYwAAAAAKRjM5ddagR51GG6Evm4dnQ1BIMzBFREdFMDQwOQAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Wed, 01 Feb 2023 13:32:10 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/ellipsis_white.svg

13.107.237.53

200 OK

915 B

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/ellipsis_white.svg
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (915), with no line terminators
Size
915 B (915 bytes)
Hash
5ac590ee72bfe06a7cecfd75b588ad73
dda2cb89a241bc424746d8cf2a22a35535094611
6075736ea9c281d69c4a3d78ff97bb61b9416a5809919babe5a0c5596f99aaea

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /Content/newSignInFiles/ellipsis_white.svg HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/nam/ae5b7749-9cf6-4462-87d2-968f84423e47/fe2bd7cf-1e2f-4fce-a0f0-2077f060a4dd/00399d01-229f-489d-8a73-d250721e3979/login?id=a2dTd1NHM1poNUlZcUwreis2ZFRXR3JiMlUxekJKOEt6TXg3SE5LSEMxQWZMMG03cGZ1a0lMdTNCZndOM09iT3ZZTkVXMmFPQ0xRam1QQmtKR3JWbFhQbWJ6WjRwai9YYXJ2UEIxYitCLzNHK04xV2Q2QWFjZmFLaUcvbmxhejkrZHY1NVM4QkRxV2F3ampYaXQrUWNkLzQvVzlVcTZVK2tKalNxaG1Ic2t4MERMRzBwaWtsVDRVbk95dUd3RW1NeWlxMXA5TC8rVmMvMk1XdU5GVHNtSm55SHZaWCtPcmpWekNCZVFER1VudVhydXhYdGVFY01URDRWcFIrYXdnYWc1cGU0WkJpR2NkVTRLUUNib3JVbFlVR3ZsOUdQOUdaMTIvQmF2TmVzUUM4VUgzdG1oVGE4YTdreVBWaUo3NERUL1ZkY2hUNllhOStkMmxNbEhFQjdoT0cwSzlURmllQ3dpbjk2MlNiczYrNlBCM0pXWVlGQnVTK3Buc29kZHdm
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8CtHQyWPj91Ekil1lfsX_LzfRBNiyp0P8yhIfS2goErjF0nDLrCtljIbRTRMtxbRQvym7X7IWW337UmFpJNNjeVbsqU79U_O2WOmkicbzUpdCrB62GPQ6zhtctMlNl8OPk7DiaMf0it3oIHNLk3aJ04
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 915
content-type: image/svg+xml
last-modified: Fri, 27 Jan 2023 05:42:03 GMT
accept-ranges: bytes
etag: "1d932121529c413"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 022naYwAAAACDk8POu0EYSKpFVdr3fd4wQ1BIMzBFREdFMDQwOQAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Wed, 01 Feb 2023 13:32:10 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/ellipsis_grey.svg

13.107.237.53

200 OK

915 B

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/ellipsis_grey.svg
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (915), with no line terminators
Size
915 B (915 bytes)
Hash
2b5d393db04a5e6e1f739cb266e65b4c
6a435df5cac3d58ccad655fe022ccf3dd4b9b721
16c3f6531d0fa5b4d16e82abf066233b2a9f284c068c663699313c09f5e8d6e6

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /Content/newSignInFiles/ellipsis_grey.svg HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/nam/ae5b7749-9cf6-4462-87d2-968f84423e47/fe2bd7cf-1e2f-4fce-a0f0-2077f060a4dd/00399d01-229f-489d-8a73-d250721e3979/login?id=a2dTd1NHM1poNUlZcUwreis2ZFRXR3JiMlUxekJKOEt6TXg3SE5LSEMxQWZMMG03cGZ1a0lMdTNCZndOM09iT3ZZTkVXMmFPQ0xRam1QQmtKR3JWbFhQbWJ6WjRwai9YYXJ2UEIxYitCLzNHK04xV2Q2QWFjZmFLaUcvbmxhejkrZHY1NVM4QkRxV2F3ampYaXQrUWNkLzQvVzlVcTZVK2tKalNxaG1Ic2t4MERMRzBwaWtsVDRVbk95dUd3RW1NeWlxMXA5TC8rVmMvMk1XdU5GVHNtSm55SHZaWCtPcmpWekNCZVFER1VudVhydXhYdGVFY01URDRWcFIrYXdnYWc1cGU0WkJpR2NkVTRLUUNib3JVbFlVR3ZsOUdQOUdaMTIvQmF2TmVzUUM4VUgzdG1oVGE4YTdreVBWaUo3NERUL1ZkY2hUNllhOStkMmxNbEhFQjdoT0cwSzlURmllQ3dpbjk2MlNiczYrNlBCM0pXWVlGQnVTK3Buc29kZHdm
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8CtHQyWPj91Ekil1lfsX_LzfRBNiyp0P8yhIfS2goErjF0nDLrCtljIbRTRMtxbRQvym7X7IWW337UmFpJNNjeVbsqU79U_O2WOmkicbzUpdCrB62GPQ6zhtctMlNl8OPk7DiaMf0it3oIHNLk3aJ04
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 915
content-type: image/svg+xml
last-modified: Fri, 27 Jan 2023 05:18:53 GMT
accept-ranges: bytes
etag: "1d9320ed8a89f13"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 022naYwAAAAA5ad01zlc/SL219jLyY3rdQ1BIMzBFREdFMDQwOQAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Wed, 01 Feb 2023 13:32:10 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/morescript.js

13.107.237.53

200 OK

331 B

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/morescript.js
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (326), with CRLF line terminators
Size
331 B (331 bytes)
Hash
8bc03f0ed1d4ec8b123abc818f236ec9
8d5327da68684b0949c5b388f2b2eab3dc77b42e
58fa1f189953f9c0b6209827f64e8ce65318374e075c30f74cad566ed733fe69

HTTP Headers

GET /Content/newSignInFiles/morescript.js HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/nam/ae5b7749-9cf6-4462-87d2-968f84423e47/fe2bd7cf-1e2f-4fce-a0f0-2077f060a4dd/00399d01-229f-489d-8a73-d250721e3979/login?id=a2dTd1NHM1poNUlZcUwreis2ZFRXR3JiMlUxekJKOEt6TXg3SE5LSEMxQWZMMG03cGZ1a0lMdTNCZndOM09iT3ZZTkVXMmFPQ0xRam1QQmtKR3JWbFhQbWJ6WjRwai9YYXJ2UEIxYitCLzNHK04xV2Q2QWFjZmFLaUcvbmxhejkrZHY1NVM4QkRxV2F3ampYaXQrUWNkLzQvVzlVcTZVK2tKalNxaG1Ic2t4MERMRzBwaWtsVDRVbk95dUd3RW1NeWlxMXA5TC8rVmMvMk1XdU5GVHNtSm55SHZaWCtPcmpWekNCZVFER1VudVhydXhYdGVFY01URDRWcFIrYXdnYWc1cGU0WkJpR2NkVTRLUUNib3JVbFlVR3ZsOUdQOUdaMTIvQmF2TmVzUUM4VUgzdG1oVGE4YTdreVBWaUo3NERUL1ZkY2hUNllhOStkMmxNbEhFQjdoT0cwSzlURmllQ3dpbjk2MlNiczYrNlBCM0pXWVlGQnVTK3Buc29kZHdm
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8CtHQyWPj91Ekil1lfsX_LzfRBNiyp0P8yhIfS2goErjF0nDLrCtljIbRTRMtxbRQvym7X7IWW337UmFpJNNjeVbsqU79U_O2WOmkicbzUpdCrB62GPQ6zhtctMlNl8OPk7DiaMf0it3oIHNLk3aJ04
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 331
content-type: application/javascript
last-modified: Mon, 30 Jan 2023 05:16:55 GMT
accept-ranges: bytes
etag: "1d9346a11907ccb"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 02mnaYwAAAABg5/CUEKfCTKu+Qy9pmUYnQ1BIMzBFREdFMDQwOQAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Wed, 01 Feb 2023 13:32:10 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/jsonjs.js

13.107.237.53

200 OK

10 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/jsonjs.js
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (9380), with CRLF line terminators
Size
10 kB (10323 bytes)
Hash
37ea9ecfb21e1348970d981b0cc9f68c
2c74e0956dd4e1f49f7726eedec967d43c9221b5
3c49e5eeb628e98c3dfc5282c440d21b38a0d42bf45d8e281c1a7478d200c793

