s3.fr-par.scw.cloud Open in urlscan Pro
2001:bc8:10::7  Malicious Activity! Public Scan

8 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request index.html Show response s3.fr-par.scw.cloud/pnhb.huuuattt/	237 KB 237 KB	196ms 133ms	Document text/html	2001:bc8:10::7 Online SAS
General Check archive.org Show headers Download Go to Full URL https://s3.fr-par.scw.cloud/pnhb.huuuattt/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2001:bc8:10::7 , France, ASN12876 (Online SAS, FR), Reverse DNS Software / Resource Hash 9aec75411569df3d0372dbcd3f478382cb0b0a4e0380692727f8d2151fff02fa Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 accept-language fr-FR,fr;q=0.9 Response headers accept-ranges bytes content-length 242251 content-type text/html date Fri, 07 Oct 2022 14:33:57 GMT etag "4163bb98b92436fe6b6731237eed8808" last-modified Sun, 02 Oct 2022 09:15:32 GMT x-amz-id-2 tx782a19d26ab141edb46bf-00634038d5 x-amz-request-id tx782a19d26ab141edb46bf-00634038d5 x-amz-version-id 1664702132050255
GET H/1.1	200 OK	att_common.js Show response signin-static-js.att.com/scripts/	427 KB 249 KB	910ms 159ms	Script application/javascript	144.160.19.173 AMERITECH-AS
General Check archive.org Show headers Download Go to Full URL https://signin-static-js.att.com/scripts/att_common.js?apg Requested by Host: s3.fr-par.scw.cloud URL: https://s3.fr-par.scw.cloud/pnhb.huuuattt/index.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 144.160.19.173 , United States, ASN797 (AMERITECH-AS, US), Reverse DNS clcontent-sf.att.com Software / Resource Hash c2eb39ee130a5b2f8fc823f8bfa06f527bc9708f024ed5b9904e23039fd1f086 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language fr-FR,fr;q=0.9 Referer https://s3.fr-par.scw.cloud/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Fri, 07 Oct 2022 14:33:58 GMT content-encoding gzip via 1.1 google strict-transport-security max-age=31536000; includeSubDomains; preload age 2655 transfer-encoding chunked iam_on 99 p3p CP="NON CUR OTPi OUR NOR UNI" x-envoy-upstream-service-time 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 pragma no-cache last-modified Thu, 01 Sep 2022 03:51:39 GMT vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript; charset=UTF-8 access-control-allow-origin https://signin.att.com cache-control no-cache, no-store, must-revalidate accept-ranges bytes expires 0
GET H2	200	detm-container-hdr.js Show response www.att.com/scripts/adobe/prod/	106 KB 30 KB	182ms 61ms	Script application/x-javascript	2a02:26f0:1700:393::2db1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.att.com/scripts/adobe/prod/detm-container-hdr.js Requested by Host: s3.fr-par.scw.cloud URL: https://s3.fr-par.scw.cloud/pnhb.huuuattt/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:393::2db1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 8d4525f9eee48caf23f5ad073371667114500e8a4f253f888044b585c2421ff1 Security Headers Name Value Strict-Transport-Security max-age=15768000 ; preload Request headers accept-language fr-FR,fr;q=0.9 Referer https://s3.fr-par.scw.cloud/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Fri, 07 Oct 2022 14:33:57 GMT content-encoding gzip strict-transport-security max-age=15768000 ; preload last-modified Thu, 06 Oct 2022 00:07:57 GMT server AkamaiNetStorage etag "65a6adba2e388a7dae6336a32064e957:1665014877.081658" vary Accept-Encoding content-type application/x-javascript cache-control no-cache, private, max-age=7776000 server-timing cdn-cache; desc=HIT, edge; dur=1 accept-ranges bytes aka-global-request-id-uxtime 0.056656b8.1665153237.21dde023 content-length 30014