HTTP Headers

GET /Content/newSignInFiles/jsonjs.js HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/nam/ae5b7749-9cf6-4462-87d2-968f84423e47/fe2bd7cf-1e2f-4fce-a0f0-2077f060a4dd/00399d01-229f-489d-8a73-d250721e3979/login?id=a2dTd1NHM1poNUlZcUwreis2ZFRXR3JiMlUxekJKOEt6TXg3SE5LSEMxQWZMMG03cGZ1a0lMdTNCZndOM09iT3ZZTkVXMmFPQ0xRam1QQmtKR3JWbFhQbWJ6WjRwai9YYXJ2UEIxYitCLzNHK04xV2Q2QWFjZmFLaUcvbmxhejkrZHY1NVM4QkRxV2F3ampYaXQrUWNkLzQvVzlVcTZVK2tKalNxaG1Ic2t4MERMRzBwaWtsVDRVbk95dUd3RW1NeWlxMXA5TC8rVmMvMk1XdU5GVHNtSm55SHZaWCtPcmpWekNCZVFER1VudVhydXhYdGVFY01URDRWcFIrYXdnYWc1cGU0WkJpR2NkVTRLUUNib3JVbFlVR3ZsOUdQOUdaMTIvQmF2TmVzUUM4VUgzdG1oVGE4YTdreVBWaUo3NERUL1ZkY2hUNllhOStkMmxNbEhFQjdoT0cwSzlURmllQ3dpbjk2MlNiczYrNlBCM0pXWVlGQnVTK3Buc29kZHdm
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8CtHQyWPj91Ekil1lfsX_LzfRBNiyp0P8yhIfS2goErjF0nDLrCtljIbRTRMtxbRQvym7X7IWW337UmFpJNNjeVbsqU79U_O2WOmkicbzUpdCrB62GPQ6zhtctMlNl8OPk7DiaMf0it3oIHNLk3aJ04
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 10323
content-type: application/javascript
last-modified: Thu, 26 Jan 2023 03:59:16 GMT
accept-ranges: bytes
etag: "1d9313a8eeeaa53"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 02mnaYwAAAAB/8w2BLrmoSoX7MHZ6SEIxQ1BIMzBFREdFMDQwOQAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Wed, 01 Feb 2023 13:32:10 GMT
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3505
Expires: Wed, 01 Feb 2023 14:30:36 GMT
Date: Wed, 01 Feb 2023 13:32:11 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3505
Expires: Wed, 01 Feb 2023 14:30:36 GMT
Date: Wed, 01 Feb 2023 13:32:11 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3505
Expires: Wed, 01 Feb 2023 14:30:36 GMT
Date: Wed, 01 Feb 2023 13:32:11 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff881dee4-27ea-4970-91da-e85794176516.jpeg

34.120.237.76

200 OK

7.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff881dee4-27ea-4970-91da-e85794176516.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.9 kB (7876 bytes)
Hash
2caf8f791d29d1c03e383b08fe71b042
91254d0b2c68291701ba967f71e5319c8edd1d0a
354892b28eda2bcf225909a8f92b6ddb5be5d47c43445ae4243a59c80e10ef9e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff881dee4-27ea-4970-91da-e85794176516.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7876
x-amzn-requestid: 6c502e4a-ac64-48cc-8210-59225f5e9947
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foetOH7PoAMFynA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9ab21-539f36af56fde05121a0179a;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 23:58:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3Q59EJIRAEqMqARj6SYi3il0p9HpdPNnizvy0HOxQffZnR1Sgp-nnA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 00:18:08 GMT
age: 47643
etag: "91254d0b2c68291701ba967f71e5319c8edd1d0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30335cb7-009a-42f5-8186-d0c302adc827.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6819 bytes)
Hash
ec7e808a5e82552c46c3417a5b32b836
f0a273292b47d7e2e33c9d77fd95abdcc9e31ddd
f16d982224dfeb0753eaf9d4eb87d80fd1111f682fd8fa36f3177aad5bf926a4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30335cb7-009a-42f5-8186-d0c302adc827.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 6819
x-amzn-requestid: a0368695-4182-40bd-9a28-c50ae783a7a5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaRHGnoAMF0Ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-624285eb16110b8c2360dec5;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4MpUHqMYJoNA7QuRuQwbJIodNkhizq6EL5SPbIoSKFQjtoAKQgLuEg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:51:25 GMT
age: 56446
etag: "f0a273292b47d7e2e33c9d77fd95abdcc9e31ddd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8597 bytes)
Hash
27e95b7912edc909d6b031e36fe83534
eb27fae0bb17dbe0929a620002195233ef50c1d0
b32e7e1a2eee367c5bf9e99bcb38f4c74c4e9e7bdfe7fb0f8f2a657060c0624c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8597
x-amzn-requestid: e7bf4ac9-d86d-4ee9-9e10-8a42e5dfe2c6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fcRaNEW4IAMFatA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d4c90d-7731312f630b00ba028836ca;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 07:04:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: z3ZJ7bq6LuJd-9I9D22VIs0avctNGVDKnYmt-fxevCheQibivmUomQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 07:53:10 GMT
age: 20341
etag: "eb27fae0bb17dbe0929a620002195233ef50c1d0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9600 bytes)
Hash
3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aZOeDFqBJQoGwLpIs-GpPvY0FKGCAOXY6MgzG32qzX-kVzUCKKv-kw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 22:03:43 GMT
age: 55708
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb36bfce9-5d67-458e-846d-ca30f9242449.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (14041 bytes)
Hash
78fe9a77211d6f9a462f625af0c6f9bc
ac0b58423d7578e7a1b60a62220c0a57924dda82
e047466c3ae0a55509f4ace49d0476f94271b5a25e71caa3b06ec468a238b652

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb36bfce9-5d67-458e-846d-ca30f9242449.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14041
x-amzn-requestid: 2be6655d-3b0e-4e65-b44b-11682610b640
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaRGFpIAMFbMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-5554d18d5db235913afa77a2;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: MeSOuCSjsjhK6FOS67rw6oF4rS08twjOACGbXJrNPH6vwZb8lZh9lw==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:51:18 GMT
etag: "ac0b58423d7578e7a1b60a62220c0a57924dda82"
content-type: image/jpeg
age: 56453
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55af221f-e2a5-4ea0-ba8f-1f045ea1cbb7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.8 kB (8812 bytes)
Hash
7d09523ece9b6da85a1a007c7e2abcb6
a637b08e2fbba31ef60103b2d9fd3c6f96d84b27
811bbd2e85b83dcaa8743a1d7e513fd76b81d4ced2b8aa99c62f9590f20e85a8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55af221f-e2a5-4ea0-ba8f-1f045ea1cbb7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8812
x-amzn-requestid: 8c568658-2708-4031-93ff-1654cc17a311
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foeeZGjKIAMFyUA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9aac2-4587a6e43c1430ed03d0e69b;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 23:56:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: SN1t3ynbcYOqHlv7bgBwzUTdZLjPAEq8bmRuIJaKHGA-4AkcMyBJkg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 00:16:28 GMT
age: 47743
etag: "a637b08e2fbba31ef60103b2d9fd3c6f96d84b27"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/converged.login.min.css

13.107.237.53

200 OK

88 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/converged.login.min.css
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (61123), with CRLF line terminators
Size
88 kB (88187 bytes)
Hash
962d66b5fa6c30ab93ed4762d692b0b6
264402864833193dc83aea439dfc26bbeae4199e
b975857eea84eb27fe2effc01b4045800b81d6e358b37a7a876ba813351745ce

HTTP Headers

GET /Content/newSignInFiles/converged.login.min.css HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/nam/ae5b7749-9cf6-4462-87d2-968f84423e47/fe2bd7cf-1e2f-4fce-a0f0-2077f060a4dd/00399d01-229f-489d-8a73-d250721e3979/login?id=a2dTd1NHM1poNUlZcUwreis2ZFRXR3JiMlUxekJKOEt6TXg3SE5LSEMxQWZMMG03cGZ1a0lMdTNCZndOM09iT3ZZTkVXMmFPQ0xRam1QQmtKR3JWbFhQbWJ6WjRwai9YYXJ2UEIxYitCLzNHK04xV2Q2QWFjZmFLaUcvbmxhejkrZHY1NVM4QkRxV2F3ampYaXQrUWNkLzQvVzlVcTZVK2tKalNxaG1Ic2t4MERMRzBwaWtsVDRVbk95dUd3RW1NeWlxMXA5TC8rVmMvMk1XdU5GVHNtSm55SHZaWCtPcmpWekNCZVFER1VudVhydXhYdGVFY01URDRWcFIrYXdnYWc1cGU0WkJpR2NkVTRLUUNib3JVbFlVR3ZsOUdQOUdaMTIvQmF2TmVzUUM4VUgzdG1oVGE4YTdreVBWaUo3NERUL1ZkY2hUNllhOStkMmxNbEhFQjdoT0cwSzlURmllQ3dpbjk2MlNiczYrNlBCM0pXWVlGQnVTK3Buc29kZHdm
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8CtHQyWPj91Ekil1lfsX_LzfRBNiyp0P8yhIfS2goErjF0nDLrCtljIbRTRMtxbRQvym7X7IWW337UmFpJNNjeVbsqU79U_O2WOmkicbzUpdCrB62GPQ6zhtctMlNl8OPk7DiaMf0it3oIHNLk3aJ04
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 88187
content-type: text/css
last-modified: Thu, 26 Jan 2023 04:06:41 GMT
accept-ranges: bytes
etag: "1d9313b982d46fb"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 02mnaYwAAAADOA0XxcNdlSbj/C1zX72Z4Q1BIMzBFREdFMDQwOQAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Wed, 01 Feb 2023 13:32:11 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/microsoft_logo.svg