GET H2	200	quantum-att-loader.js Show response cdn.quantummetric.com/loaders/	2 KB 946 B	195ms 144ms	Script application/javascript	2606:4700:10::6816:35fc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.quantummetric.com/loaders/quantum-att-loader.js Requested by Host: s3.fr-par.scw.cloud URL: https://s3.fr-par.scw.cloud/pnhb.huuuattt/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:35fc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 026ec02eb6b28985ccbd45ee015a8dd502b57d47f00b7269ac5601d3c278544f Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language fr-FR,fr;q=0.9 Referer https://s3.fr-par.scw.cloud/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Fri, 07 Oct 2022 14:33:59 GMT strict-transport-security max-age=31536000 content-encoding br cf-cache-status EXPIRED last-modified Wed, 20 Jul 2022 16:12:49 GMT server cloudflare etag W/"7e8-1821c62217d" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=0 cf-ray 75675ae01e0f999c-CDG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	att_common.js Show response signin-static-js.att.com/scripts/	236 KB 137 KB	755ms 121ms	Script application/javascript	144.160.19.173 AMERITECH-AS
General Check archive.org Show headers Download Go to Full URL https://signin-static-js.att.com/scripts/att_common.js Requested by Host: s3.fr-par.scw.cloud URL: https://s3.fr-par.scw.cloud/pnhb.huuuattt/index.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 144.160.19.173 , United States, ASN797 (AMERITECH-AS, US), Reverse DNS clcontent-sf.att.com Software / Resource Hash 917a54c6e271504356ce865326e43a0b31a211ed3700e25354b05fad27ff9155 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language fr-FR,fr;q=0.9 Referer https://s3.fr-par.scw.cloud/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers pragma no-cache date Fri, 07 Oct 2022 14:33:58 GMT content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains; preload transfer-encoding chunked x-frame-options SAMEORIGIN content-type application/javascript; charset=UTF-8 p3p CP="NON CUR OTPi OUR NOR UNI" iam_on 99 cache-control no-cache, no-store, must-revalidate expires 0
GET H/1.1	200 OK	timeout.js Show response signin.att.com/static/siam/en/halo_c/timeout_redirect/	1 KB 851 B	603ms 115ms	Script application/javascript	144.160.19.173 AMERITECH-AS
General Check archive.org Show headers Download Go to Full URL https://signin.att.com/static/siam/en/halo_c/timeout_redirect/timeout.js?v=15.5.3 Requested by Host: s3.fr-par.scw.cloud URL: https://s3.fr-par.scw.cloud/pnhb.huuuattt/index.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 144.160.19.173 , United States, ASN797 (AMERITECH-AS, US), Reverse DNS clcontent-sf.att.com Software / Resource Hash 83f5ed17f46cd4448a02c705214a95e869ecb411c8ea95e1256593c75e178e56 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language fr-FR,fr;q=0.9 Referer https://s3.fr-par.scw.cloud/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Fri, 07 Oct 2022 14:33:58 GMT content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains; preload last-modified Wed, 05 Oct 2022 05:51:41 GMT etag "430-5ea432bbbf540" transfer-encoding chunked x-frame-options SAMEORIGIN p3p CP="NON CUR OTPi OUR NOR UNI" content-type application/javascript access-control-allow-origin * iam_on 99 accept-ranges bytes apser p770
GET H/1.1	200 OK	styles.css signin.att.com/static/siam/en/halo_c/halo-c-login/	154 KB 33 KB	599ms 118ms	Stylesheet text/css	144.160.19.173 AMERITECH-AS