13.107.237.53

200 OK

3.7 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/microsoft_logo.svg
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (3651), with no line terminators
Size
3.7 kB (3651 bytes)
Hash
ee5c8d9fb6248c938fd0dc19370e90bd
d01a22720918b781338b5bbf9202b241a5f99ee4
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /Content/newSignInFiles/microsoft_logo.svg HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/nam/ae5b7749-9cf6-4462-87d2-968f84423e47/fe2bd7cf-1e2f-4fce-a0f0-2077f060a4dd/00399d01-229f-489d-8a73-d250721e3979/login?id=a2dTd1NHM1poNUlZcUwreis2ZFRXR3JiMlUxekJKOEt6TXg3SE5LSEMxQWZMMG03cGZ1a0lMdTNCZndOM09iT3ZZTkVXMmFPQ0xRam1QQmtKR3JWbFhQbWJ6WjRwai9YYXJ2UEIxYitCLzNHK04xV2Q2QWFjZmFLaUcvbmxhejkrZHY1NVM4QkRxV2F3ampYaXQrUWNkLzQvVzlVcTZVK2tKalNxaG1Ic2t4MERMRzBwaWtsVDRVbk95dUd3RW1NeWlxMXA5TC8rVmMvMk1XdU5GVHNtSm55SHZaWCtPcmpWekNCZVFER1VudVhydXhYdGVFY01URDRWcFIrYXdnYWc1cGU0WkJpR2NkVTRLUUNib3JVbFlVR3ZsOUdQOUdaMTIvQmF2TmVzUUM4VUgzdG1oVGE4YTdreVBWaUo3NERUL1ZkY2hUNllhOStkMmxNbEhFQjdoT0cwSzlURmllQ3dpbjk2MlNiczYrNlBCM0pXWVlGQnVTK3Buc29kZHdm
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8CtHQyWPj91Ekil1lfsX_LzfRBNiyp0P8yhIfS2goErjF0nDLrCtljIbRTRMtxbRQvym7X7IWW337UmFpJNNjeVbsqU79U_O2WOmkicbzUpdCrB62GPQ6zhtctMlNl8OPk7DiaMf0it3oIHNLk3aJ04
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 3651
content-type: image/svg+xml
last-modified: Mon, 30 Jan 2023 04:37:11 GMT
accept-ranges: bytes
etag: "1d934648496fbc3"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 02mnaYwAAAAAg76ZvB91DQ4WCvRy9+pfNQ1BIMzBFREdFMDQwOQAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Wed, 01 Feb 2023 13:32:11 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/firstScript.js

13.107.237.53

200 OK

54 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/firstScript.js
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (39807), with CRLF line terminators
Size
54 kB (54099 bytes)
Hash
da5d678cfa62ab32b62a8123e923f822
ea31c64aa7f094ed21ea0acaa054fbe0745235fe
9fabe69e40bbff565755bbc408ba923e8d05867969c34e5448d334c8914d2ba0

HTTP Headers

GET /Content/newSignInFiles/firstScript.js HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/nam/ae5b7749-9cf6-4462-87d2-968f84423e47/fe2bd7cf-1e2f-4fce-a0f0-2077f060a4dd/00399d01-229f-489d-8a73-d250721e3979/login?id=a2dTd1NHM1poNUlZcUwreis2ZFRXR3JiMlUxekJKOEt6TXg3SE5LSEMxQWZMMG03cGZ1a0lMdTNCZndOM09iT3ZZTkVXMmFPQ0xRam1QQmtKR3JWbFhQbWJ6WjRwai9YYXJ2UEIxYitCLzNHK04xV2Q2QWFjZmFLaUcvbmxhejkrZHY1NVM4QkRxV2F3ampYaXQrUWNkLzQvVzlVcTZVK2tKalNxaG1Ic2t4MERMRzBwaWtsVDRVbk95dUd3RW1NeWlxMXA5TC8rVmMvMk1XdU5GVHNtSm55SHZaWCtPcmpWekNCZVFER1VudVhydXhYdGVFY01URDRWcFIrYXdnYWc1cGU0WkJpR2NkVTRLUUNib3JVbFlVR3ZsOUdQOUdaMTIvQmF2TmVzUUM4VUgzdG1oVGE4YTdreVBWaUo3NERUL1ZkY2hUNllhOStkMmxNbEhFQjdoT0cwSzlURmllQ3dpbjk2MlNiczYrNlBCM0pXWVlGQnVTK3Buc29kZHdm
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8CtHQyWPj91Ekil1lfsX_LzfRBNiyp0P8yhIfS2goErjF0nDLrCtljIbRTRMtxbRQvym7X7IWW337UmFpJNNjeVbsqU79U_O2WOmkicbzUpdCrB62GPQ6zhtctMlNl8OPk7DiaMf0it3oIHNLk3aJ04
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 54099
content-type: application/javascript
last-modified: Wed, 25 Jan 2023 10:28:33 GMT
accept-ranges: bytes
etag: "1d930a7c660cdd3"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 02mnaYwAAAAA/ahF8+NgqTqRANlQc/vrzQ1BIMzBFREdFMDQwOQAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Wed, 01 Feb 2023 13:32:11 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/convergedlogin_pcore.min.js

13.107.237.53

200 OK

450 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/convergedlogin_pcore.min.js
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (32002), with CRLF line terminators
Size
450 kB (450214 bytes)
Hash
9ae1e96885da36ab5aacdaf54eeb8305
34084f5f515dab11fc20b63089d5d1a80e75d478
e4a459ed9bf635aaf0bbcfb36142c32264378f2dd25aa79bae136dfd55dd5888

HTTP Headers

GET /Content/newSignInFiles/convergedlogin_pcore.min.js HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/nam/ae5b7749-9cf6-4462-87d2-968f84423e47/fe2bd7cf-1e2f-4fce-a0f0-2077f060a4dd/00399d01-229f-489d-8a73-d250721e3979/login?id=a2dTd1NHM1poNUlZcUwreis2ZFRXR3JiMlUxekJKOEt6TXg3SE5LSEMxQWZMMG03cGZ1a0lMdTNCZndOM09iT3ZZTkVXMmFPQ0xRam1QQmtKR3JWbFhQbWJ6WjRwai9YYXJ2UEIxYitCLzNHK04xV2Q2QWFjZmFLaUcvbmxhejkrZHY1NVM4QkRxV2F3ampYaXQrUWNkLzQvVzlVcTZVK2tKalNxaG1Ic2t4MERMRzBwaWtsVDRVbk95dUd3RW1NeWlxMXA5TC8rVmMvMk1XdU5GVHNtSm55SHZaWCtPcmpWekNCZVFER1VudVhydXhYdGVFY01URDRWcFIrYXdnYWc1cGU0WkJpR2NkVTRLUUNib3JVbFlVR3ZsOUdQOUdaMTIvQmF2TmVzUUM4VUgzdG1oVGE4YTdreVBWaUo3NERUL1ZkY2hUNllhOStkMmxNbEhFQjdoT0cwSzlURmllQ3dpbjk2MlNiczYrNlBCM0pXWVlGQnVTK3Buc29kZHdm
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8CtHQyWPj91Ekil1lfsX_LzfRBNiyp0P8yhIfS2goErjF0nDLrCtljIbRTRMtxbRQvym7X7IWW337UmFpJNNjeVbsqU79U_O2WOmkicbzUpdCrB62GPQ6zhtctMlNl8OPk7DiaMf0it3oIHNLk3aJ04
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 450214
content-type: application/javascript
last-modified: Wed, 25 Jan 2023 11:00:37 GMT
accept-ranges: bytes
etag: "1d930ac412de626"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 02mnaYwAAAAB8cOghxljiTb6lbZHHiD15Q1BIMzBFREdFMDQwOQAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Wed, 01 Feb 2023 13:32:11 GMT
X-Firefox-Spdy: h2

secure.aadcdn.microsoftonline-p.com/ests/2.1.7362.11/content/cdnbundles/watsonsupport.min.js

104.110.16.53

200 OK

38 kB

URL HTTP/1.1
secure.aadcdn.microsoftonline-p.com/ests/2.1.7362.11/content/cdnbundles/watsonsupport.min.js
IP
104.110.16.53:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (32083)
Size
38 kB (38473 bytes)
Hash
ba1f871fe9fbfe0ad04cebb6fadb310a
4cda39e75d7150e0848afbcc792b219b9aa94199
a012ac4ab760ff33f4687ff7a7ab204025e229ee9dd8b15f271d464f6a935c64

HTTP Headers

GET /ests/2.1.7362.11/content/cdnbundles/watsonsupport.min.js HTTP/1.1
Host: secure.aadcdn.microsoftonline-p.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Length: 38473
Content-Type: application/x-javascript
Content-Encoding: gzip
Content-MD5: uh+HH+n7/grQTOu2+tsxCg==
Last-Modified: Sat, 18 May 2019 15:11:34 GMT
Cache-Control: public, max-age=83594
Date: Wed, 01 Feb 2023 13:32:13 GMT
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Origin: *

www.attemplate.com/Content/newSignInFiles/0.jpg

13.107.237.53

200 OK

298 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/0.jpg
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, xresolution=98, yresolution=106, resolutionunit=2, software=paint.net 4.0.13], baseline, precision 8, 1920x1080, components 3\012- data
Size
298 kB (298105 bytes)
Hash
f5a9a9531b8f4bcc86eabb19472d15d5
0aac0b09708622c679768aa62b11d95f0e8388de
62faab60433070e2ea52c235f0f18db228759f2a08bb6f9e5711630df8321214

HTTP Headers

GET /Content/newSignInFiles/0.jpg HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/nam/ae5b7749-9cf6-4462-87d2-968f84423e47/fe2bd7cf-1e2f-4fce-a0f0-2077f060a4dd/00399d01-229f-489d-8a73-d250721e3979/login?id=a2dTd1NHM1poNUlZcUwreis2ZFRXR3JiMlUxekJKOEt6TXg3SE5LSEMxQWZMMG03cGZ1a0lMdTNCZndOM09iT3ZZTkVXMmFPQ0xRam1QQmtKR3JWbFhQbWJ6WjRwai9YYXJ2UEIxYitCLzNHK04xV2Q2QWFjZmFLaUcvbmxhejkrZHY1NVM4QkRxV2F3ampYaXQrUWNkLzQvVzlVcTZVK2tKalNxaG1Ic2t4MERMRzBwaWtsVDRVbk95dUd3RW1NeWlxMXA5TC8rVmMvMk1XdU5GVHNtSm55SHZaWCtPcmpWekNCZVFER1VudVhydXhYdGVFY01URDRWcFIrYXdnYWc1cGU0WkJpR2NkVTRLUUNib3JVbFlVR3ZsOUdQOUdaMTIvQmF2TmVzUUM4VUgzdG1oVGE4YTdreVBWaUo3NERUL1ZkY2hUNllhOStkMmxNbEhFQjdoT0cwSzlURmllQ3dpbjk2MlNiczYrNlBCM0pXWVlGQnVTK3Buc29kZHdm
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8CtHQyWPj91Ekil1lfsX_LzfRBNiyp0P8yhIfS2goErjF0nDLrCtljIbRTRMtxbRQvym7X7IWW337UmFpJNNjeVbsqU79U_O2WOmkicbzUpdCrB62GPQ6zhtctMlNl8OPk7DiaMf0it3oIHNLk3aJ04
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 298105
content-type: image/jpeg
last-modified: Fri, 27 Jan 2023 05:42:03 GMT
accept-ranges: bytes
etag: "1d93212152d4bf9"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 03WnaYwAAAABRD6ZKJ9FaQ7PwgTl+skYUQ1BIMzBFREdFMDQwOQAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Wed, 01 Feb 2023 13:32:13 GMT
X-Firefox-Spdy: h2

secure.aadcdn.microsoftonline-p.com/ests/2.1.7362.11/content/cdnbundles/frameworksupport.min.js

104.110.16.53

200 OK

4.9 kB

URL HTTP/1.1
secure.aadcdn.microsoftonline-p.com/ests/2.1.7362.11/content/cdnbundles/frameworksupport.min.js
IP
104.110.16.53:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (10924)
Size
4.9 kB (4855 bytes)
Hash
d3e0516c821ba596614af3b0d3362b82
56353c5fbb6a76635521e378f91f6d6f80ccf611
e229fe312a20c124015ffbcf6f03b72fb91cef7641297d28e5e737c4bed96260

HTTP Headers

GET /ests/2.1.7362.11/content/cdnbundles/frameworksupport.min.js HTTP/1.1
Host: secure.aadcdn.microsoftonline-p.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Length: 4855
Content-Type: application/x-javascript
Content-Encoding: gzip
Content-MD5: 0+BRbIIbpZZhSvOw0zYrgg==
Last-Modified: Sat, 18 May 2019 15:12:35 GMT
Cache-Control: public, max-age=83543
Date: Wed, 01 Feb 2023 13:32:13 GMT
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Origin: *

secure.aadcdn.microsoftonline-p.com/ests/2.1.7362.11/content/cdnbundles/watson.min.js

104.110.16.53

200 OK

3.8 kB

URL HTTP/1.1
secure.aadcdn.microsoftonline-p.com/ests/2.1.7362.11/content/cdnbundles/watson.min.js
IP
104.110.16.53:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (8878), with no line terminators
Size
3.8 kB (3780 bytes)
Hash
5b5f0189c1948f02eb830e159946889e
b8cc8fa54058a613c29d355d432f967390dfdf6b
63e479c4b1297ac1553593205650af172e1225447a9b8a1faac306d5d496942f

HTTP Headers

GET /ests/2.1.7362.11/content/cdnbundles/watson.min.js HTTP/1.1
Host: secure.aadcdn.microsoftonline-p.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Length: 3780
Content-Type: application/x-javascript
Content-Encoding: gzip
Content-MD5: W18BicGUjwLrgw4VmUaIng==
Last-Modified: Sat, 18 May 2019 15:11:58 GMT
Cache-Control: public, max-age=83507
Date: Wed, 01 Feb 2023 13:32:13 GMT
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Origin: *

www.attemplate.com/Content/newSignInFiles/0-small.jpg

13.107.237.53

200 OK

1.0 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/0-small.jpg
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, xresolution=98, yresolution=106, resolutionunit=2, software=paint.net 4.0.13], baseline, precision 8, 50x28, components 3\012- data
Size
1.0 kB (1029 bytes)
Hash
12f4b8b543125cc986c79cd85320812f
e3142c687fe873e1a6a7d29016c7a451b8a2850f
c13db279143e1845ee4aaee5afedc5bd75e9f7d50024b63883b45332c4960b3b

HTTP Headers

GET /Content/newSignInFiles/0-small.jpg HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/nam/ae5b7749-9cf6-4462-87d2-968f84423e47/fe2bd7cf-1e2f-4fce-a0f0-2077f060a4dd/00399d01-229f-489d-8a73-d250721e3979/login?id=a2dTd1NHM1poNUlZcUwreis2ZFRXR3JiMlUxekJKOEt6TXg3SE5LSEMxQWZMMG03cGZ1a0lMdTNCZndOM09iT3ZZTkVXMmFPQ0xRam1QQmtKR3JWbFhQbWJ6WjRwai9YYXJ2UEIxYitCLzNHK04xV2Q2QWFjZmFLaUcvbmxhejkrZHY1NVM4QkRxV2F3ampYaXQrUWNkLzQvVzlVcTZVK2tKalNxaG1Ic2t4MERMRzBwaWtsVDRVbk95dUd3RW1NeWlxMXA5TC8rVmMvMk1XdU5GVHNtSm55SHZaWCtPcmpWekNCZVFER1VudVhydXhYdGVFY01URDRWcFIrYXdnYWc1cGU0WkJpR2NkVTRLUUNib3JVbFlVR3ZsOUdQOUdaMTIvQmF2TmVzUUM4VUgzdG1oVGE4YTdreVBWaUo3NERUL1ZkY2hUNllhOStkMmxNbEhFQjdoT0cwSzlURmllQ3dpbjk2MlNiczYrNlBCM0pXWVlGQnVTK3Buc29kZHdm
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8CtHQyWPj91Ekil1lfsX_LzfRBNiyp0P8yhIfS2goErjF0nDLrCtljIbRTRMtxbRQvym7X7IWW337UmFpJNNjeVbsqU79U_O2WOmkicbzUpdCrB62GPQ6zhtctMlNl8OPk7DiaMf0it3oIHNLk3aJ04
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 1029
content-type: image/jpeg
last-modified: Wed, 25 Jan 2023 10:28:33 GMT
accept-ranges: bytes
etag: "1d930a7c6601a85"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 03WnaYwAAAADQL4OLC1HVQ5HGE2pCbwxcQ1BIMzBFREdFMDQwOQAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Wed, 01 Feb 2023 13:32:13 GMT
X-Firefox-Spdy: h2

www.attemplate.com/common/handlers/watson

13.107.237.53

500 Internal Server Error

21 kB

URL HTTP/2
www.attemplate.com/common/handlers/watson
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
data
Size
21 kB (21444 bytes)
Hash
4c79a8059d65f3b34c67715c0e5ea708
82a9382c7b1d0cd41c92e99957f9fefd9deca6f8
a0967cc373b61d627813ebc2cd7b2658c8cbea504290d7982836732a7229cf03