General Check archive.org Show headers Download Go to Full URL https://signin.att.com/static/siam/en/halo_c/halo-c-login/styles.css?v=15.5.3 Requested by Host: s3.fr-par.scw.cloud URL: https://s3.fr-par.scw.cloud/pnhb.huuuattt/index.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 144.160.19.173 , United States, ASN797 (AMERITECH-AS, US), Reverse DNS clcontent-sf.att.com Software / Resource Hash db8f928b76604c3c3411437b6df8dcd9017c21758430804a9f2db77f2ae88ffc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language fr-FR,fr;q=0.9 Referer https://s3.fr-par.scw.cloud/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Fri, 07 Oct 2022 14:33:58 GMT content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains; preload last-modified Wed, 05 Oct 2022 05:51:41 GMT etag "268b5-5ea432bbbf540" transfer-encoding chunked x-frame-options SAMEORIGIN p3p CP="NON CUR OTPi OUR NOR UNI" content-type text/css access-control-allow-origin * iam_on 99 accept-ranges bytes apser p775
GET H2	200	quantum-att.js Show response cdn.quantummetric.com/qscripts/	638 KB 133 KB	88ms 38ms	Script text/javascript	2606:4700:10::6816:35fc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.quantummetric.com/qscripts/quantum-att.js Requested by Host: s3.fr-par.scw.cloud URL: https://s3.fr-par.scw.cloud/pnhb.huuuattt/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:35fc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 355eea3dbc229cc8aae696f8d02d8401f1f0940ebf8f6bee1453a38085c747c2 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language fr-FR,fr;q=0.9 Referer https://s3.fr-par.scw.cloud/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Fri, 07 Oct 2022 14:33:59 GMT strict-transport-security max-age=31536000 content-encoding br cf-cache-status HIT server cloudflare age 183 etag W/"166509001717916595497553821665129602810" vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=300, stale-while-revalidate=21600, stale-if-error=21600 cf-ray 75675ae01e11999c-CDG access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	ssaf-uc.js Show response www.att.com/scripts/ssaf_universal_client/prod/	110 KB 22 KB	92ms 90ms	Script application/x-javascript	2a02:26f0:1700:393::2db1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.att.com/scripts/ssaf_universal_client/prod/ssaf-uc.js Requested by Host: s3.fr-par.scw.cloud URL: https://s3.fr-par.scw.cloud/pnhb.huuuattt/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:393::2db1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Akamai Resource Optimizer / Resource Hash c35c9374b358b069d197d55865a092b7ff2e60bcc0830af921b2c887ad66d95e Security Headers Name Value Strict-Transport-Security max-age=15768000 ; preload Request headers accept-language fr-FR,fr;q=0.9 Referer https://s3.fr-par.scw.cloud/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Fri, 07 Oct 2022 14:33:59 GMT content-encoding br strict-transport-security max-age=15768000 ; preload last-modified Thu, 06 Oct 2022 03:49:40 GMT server Akamai Resource Optimizer etag "dbd1ab8cacd168d888a2613264899a33:1665027965.747286" content-type application/x-javascript cache-control max-age=3600 aka-global-request-id-uxtime 0.1cf10f17.1665028177.339427e, 0.056656b8.1665153239.21ddf2d5 accept-ranges bytes server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 21771
GET H2	200	json Show response fls.doubleclick.net/	40 B 719 B	133ms 52ms	Script text/javascript	142.250.186.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fls.doubleclick.net/json?spot=6100125&src=&var=s_3_Integrate_DFA_get_0&host=integrate.112.2o7.net%2Fdfa_echo%3Fvar%3Ds_3_Integrate_DFA_get_0%26AQE%3D1%26A2S%3D1&ord=1661763704441 Requested by Host: s3.fr-par.scw.cloud URL: https://s3.fr-par.scw.cloud/pnhb.huuuattt/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.134 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f6.1e100.net Software cafe / Resource Hash e32a6ae5e43f7f652674e0f03dc23f86839f839b29ee4e63c01c93da180bb0d0 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language fr-FR,fr;q=0.9 Referer https://s3.fr-par.scw.cloud/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Fri, 07 Oct 2022 14:33:57 