HTTP Headers

POST /common/handlers/watson HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=utf-8
canary: AQABAAAAAABHh4kmS_aKT5XrjzxRAtHzByAOmM8fpkvKw4pmLXe2B2zfR-dGJC7ZE_XiwLESgQono13jEoEudwaFfYbS-zBQP_Yi900yDXGDchlib2yXwFr4wifGHsKFmuBZ24Vjx8EyYALwzY3Ze9ETm_Pz1oKKoj5UyomNUgTMpvsO69Jo0okaQRk6XPpCpTQb8OBC9Tb79u9Xq2bMD7wtNDvalpa7j8x2WH64BMJpMNSQjMBGACAA
hpgid: 1104
hpgact: 1800
client-request-id: 72b50326-20c5-494b-941d-6db76a881875
X-Requested-With: XMLHttpRequest
Content-Length: 3833
Origin: https://www.attemplate.com
Connection: keep-alive
Referer: https://www.attemplate.com/nam/ae5b7749-9cf6-4462-87d2-968f84423e47/fe2bd7cf-1e2f-4fce-a0f0-2077f060a4dd/00399d01-229f-489d-8a73-d250721e3979/login?id=a2dTd1NHM1poNUlZcUwreis2ZFRXR3JiMlUxekJKOEt6TXg3SE5LSEMxQWZMMG03cGZ1a0lMdTNCZndOM09iT3ZZTkVXMmFPQ0xRam1QQmtKR3JWbFhQbWJ6WjRwai9YYXJ2UEIxYitCLzNHK04xV2Q2QWFjZmFLaUcvbmxhejkrZHY1NVM4QkRxV2F3ampYaXQrUWNkLzQvVzlVcTZVK2tKalNxaG1Ic2t4MERMRzBwaWtsVDRVbk95dUd3RW1NeWlxMXA5TC8rVmMvMk1XdU5GVHNtSm55SHZaWCtPcmpWekNCZVFER1VudVhydXhYdGVFY01URDRWcFIrYXdnYWc1cGU0WkJpR2NkVTRLUUNib3JVbFlVR3ZsOUdQOUdaMTIvQmF2TmVzUUM4VUgzdG1oVGE4YTdreVBWaUo3NERUL1ZkY2hUNllhOStkMmxNbEhFQjdoT0cwSzlURmllQ3dpbjk2MlNiczYrNlBCM0pXWVlGQnVTK3Buc29kZHdm
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8CtHQyWPj91Ekil1lfsX_LzfRBNiyp0P8yhIfS2goErjF0nDLrCtljIbRTRMtxbRQvym7X7IWW337UmFpJNNjeVbsqU79U_O2WOmkicbzUpdCrB62GPQ6zhtctMlNl8OPk7DiaMf0it3oIHNLk3aJ04
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 500 Internal Server Error
content-type: text/html; charset=utf-8
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 03WnaYwAAAAADmaM4S7EFT6KoGs6WUoARQ1BIMzBFREdFMDQwOQAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Wed, 01 Feb 2023 13:32:13 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/prefetch.html

13.107.237.53

200 OK

1.8 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/prefetch.html
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
1.8 kB (1756 bytes)
Hash
a9661376c6d3c89c6448e8efdce7fcfe
5f861ddc8c0d18fc4f1ad6f04a1232504b0e3f27
c7972543b426a4ea331b3de94b4c29071d2b69ec5b2616b7af195c5cf531e72f

HTTP Headers

GET /Content/newSignInFiles/prefetch.html HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/nam/ae5b7749-9cf6-4462-87d2-968f84423e47/fe2bd7cf-1e2f-4fce-a0f0-2077f060a4dd/00399d01-229f-489d-8a73-d250721e3979/login?id=a2dTd1NHM1poNUlZcUwreis2ZFRXR3JiMlUxekJKOEt6TXg3SE5LSEMxQWZMMG03cGZ1a0lMdTNCZndOM09iT3ZZTkVXMmFPQ0xRam1QQmtKR3JWbFhQbWJ6WjRwai9YYXJ2UEIxYitCLzNHK04xV2Q2QWFjZmFLaUcvbmxhejkrZHY1NVM4QkRxV2F3ampYaXQrUWNkLzQvVzlVcTZVK2tKalNxaG1Ic2t4MERMRzBwaWtsVDRVbk95dUd3RW1NeWlxMXA5TC8rVmMvMk1XdU5GVHNtSm55SHZaWCtPcmpWekNCZVFER1VudVhydXhYdGVFY01URDRWcFIrYXdnYWc1cGU0WkJpR2NkVTRLUUNib3JVbFlVR3ZsOUdQOUdaMTIvQmF2TmVzUUM4VUgzdG1oVGE4YTdreVBWaUo3NERUL1ZkY2hUNllhOStkMmxNbEhFQjdoT0cwSzlURmllQ3dpbjk2MlNiczYrNlBCM0pXWVlGQnVTK3Buc29kZHdm
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8CtHQyWPj91Ekil1lfsX_LzfRBNiyp0P8yhIfS2goErjF0nDLrCtljIbRTRMtxbRQvym7X7IWW337UmFpJNNjeVbsqU79U_O2WOmkicbzUpdCrB62GPQ6zhtctMlNl8OPk7DiaMf0it3oIHNLk3aJ04
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 1756
content-type: text/html
last-modified: Fri, 27 Jan 2023 05:10:39 GMT
accept-ranges: bytes
etag: "1d9320db236375c"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 03WnaYwAAAABk6NEcsaCeRoZNcsQy2Mn9Q1BIMzBFREdFMDQwOQAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Wed, 01 Feb 2023 13:32:14 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/staticStylesFluent.css

13.107.237.53

200 OK

42 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/staticStylesFluent.css
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (42370), with no line terminators
Size
42 kB (42370 bytes)
Hash
91eabe9f6d879f4ca72b65493213bd68
0f6815e186b3c08e4e4aa3105282db2588c9dd33
3e17954a96ef8fdab6b6c32b08452a5e555f3c95a3ac691913542b54198c3dc5

HTTP Headers

GET /Content/newSignInFiles/staticStylesFluent.css HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/Content/newSignInFiles/prefetch.html
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8CtHQyWPj91Ekil1lfsX_LzfRBNiyp0P8yhIfS2goErjF0nDLrCtljIbRTRMtxbRQvym7X7IWW337UmFpJNNjeVbsqU79U_O2WOmkicbzUpdCrB62GPQ6zhtctMlNl8OPk7DiaMf0it3oIHNLk3aJ04
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 42370
content-type: text/css
last-modified: Thu, 26 Jan 2023 04:06:41 GMT
accept-ranges: bytes
etag: "1d9313b982cbb02"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 03mnaYwAAAACSUSfpP3WKRapYrx9QWsPWQ1BIMzBFREdFMDQwOQAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Wed, 01 Feb 2023 13:32:14 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/share.html

13.107.237.53

200 OK

61 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/share.html
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (34636), with CRLF line terminators
Size
61 kB (61050 bytes)
Hash
9a3bb6d1929df442683d0042a4da4736
f40f88e9c5043f43ce176313738f0242bc741ddb
1f2052b393bc87d22c4320ac95cfa8e0e0b5e6e505be6e49c9b8158df02ff1be

HTTP Headers

GET /Content/newSignInFiles/share.html HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/Content/newSignInFiles/prefetch.html
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8CtHQyWPj91Ekil1lfsX_LzfRBNiyp0P8yhIfS2goErjF0nDLrCtljIbRTRMtxbRQvym7X7IWW337UmFpJNNjeVbsqU79U_O2WOmkicbzUpdCrB62GPQ6zhtctMlNl8OPk7DiaMf0it3oIHNLk3aJ04
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 61050
content-type: text/html
last-modified: Fri, 27 Jan 2023 04:50:25 GMT
accept-ranges: bytes
etag: "1d9320ade9c90fa"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 03mnaYwAAAAC7a/v/FwThRKpn983hipQwQ1BIMzBFREdFMDQwOQAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Wed, 01 Feb 2023 13:32:14 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/prefetch_1.html

13.107.237.53

200 OK

3.4 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/prefetch_1.html
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (1188), with CRLF line terminators
Size
3.4 kB (3401 bytes)
Hash
64a497444d32ffc563f0acb028a00add
0128ccd7f2db9cad212bbad9604fbf375fd6e9d2
b3ed53e1ec89c55f0ad6f8241900b6fb06c8538158ae386ad18666942a6c1180

HTTP Headers

GET /Content/newSignInFiles/prefetch_1.html HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/Content/newSignInFiles/prefetch.html
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8CtHQyWPj91Ekil1lfsX_LzfRBNiyp0P8yhIfS2goErjF0nDLrCtljIbRTRMtxbRQvym7X7IWW337UmFpJNNjeVbsqU79U_O2WOmkicbzUpdCrB62GPQ6zhtctMlNl8OPk7DiaMf0it3oIHNLk3aJ04
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 3401
content-type: text/html
last-modified: Mon, 30 Jan 2023 05:51:25 GMT
accept-ranges: bytes
etag: "1d9346ee36161c9"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 03mnaYwAAAAA2ScuN9HHQSZKh1ZpaJ+GsQ1BIMzBFREdFMDQwOQAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Wed, 01 Feb 2023 13:32:14 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/sprite1.mouse.css

13.107.237.53

200 OK

7.6 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/sprite1.mouse.css
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (7604), with no line terminators
Size
7.6 kB (7604 bytes)
Hash
e9ba472d2ddb09fb3ec536dc240b1976
99daf55408b077f6f56daaf6cae4e54dc0fc0cfa
461f87e55bba34c4d9248d1b45685ea832eba56c15ebf6cccf75d49f1547b502