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 60 x-xss-protection 0 pragma no-cache server cafe x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control no-cache, must-revalidate timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	font-awesome.min.css cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/	30 KB 6 KB	94ms 52ms	Stylesheet text/css	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css Requested by Host: s3.fr-par.scw.cloud URL: https://s3.fr-par.scw.cloud/pnhb.huuuattt/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language fr-FR,fr;q=0.9 Referer https://s3.fr-par.scw.cloud/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Fri, 07 Oct 2022 14:33:57 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 209997 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 5631 last-modified Mon, 04 May 2020 16:10:07 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e5f-7918" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cyxPNePbSCkn6FhyQPAgmIMEItjeD1bAcDtC21mWlq3c8kb7UJfBAFDhfwS24079HvldbOcuPXUplJeQmFwgFeDZ0%2FLEtwKbf7H8l%2Fsrjy5iVn5ftWDiNbKeZLscx4S2TdWU9ZO2MgVYZFxfff8OQgfr"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 75675ad86e6bf1ac-CDG expires Wed, 27 Sep 2023 14:33:57 GMT
GET H/1.1	200 OK	att-logo.svg signin.att.com/static/siam/en/halo_c/images/logos/	8 KB 9 KB	117ms 115ms	Image image/svg+xml	144.160.19.173 AMERITECH-AS
General Check archive.org Show headers Download Go to Show image Full URL https://signin.att.com/static/siam/en/halo_c/images/logos/att-logo.svg Requested by Host: s3.fr-par.scw.cloud URL: https://s3.fr-par.scw.cloud/pnhb.huuuattt/index.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 144.160.19.173 , United States, ASN797 (AMERITECH-AS, US), Reverse DNS clcontent-sf.att.com Software / Resource Hash 6982fbe858e30068de9301b49438c83838bc7beb058146703b22b701e6709c7e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language fr-FR,fr;q=0.9 Referer https://s3.fr-par.scw.cloud/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Fri, 07 Oct 2022 14:33:59 GMT strict-transport-security max-age=31536000; includeSubDomains; preload last-modified Wed, 05 Oct 2022 05:51:41 GMT etag "20b1-5ea432bbbf540" x-frame-options SAMEORIGIN iam_on 99 p3p CP="NON CUR OTPi OUR NOR UNI" access-control-allow-origin * content-type image/svg+xml accept-ranges bytes apser p770 content-length 8369
GET H/1.1	200 OK	red-error-icon.svg signin.att.com/static/siam/en/halo_c/cms/login/default/images/	566 B 962 B	117ms 116ms	Image image/svg+xml	144.160.19.173 AMERITECH-AS
General Check archive.org Show headers Download Go to Show image Full URL https://signin.att.com/static/siam/en/halo_c/cms/login/default/images/red-error-icon.svg Requested by Host: s3.fr-par.scw.cloud URL: https://s3.fr-par.scw.cloud/pnhb.huuuattt/index.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 144.160.19.173 , United States, ASN797 (AMERITECH-AS, US), Reverse DNS clcontent-sf.att.com Software / Resource Hash 9b8659596c575886c9202ec3a8506949e69140b50818ca4fc1e58494f3d4e8c9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language fr-FR,fr;q=0.9 Referer https://s3.fr-par.scw.cloud/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Fri, 07 Oct 2022 14:33:59 GMT strict-transport-security max-age=31536000; includeSubDomains; preload last-modified Wed, 05 Oct 2022 05:51:41 GMT etag "236-5ea432bbbf540" x-frame-options SAMEORIGIN iam_on 99 p3p CP="NON CUR OTPi OUR NOR UNI" access-control-allow-origin * content-type image/svg+xml accept-ranges bytes apser p767 content-length 566
GET H/1.1	200 OK	checkmark.svg signin.att.com/static/siam/en/halo_c/cms/login/default/images/	350 B 746 B	234ms 115ms	Image image/svg+xml	144.160.19.173 AMERITECH-AS
General Check archive.org Show headers Download Go to Show image Full URL https://signin.att.com/static/siam/en/halo_c/cms/login/default/images/checkmark.svg Requested by Host: s3.fr-par.scw.cloud URL: https://s3.fr-par.scw.cloud/pnhb.huuuattt/index.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 144.160.19.173 , United States, ASN797 (AMERITECH-AS, US), Reverse DNS clcontent-sf.att.com Software / Resource Hash b589ac98cac6d578082d9d2e8bb354abcab6f41f25a081a613227a37def44c9a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language fr-FR,fr;q=0.9 Referer https://s3.fr-par.scw.cloud/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Fri, 07 Oct 2022 14:33:59 GMT strict-transport-security max-age=31536000; includeSubDomains; preload last-modified Wed, 05 Oct 2022 05:51:41 GMT etag "15e-5ea432bbbf540" x-frame-options SAMEORIGIN iam_on 99 p3p CP="NON CUR OTPi OUR NOR UNI" access-control-allow-origin * content-type image/svg+xml accept-ranges bytes apser p775 content-length 350
GET H2	200	jquery-3.3.1.js Show response code.jquery.com/	265 KB 79 KB	75ms 24ms	Script application/javascript	2001:4de0:ac18::1:a:1b STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.3.1.js Requested by Host: s3.fr-par.scw.cloud URL: https://s3.fr-par.scw.cloud/pnhb.huuuattt/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad Request headers Referer https://s3.fr-par.scw.cloud/ Origin https://s3.fr-par.scw.cloud accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Fri, 07 Oct 2022 14:33:58 GMT content-encoding gzip last-modified Fri, 20 Aug 2021 17:47:53 GMT server nginx etag W/"611feac9-42587" vary Accept-Encoding x-hw 1665153238.dop044.pa1.t,1665153238.cds235.pa1.hn,1665153238.cds228.pa1.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 80268
GET H/1.1	200 OK	polyfills.js Show response signin.att.com/static/siam/en/halo_c/halo-c-login/	45 KB 17 KB	233ms 114ms	Script application/javascript	144.160.19.173 AMERITECH-AS
General Check archive.org Show headers Download Go to Full URL https://signin.att.com/static/siam/en/halo_c/halo-c-login/polyfills.js?v=15.5.3 Requested by Host: s3.fr-par.scw.cloud URL: https://s3.fr-par.scw.cloud/pnhb.huuuattt/index.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 144.160.19.173 , United States, ASN797 (AMERITECH-AS, US), Reverse DNS clcontent-sf.att.com Software / Resource Hash 782dc57d3fddeb4879f5a973d631b4054fad736cd729d5c3a004609cf1271266 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language fr-FR,fr;q=0.9 Referer https://s3.fr-par.scw.cloud/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Fri, 07 Oct 2022 14:33:59 GMT content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains; preload last-modified Wed, 05 Oct 2022 05:51:41 GMT etag "b387-5ea432bbbf540" transfer-encoding chunked x-frame-options SAMEORIGIN p3p CP="NON CUR OTPi OUR NOR UNI" content-type application/javascript access-control-allow-origin * iam_on 99 accept-ranges bytes apser p771
GET H/1.1	200 OK	vendor.js Show response signin.att.com/static/siam/en/halo_c/halo-c-login/	489 KB 163 KB	348ms 121ms	Script application/javascript	144.160.19.173 AMERITECH-AS
General Check archive.org Show headers Download Go to Full URL https://signin.att.com/static/siam/en/halo_c/halo-c-login/vendor.js?v=15.5.3 Requested by Host: s3.fr-par.scw.cloud URL: https://s3.fr-par.scw.cloud/pnhb.huuuattt/index.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 144.160.19.173 , United States, ASN797 (AMERITECH-AS, US), Reverse DNS clcontent-sf.att.com Software / Resource Hash 8632be4d936a6b44250274c9663562a4a734b4690ae8b19f3a78e3cc4b9399a2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language fr-FR,fr;q=0.9 Referer https://s3.fr-par.scw.cloud/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Fri, 07 Oct 2022 14:33:59 GMT content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains; preload last-modified Wed, 05 Oct 2022 05:51:41 GMT etag "7a4ca-5ea432bbbf540" transfer-encoding chunked x-frame-options SAMEORIGIN p3p CP="NON CUR OTPi OUR NOR UNI" content-type application/javascript access-control-allow-origin * iam_on 99 accept-ranges bytes apser p771