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /Content/newSignInFiles/sprite1.mouse.css HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/Content/newSignInFiles/prefetch_1.html
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8CtHQyWPj91Ekil1lfsX_LzfRBNiyp0P8yhIfS2goErjF0nDLrCtljIbRTRMtxbRQvym7X7IWW337UmFpJNNjeVbsqU79U_O2WOmkicbzUpdCrB62GPQ6zhtctMlNl8OPk7DiaMf0it3oIHNLk3aJ04
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 7604
content-type: text/css
last-modified: Mon, 30 Jan 2023 04:15:17 GMT
accept-ranges: bytes
etag: "1d9346175626534"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 032naYwAAAACQ5b6a/NzNQpsI9LuYa6VfQ1BIMzBFREdFMDQwOQAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Wed, 01 Feb 2023 13:32:15 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/sprite1.mouse.png

13.107.237.53

200 OK

17 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/sprite1.mouse.png
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 600 x 75, 8-bit/color RGBA, non-interlaced\012- data
Size
17 kB (16664 bytes)
Hash
2835f067dcf4c8a12464856267ca8ff7
ab0a6ccd3932d913314b1ff617f236750781a835
4b5cc3fed2c03c158abc3634c1f7700079fbc1e6183aa5e47a2064cfed87977c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /Content/newSignInFiles/sprite1.mouse.png HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/Content/newSignInFiles/prefetch_1.html
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8CtHQyWPj91Ekil1lfsX_LzfRBNiyp0P8yhIfS2goErjF0nDLrCtljIbRTRMtxbRQvym7X7IWW337UmFpJNNjeVbsqU79U_O2WOmkicbzUpdCrB62GPQ6zhtctMlNl8OPk7DiaMf0it3oIHNLk3aJ04
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 16664
content-type: image/png
last-modified: Mon, 30 Jan 2023 04:37:11 GMT
accept-ranges: bytes
etag: "1d934648496b498"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 032naYwAAAAAsDL8CB17jQq3IMOJ3cVkaQ1BIMzBFREdFMDQwOQAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Wed, 01 Feb 2023 13:32:15 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/boot.worldwide.2.mouse.js

13.107.237.53

200 OK

658 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/boot.worldwide.2.mouse.js
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (65339), with CRLF line terminators
Size
658 kB (658229 bytes)
Hash
4b4b962b7bcb6374b576fb44fb24a871
d8dcadb5752a2549f8321ac022edb6be3c7ca51f
f5ea68a1c0bb90325f9a53432026888725dacc91574702856db1d628c3f9c5df

HTTP Headers

GET /Content/newSignInFiles/boot.worldwide.2.mouse.js HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/Content/newSignInFiles/prefetch_1.html
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8CtHQyWPj91Ekil1lfsX_LzfRBNiyp0P8yhIfS2goErjF0nDLrCtljIbRTRMtxbRQvym7X7IWW337UmFpJNNjeVbsqU79U_O2WOmkicbzUpdCrB62GPQ6zhtctMlNl8OPk7DiaMf0it3oIHNLk3aJ04
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 658229
content-type: application/javascript
last-modified: Fri, 27 Jan 2023 05:02:57 GMT
accept-ranges: bytes
etag: "1d9320c9edc9db5"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 032naYwAAAADuBw4tZ2InQKvyiwtrygtjQ1BIMzBFREdFMDQwOQAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Wed, 01 Feb 2023 13:32:15 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/odbshare-deca58ee.js

13.107.237.53

200 OK

1.3 MB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/odbshare-deca58ee.js
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (52526), with CRLF line terminators
Size
1.3 MB (1267037 bytes)
Hash
36e4d5260114c1c0aaaf543f60242abe
216bb5e7b2d7b3ea2fa94be5bd0daaa8420d9294
23f0ff28cbffa80317fd222cb6b7857cfd2075be3bccebfac2cbc97ad1747da6

HTTP Headers

GET /Content/newSignInFiles/odbshare-deca58ee.js HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.attemplate.com/Content/newSignInFiles/share.html
Connection: keep-alive
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8CtHQyWPj91Ekil1lfsX_LzfRBNiyp0P8yhIfS2goErjF0nDLrCtljIbRTRMtxbRQvym7X7IWW337UmFpJNNjeVbsqU79U_O2WOmkicbzUpdCrB62GPQ6zhtctMlNl8OPk7DiaMf0it3oIHNLk3aJ04
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 1267037
content-type: application/javascript
last-modified: Wed, 25 Jan 2023 11:00:37 GMT
accept-ranges: bytes
etag: "1d930ac41386ddd"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 03mnaYwAAAADH1bR7fk2HRL45/AWRlp4VQ1BIMzBFREdFMDQwOQAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Wed, 01 Feb 2023 13:32:14 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/odbshare.resx-30cb8c0f.js

13.107.237.53

200 OK

55 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/odbshare.resx-30cb8c0f.js
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 text, with very long lines (54840), with no line terminators
Size
55 kB (54846 bytes)
Hash
30cb8c0f0121ecf0d7e72f25e99db372
d5569b73a452b935da0394cda601ef83e69e5361
df5b5ebcb8f62fb2e24b77c57d71f02f98705370ccad457e4ca214975ab77498

HTTP Headers

GET /Content/newSignInFiles/odbshare.resx-30cb8c0f.js HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.attemplate.com/Content/newSignInFiles/share.html
Connection: keep-alive
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8CtHQyWPj91Ekil1lfsX_LzfRBNiyp0P8yhIfS2goErjF0nDLrCtljIbRTRMtxbRQvym7X7IWW337UmFpJNNjeVbsqU79U_O2WOmkicbzUpdCrB62GPQ6zhtctMlNl8OPk7DiaMf0it3oIHNLk3aJ04
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 54846
content-type: application/javascript
last-modified: Fri, 27 Jan 2023 04:50:25 GMT
accept-ranges: bytes
etag: "1d9320ade9ca8be"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 03mnaYwAAAAAdpdW7bPFPSIQYnJqAWPqMQ1BIMzBFREdFMDQwOQAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Wed, 01 Feb 2023 13:32:15 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/react-e173c92e.js

13.107.237.53

200 OK

151 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/react-e173c92e.js
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (65536), with no line terminators
Size
151 kB (150787 bytes)
Hash
e173c92e0f5b1f151fb56b251cacbc39
5a2ecc596693c47856d22c7f240c9b9568bb96a0
66bcaf33e9ff0218ddd697bfcc5067e10840ae8055f271dcf7d5a37ade6ee22f

HTTP Headers

GET /Content/newSignInFiles/react-e173c92e.js HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.attemplate.com/Content/newSignInFiles/share.html
Connection: keep-alive
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8CtHQyWPj91Ekil1lfsX_LzfRBNiyp0P8yhIfS2goErjF0nDLrCtljIbRTRMtxbRQvym7X7IWW337UmFpJNNjeVbsqU79U_O2WOmkicbzUpdCrB62GPQ6zhtctMlNl8OPk7DiaMf0it3oIHNLk3aJ04
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 150787
content-type: application/javascript
last-modified: Mon, 30 Jan 2023 05:39:26 GMT
accept-ranges: bytes
etag: "1d9346d36d0f603"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 03mnaYwAAAAAyi4iE//dcSJU185VcI6yTQ1BIMzBFREdFMDQwOQAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Wed, 01 Feb 2023 13:32:15 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/knockout-b324ae36.js

13.107.237.53

200 OK

66 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/knockout-b324ae36.js
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (59466), with CRLF line terminators
Size
66 kB (65592 bytes)
Hash
1fe900de2fc85937b8fd66b912d5ec98
1aa37910ecec33bee345da74cd5ee50feb85fbe1
5052bc6222b5c7990b21575a67fbeb1396e550fb03d11b86c9bc96dbb8a9e4e7

HTTP Headers

GET /Content/newSignInFiles/knockout-b324ae36.js HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.attemplate.com/Content/newSignInFiles/share.html
Connection: keep-alive
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8CtHQyWPj91Ekil1lfsX_LzfRBNiyp0P8yhIfS2goErjF0nDLrCtljIbRTRMtxbRQvym7X7IWW337UmFpJNNjeVbsqU79U_O2WOmkicbzUpdCrB62GPQ6zhtctMlNl8OPk7DiaMf0it3oIHNLk3aJ04
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 65592
content-type: application/javascript
last-modified: Mon, 30 Jan 2023 06:09:41 GMT
accept-ranges: bytes
etag: "1d9347170a4c0b8"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 03mnaYwAAAAATiA7ZVs3YQb85J1n0B6EaQ1BIMzBFREdFMDQwOQAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Wed, 01 Feb 2023 13:32:15 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/sharedFontStyles.css

13.107.237.53

200 OK

81 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/sharedFontStyles.css
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (65536), with no line terminators
Size
81 kB (80753 bytes)
Hash
f2b550ccd5342b303f228c6c21b75a5a
1f0d44968065c0e7c6c94c48b64df85fd87319ee
0365a3907c20a89c185786deb53076a06d0c823926153a46d534359e05b3fd94

HTTP Headers

GET /Content/newSignInFiles/sharedFontStyles.css HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/Content/newSignInFiles/prefetch.html
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8CtHQyWPj91Ekil1lfsX_LzfRBNiyp0P8yhIfS2goErjF0nDLrCtljIbRTRMtxbRQvym7X7IWW337UmFpJNNjeVbsqU79U_O2WOmkicbzUpdCrB62GPQ6zhtctMlNl8OPk7DiaMf0it3oIHNLk3aJ04
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 80753
content-type: text/css
last-modified: Fri, 27 Jan 2023 05:17:46 GMT
accept-ranges: bytes
etag: "1d9320eb0b80271"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 03mnaYwAAAADTUScgJTJoRIvZLu8yyg7VQ1BIMzBFREdFMDQwOQAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Wed, 01 Feb 2023 13:32:15 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/boot.worldwide.0.mouse.js