GET H/1.1	200 OK	main.js Show response signin.att.com/static/siam/en/halo_c/halo-c-login/	115 KB 31 KB	353ms 122ms	Script application/javascript	144.160.19.173 AMERITECH-AS
General Check archive.org Show headers Download Go to Full URL https://signin.att.com/static/siam/en/halo_c/halo-c-login/main.js?v=15.5.3 Requested by Host: s3.fr-par.scw.cloud URL: https://s3.fr-par.scw.cloud/pnhb.huuuattt/index.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 144.160.19.173 , United States, ASN797 (AMERITECH-AS, US), Reverse DNS clcontent-sf.att.com Software / Resource Hash 03d188255a6f1b49c8aabe7174fc431642965f906a9be9ea9efab3c202c1b080 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language fr-FR,fr;q=0.9 Referer https://s3.fr-par.scw.cloud/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Fri, 07 Oct 2022 14:33:59 GMT content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains; preload last-modified Wed, 05 Oct 2022 05:51:41 GMT etag "1cdb3-5ea432bbbf540" transfer-encoding chunked x-frame-options SAMEORIGIN p3p CP="NON CUR OTPi OUR NOR UNI" content-type application/javascript access-control-allow-origin * iam_on 99 accept-ranges bytes apser p775
GET H2	200	detm-container-ftr.js Show response www.att.com/scripts/adobe/prod/	666 B 745 B	119ms 116ms	Script application/x-javascript	2a02:26f0:1700:393::2db1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.att.com/scripts/adobe/prod/detm-container-ftr.js Requested by Host: s3.fr-par.scw.cloud URL: https://s3.fr-par.scw.cloud/pnhb.huuuattt/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:393::2db1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 43f774da83292822f54305d69e01286ca018b6f3f0fe86250451ad93d9252f9c Security Headers Name Value Strict-Transport-Security max-age=15768000 ; preload Request headers accept-language fr-FR,fr;q=0.9 Referer https://s3.fr-par.scw.cloud/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Fri, 07 Oct 2022 14:33:59 GMT content-encoding gzip strict-transport-security max-age=15768000 ; preload last-modified Fri, 30 Jul 2021 00:16:43 GMT server AkamaiNetStorage etag "d5c61c3be97b0718b3548d0ec26dc0ef:1627604203.48042" vary Accept-Encoding content-type application/x-javascript cache-control no-cache, private, max-age=7776000 aka-global-request-id-uxtime 0.3533ca17.1665079898.30264d9, 0.056656b8.1665153239.21ddf24b accept-ranges bytes server-timing cdn-cache; desc=HIT, edge; dur=61 content-length 368
GET H2	200	mbox-contents.js Show response www.att.com/scripts/adobe/prod/	110 KB 36 KB	53ms 53ms	Script application/x-javascript	2a02:26f0:1700:393::2db1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.att.com/scripts/adobe/prod/mbox-contents.js Requested by Host: www.att.com URL: https://www.att.com/scripts/adobe/prod/detm-container-hdr.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:393::2db1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 15d70dd6d2024b7cc2925bcd47aad1a429b08042ebcc15364004c0c887f719d6 Security Headers Name Value Strict-Transport-Security max-age=15768000 ; preload Request headers Referer https://s3.fr-par.scw.cloud/ accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Fri, 07 Oct 2022 14:33:58 GMT content-encoding gzip strict-transport-security max-age=15768000 ; preload last-modified Wed, 20 Jul 2022 23:59:28 GMT server AkamaiNetStorage etag "5d7d69dc820bd519c4643e02a89c66d9:1658361568.37808" vary Accept-Encoding content-type application/x-javascript cache-control no-cache, private, max-age=7776000 aka-global-request-id-uxtime 0.4633ca17.1665079898.2d61bf1, 0.056656b8.1665153238.21dde1ed accept-ranges bytes server-timing cdn-cache; desc=HIT, edge; dur=7 content-length 36239 expires Sun, 06 Nov 2022 14:33:58 GMT