13.107.237.53

200 OK

659 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/boot.worldwide.0.mouse.js
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (59852), with CRLF line terminators
Size
659 kB (658812 bytes)
Hash
ddbd3e0172d580dce1d5037ac1b7df8b
182379569666d07d0505621be9d8e1b32353bd8e
7a321e19122b4aea06314fc09e75cf19e37d4ba61e6e315371987ac895e806ce

HTTP Headers

GET /Content/newSignInFiles/boot.worldwide.0.mouse.js HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/Content/newSignInFiles/prefetch_1.html
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8CtHQyWPj91Ekil1lfsX_LzfRBNiyp0P8yhIfS2goErjF0nDLrCtljIbRTRMtxbRQvym7X7IWW337UmFpJNNjeVbsqU79U_O2WOmkicbzUpdCrB62GPQ6zhtctMlNl8OPk7DiaMf0it3oIHNLk3aJ04
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 658812
content-type: application/javascript
last-modified: Fri, 27 Jan 2023 04:50:25 GMT
accept-ranges: bytes
etag: "1d9320ade9673fc"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 032naYwAAAAC+8JsnByW8RIB77W81ENqfQ1BIMzBFREdFMDQwOQAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Wed, 01 Feb 2023 13:32:15 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/boot.worldwide.1.mouse.js

13.107.237.53

200 OK

655 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/boot.worldwide.1.mouse.js
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (65339), with CRLF line terminators
Size
655 kB (655420 bytes)
Hash
6a959bbef782c384e9bc59b6ca8985f5
6ff91ca8fc691f7ae420d6ee41b5172b08968f3f
eccbfcf674637944b0ad6c956e8a1210838158a3fa589d9d3752bc667ecfb09b

HTTP Headers

GET /Content/newSignInFiles/boot.worldwide.1.mouse.js HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/Content/newSignInFiles/prefetch_1.html
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8CtHQyWPj91Ekil1lfsX_LzfRBNiyp0P8yhIfS2goErjF0nDLrCtljIbRTRMtxbRQvym7X7IWW337UmFpJNNjeVbsqU79U_O2WOmkicbzUpdCrB62GPQ6zhtctMlNl8OPk7DiaMf0it3oIHNLk3aJ04
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 655420
content-type: application/javascript
last-modified: Fri, 27 Jan 2023 05:10:39 GMT
accept-ranges: bytes
etag: "1d9320db23c31bc"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 032naYwAAAAAnu+W/Jj/HSJwUaqqmbMYwQ1BIMzBFREdFMDQwOQAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Wed, 01 Feb 2023 13:32:15 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/boot.worldwide.mouse.css

13.107.237.53

200 OK

232 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/boot.worldwide.mouse.css
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (65536), with no line terminators
Size
232 kB (232377 bytes)
Hash
48fc1595ceb5f14fd150e4c303231a66
cfea5fe8e941a3b54c37362e21b2f64969d51bb0
1be30cb9303e429a65d50bfa98d279c803256485836027d99b4b195b7fcd9f69

HTTP Headers

GET /Content/newSignInFiles/boot.worldwide.mouse.css HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/Content/newSignInFiles/prefetch_1.html
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8CtHQyWPj91Ekil1lfsX_LzfRBNiyp0P8yhIfS2goErjF0nDLrCtljIbRTRMtxbRQvym7X7IWW337UmFpJNNjeVbsqU79U_O2WOmkicbzUpdCrB62GPQ6zhtctMlNl8OPk7DiaMf0it3oIHNLk3aJ04
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 232377
content-type: text/css
last-modified: Mon, 30 Jan 2023 04:05:03 GMT
accept-ranges: bytes
etag: "1d93460076a0a39"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 032naYwAAAABwXKRugWq9SKTf4BZAPsOrQ1BIMzBFREdFMDQwOQAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Wed, 01 Feb 2023 13:32:15 GMT
X-Firefox-Spdy: h2

www.attemplate.com/Content/newSignInFiles/boot.worldwide.3.mouse.js

13.107.237.53

200 OK

656 kB

URL HTTP/2
www.attemplate.com/Content/newSignInFiles/boot.worldwide.3.mouse.js
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (65339), with CRLF line terminators
Size
656 kB (656278 bytes)
Hash
97c5f8fff487304a9482b1bc49cc0d01
4e2f7c2efef5e2eb974e42c75add4c5fe62bc3f6
09b52730dfeb19700920e33d3a12060ec2c78ccb62b7336a22a3d39fb07674a5

HTTP Headers

GET /Content/newSignInFiles/boot.worldwide.3.mouse.js HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/Content/newSignInFiles/prefetch_1.html
Cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8CtHQyWPj91Ekil1lfsX_LzfRBNiyp0P8yhIfS2goErjF0nDLrCtljIbRTRMtxbRQvym7X7IWW337UmFpJNNjeVbsqU79U_O2WOmkicbzUpdCrB62GPQ6zhtctMlNl8OPk7DiaMf0it3oIHNLk3aJ04
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 656278
content-type: application/javascript
last-modified: Fri, 27 Jan 2023 05:17:43 GMT
accept-ranges: bytes
etag: "1d9320eaee57616"
request-context: appId=
strict-transport-security: max-age=2592000
x-cache: CONFIG_NOCACHE
x-azure-ref: 032naYwAAAABP1lYlvWBsSKTP88SO1lR8Q1BIMzBFREdFMDQwOQAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Wed, 01 Feb 2023 13:32:15 GMT
X-Firefox-Spdy: h2

oneocsp.microsoft.com/ocsp

204.79.197.203

200 OK

1.8 kB

URL HTTP/1.1
oneocsp.microsoft.com/ocsp
IP
204.79.197.203:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
data
Size
1.8 kB (1777 bytes)
Hash
a104fffb4c4533a46871ef6bc48489b2
3930d6b6e1671a6ba6c4437009d97f45daf4b149
4d4be245008f712a157350b82cddd9ca96f68b0d96b13f5b7ce673f2c42fc68f

HTTP Headers

POST /ocsp HTTP/1.1
Host: oneocsp.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: max-age=86400
Content-Length: 1777
Content-Type: application/ocsp-response
Expires: Sun, 05 Feb 2023 15:50:09 GMT
Last-Modified: Tue, 31 Jan 2023 14:14:09 GMT
ETag: "4d4be245008f712a157350b82cddd9ca96f68b0d96b13f5b7ce673f2c42fc68f"
X-Powered-By: ASP.NET
x-content-type-options: nosniff
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: 70B3A26A730949AAA6B3AABE3E1517EE Ref B: OSL30EDGE0510 Ref C: 2023-02-01T13:32:18Z
Date: Wed, 01 Feb 2023 13:32:17 GMT

www.attemplate.com/nam/ae5b7749-9cf6-4462-87d2-968f84423e47/fe2bd7cf-1e2f-4fce-a0f0-2077f060a4dd/00399d01-229f-489d-8a73-d250721e3979/login?id=a2dTd1NHM1poNUlZcUwreis2ZFRXR3JiMlUxekJKOEt6TXg3SE5LSEMxQWZMMG03cGZ1a0lMdTNCZndOM09iT3ZZTkVXMmFPQ0xRam1QQmtKR3JWbFhQbWJ6WjRwai9YYXJ2UEIxYitCLzNHK04xV2Q2QWFjZmFLaUcvbmxhejkrZHY1NVM4QkRxV2F3ampYaXQrUWNkLzQvVzlVcTZVK2tKalNxaG1Ic2t4MERMRzBwaWtsVDRVbk95dUd3RW1NeWlxMXA5TC8rVmMvMk1XdU5GVHNtSm55SHZaWCtPcmpWekNCZVFER1VudVhydXhYdGVFY01URDRWcFIrYXdnYWc1cGU0WkJpR2NkVTRLUUNib3JVbFlVR3ZsOUdQOUdaMTIvQmF2TmVzUUM4VUgzdG1oVGE4YTdreVBWaUo3NERUL1ZkY2hUNllhOStkMmxNbEhFQjdoT0cwSzlURmllQ3dpbjk2MlNiczYrNlBCM0pXWVlGQnVTK3Buc29kZHdm