GET H/1.1	200 OK	att_common.js Show response signin-static-js.att.com/scripts/	427 KB 249 KB	381ms 150ms	Script application/javascript	144.160.19.173 AMERITECH-AS
General Check archive.org Show headers Download Go to Full URL https://signin-static-js.att.com/scripts/att_common.js?apg Requested by Host: signin-static-js.att.com URL: https://signin-static-js.att.com/scripts/att_common.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 144.160.19.173 , United States, ASN797 (AMERITECH-AS, US), Reverse DNS clcontent-sf.att.com Software / Resource Hash c2eb39ee130a5b2f8fc823f8bfa06f527bc9708f024ed5b9904e23039fd1f086 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language fr-FR,fr;q=0.9 Referer https://s3.fr-par.scw.cloud/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Fri, 07 Oct 2022 14:33:59 GMT content-encoding gzip via 1.1 google strict-transport-security max-age=31536000; includeSubDomains; preload age 1614 transfer-encoding chunked iam_on 99 p3p CP="NON CUR OTPi OUR NOR UNI" x-envoy-upstream-service-time 2 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 pragma no-cache last-modified Thu, 01 Sep 2022 03:51:39 GMT vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript; charset=UTF-8 access-control-allow-origin https://signin.att.com cache-control no-cache, no-store, must-revalidate accept-ranges bytes expires 0
GET H/1.1	200 OK	ATTAleckSans_W_Rg.woff2 signin.att.com/static/siam/en/halo_c/halo-c-login/assets/fonts/att/ATTAleckSans/woff2/	18 KB 18 KB	511ms 142ms	Font application/octet-stream	144.160.19.173 AMERITECH-AS
General Check archive.org Show headers Download Go to Full URL https://signin.att.com/static/siam/en/halo_c/halo-c-login/assets/fonts/att/ATTAleckSans/woff2/ATTAleckSans_W_Rg.woff2 Requested by Host: signin.att.com URL: https://signin.att.com/static/siam/en/halo_c/halo-c-login/styles.css?v=15.5.3 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 144.160.19.173 , United States, ASN797 (AMERITECH-AS, US), Reverse DNS clcontent-sf.att.com Software / Resource Hash e2740c7b209e33aca7176250d80f94b4924e5e5d18076ee3b95f32a0e20d1f58 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers Referer https://signin.att.com/static/siam/en/halo_c/halo-c-login/styles.css?v=15.5.3 Origin https://s3.fr-par.scw.cloud accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Fri, 07 Oct 2022 14:33:59 GMT strict-transport-security max-age=31536000; includeSubDomains; preload last-modified Wed, 05 Oct 2022 05:51:41 GMT etag "4830-5ea432bbbf540" x-frame-options SAMEORIGIN iam_on 99 p3p CP="NON CUR OTPi OUR NOR UNI" access-control-allow-origin * accept-ranges bytes apser p775 content-length 18480
GET H/1.1	200 OK	ATTAleckSans_W_Md.woff2 signin.att.com/static/siam/en/halo_c/halo-c-login/assets/fonts/att/ATTAleckSans/woff2/	19 KB 19 KB	500ms 132ms	Font application/octet-stream	144.160.19.173 AMERITECH-AS
General Check archive.org Show headers Download Go to Full URL https://signin.att.com/static/siam/en/halo_c/halo-c-login/assets/fonts/att/ATTAleckSans/woff2/ATTAleckSans_W_Md.woff2 Requested by Host: signin.att.com URL: https://signin.att.com/static/siam/en/halo_c/halo-c-login/styles.css?v=15.5.3 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 144.160.19.173 , United States, ASN797 (AMERITECH-AS, US), Reverse DNS clcontent-sf.att.com Software / Resource Hash 59ea63b5ffe0f060e37c24