13.107.237.53

200 OK

29 kB

URL HTTP/2
www.attemplate.com/nam/ae5b7749-9cf6-4462-87d2-968f84423e47/fe2bd7cf-1e2f-4fce-a0f0-2077f060a4dd/00399d01-229f-489d-8a73-d250721e3979/login?id=a2dTd1NHM1poNUlZcUwreis2ZFRXR3JiMlUxekJKOEt6TXg3SE5LSEMxQWZMMG03cGZ1a0lMdTNCZndOM09iT3ZZTkVXMmFPQ0xRam1QQmtKR3JWbFhQbWJ6WjRwai9YYXJ2UEIxYitCLzNHK04xV2Q2QWFjZmFLaUcvbmxhejkrZHY1NVM4QkRxV2F3ampYaXQrUWNkLzQvVzlVcTZVK2tKalNxaG1Ic2t4MERMRzBwaWtsVDRVbk95dUd3RW1NeWlxMXA5TC8rVmMvMk1XdU5GVHNtSm55SHZaWCtPcmpWekNCZVFER1VudVhydXhYdGVFY01URDRWcFIrYXdnYWc1cGU0WkJpR2NkVTRLUUNib3JVbFlVR3ZsOUdQOUdaMTIvQmF2TmVzUUM4VUgzdG1oVGE4YTdreVBWaUo3NERUL1ZkY2hUNllhOStkMmxNbEhFQjdoT0cwSzlURmllQ3dpbjk2MlNiczYrNlBCM0pXWVlGQnVTK3Buc29kZHdm
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
data
Size
29 kB (29049 bytes)
Hash
260dab566efc0bea20016d4c530d592d
3689725d5d256429a1c00075cdd63ada4eb80dff
92f9e017b28769b557e2dce888577e8e687a62fa16c356beb1d0ca8868b4036f

Detections

Analyzer	Verdict	Alert
openphish	Outlook
fortinet	Phishing

HTTP Headers

GET /nam/ae5b7749-9cf6-4462-87d2-968f84423e47/fe2bd7cf-1e2f-4fce-a0f0-2077f060a4dd/00399d01-229f-489d-8a73-d250721e3979/login?id=a2dTd1NHM1poNUlZcUwreis2ZFRXR3JiMlUxekJKOEt6TXg3SE5LSEMxQWZMMG03cGZ1a0lMdTNCZndOM09iT3ZZTkVXMmFPQ0xRam1QQmtKR3JWbFhQbWJ6WjRwai9YYXJ2UEIxYitCLzNHK04xV2Q2QWFjZmFLaUcvbmxhejkrZHY1NVM4QkRxV2F3ampYaXQrUWNkLzQvVzlVcTZVK2tKalNxaG1Ic2t4MERMRzBwaWtsVDRVbk95dUd3RW1NeWlxMXA5TC8rVmMvMk1XdU5GVHNtSm55SHZaWCtPcmpWekNCZVFER1VudVhydXhYdGVFY01URDRWcFIrYXdnYWc1cGU0WkJpR2NkVTRLUUNib3JVbFlVR3ZsOUdQOUdaMTIvQmF2TmVzUUM4VUgzdG1oVGE4YTdreVBWaUo3NERUL1ZkY2hUNllhOStkMmxNbEhFQjdoT0cwSzlURmllQ3dpbjk2MlNiczYrNlBCM0pXWVlGQnVTK3Buc29kZHdm HTTP/1.1
Host: www.attemplate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
set-cookie: .AspNetCore.Antiforgery.UWcjZIvSIrw=CfDJ8CtHQyWPj91Ekil1lfsX_LzfRBNiyp0P8yhIfS2goErjF0nDLrCtljIbRTRMtxbRQvym7X7IWW337UmFpJNNjeVbsqU79U_O2WOmkicbzUpdCrB62GPQ6zhtctMlNl8OPk7DiaMf0it3oIHNLk3aJ04; path=/; samesite=strict; httponly
request-context: appId=
strict-transport-security: max-age=2592000
x-frame-options: SAMEORIGIN
x-cache: CONFIG_NOCACHE
x-azure-ref: 02WnaYwAAAADyUAjo/tNTRpJEFQfGkFWdQ1BIMzBFREdFMDQwOQAyMDQ2ODBkMy1lN2MyLTRjZTktOGNlNy00ZGJmZWExY2VjODA=
date: Wed, 01 Feb 2023 13:32:10 GMT
X-Firefox-Spdy: h2

oneocsp.microsoft.com/ocsp

204.79.197.203

200 OK

1.8 kB

URL HTTP/1.1
oneocsp.microsoft.com/ocsp
IP
204.79.197.203:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
data
Size
1.8 kB (1777 bytes)
Hash
a0cf5df2b09d09762a96cc26321ab2a5
8665058404b6fcab679fda4c0aea2cfa26765a69
93e6434c68f1e6388ba99ba14eebf093ddfcb7f033b97c3e3539d3eb0a8732e8

HTTP Headers

POST /ocsp HTTP/1.1
Host: oneocsp.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: max-age=86400
Content-Length: 1777
Content-Type: application/ocsp-response
Expires: Sun, 05 Feb 2023 15:50:09 GMT
Last-Modified: Tue, 31 Jan 2023 14:14:09 GMT
ETag: "93e6434c68f1e6388ba99ba14eebf093ddfcb7f033b97c3e3539d3eb0a8732e8"
X-Powered-By: ASP.NET
x-content-type-options: nosniff
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: BF80F9836142444499D37C9D29E334B6 Ref B: OSL30EDGE0509 Ref C: 2023-02-01T13:32:18Z
Date: Wed, 01 Feb 2023 13:32:18 GMT

oneocsp.microsoft.com/ocsp

204.79.197.203

200 OK

1.8 kB

URL HTTP/1.1
oneocsp.microsoft.com/ocsp
IP
204.79.197.203:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
data
Size
1.8 kB (1777 bytes)
Hash
a104fffb4c4533a46871ef6bc48489b2
3930d6b6e1671a6ba6c4437009d97f45daf4b149
4d4be245008f712a157350b82cddd9ca96f68b0d96b13f5b7ce673f2c42fc68f

HTTP Headers

POST /ocsp HTTP/1.1
Host: oneocsp.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: max-age=86400
Content-Length: 1777
Content-Type: application/ocsp-response
Expires: Sun, 05 Feb 2023 15:50:09 GMT
Last-Modified: Tue, 31 Jan 2023 14:14:09 GMT
ETag: "4d4be245008f712a157350b82cddd9ca96f68b0d96b13f5b7ce673f2c42fc68f"
X-Powered-By: ASP.NET
x-content-type-options: nosniff
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: 0975A043C9EA4FDAABB1697517947394 Ref B: OSL30EDGE0521 Ref C: 2023-02-01T13:32:18Z
Date: Wed, 01 Feb 2023 13:32:17 GMT

oneocsp.microsoft.com/ocsp

204.79.197.203

200 OK

1.8 kB

URL HTTP/1.1
oneocsp.microsoft.com/ocsp
IP
204.79.197.203:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
data
Size
1.8 kB (1777 bytes)
Hash
8740ad683c29942b0ecbf5f146e6171c
87598a6ecf95c235bf1f77f2da2c8341f39d7578
7f2ad6c0c9a847e5cd45f97a521aa866c0b2ca254397b212320f3ee6088a0831

HTTP Headers

POST /ocsp HTTP/1.1
Host: oneocsp.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: max-age=86400
Content-Length: 1777
Content-Type: application/ocsp-response
Expires: Sun, 05 Feb 2023 15:50:09 GMT
Last-Modified: Tue, 31 Jan 2023 14:14:09 GMT
ETag: "7f2ad6c0c9a847e5cd45f97a521aa866c0b2ca254397b212320f3ee6088a0831"
X-Powered-By: ASP.NET
x-content-type-options: nosniff
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: 5F5A45EA46A54E44BC9C6616E08228AC Ref B: OSL30EDGE0110 Ref C: 2023-02-01T13:32:18Z
Date: Wed, 01 Feb 2023 13:32:17 GMT

r4.res.office365.com/owa/prem/16.2170.8.2502626/scripts/boot.worldwide.0.mouse.js

95.101.10.208

200 OK

178 kB

URL HTTP/2
r4.res.office365.com/owa/prem/16.2170.8.2502626/scripts/boot.worldwide.0.mouse.js
IP
95.101.10.208:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (59852), with CRLF line terminators
Size
178 kB (178168 bytes)
Hash
766d8b9b12b91afafe8e4acd88b189a0
2d521e0d6078ef684ae221170e0fa983e1d44760
88d8843e944d171335d8b95a11adadc743923d629c1db108178a642920bb9c7c

HTTP Headers

GET /owa/prem/16.2170.8.2502626/scripts/boot.worldwide.0.mouse.js HTTP/1.1
Host: r4.res.office365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
last-modified: Thu, 01 Mar 2018 22:03:28 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 178168
cache-control: public,max-age=630720000, s-maxage=630720000
date: Wed, 01 Feb 2023 13:32:18 GMT
timing-allow-origin: *
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

r4.res.office365.com/owa/prem/16.2170.8.2502626/scripts/boot.worldwide.2.mouse.js

95.101.10.208

200 OK

0 B

URL HTTP/2
r4.res.office365.com/owa/prem/16.2170.8.2502626/scripts/boot.worldwide.2.mouse.js
IP
95.101.10.208:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /owa/prem/16.2170.8.2502626/scripts/boot.worldwide.2.mouse.js HTTP/1.1
Host: r4.res.office365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.attemplate.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
last-modified: Thu, 01 Mar 2018 22:03:28 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 169086
cache-control: public,max-age=630720000, s-maxage=630720000
date: Wed, 01 Feb 2023 13:32:18 GMT
timing-allow-origin: *
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (18)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML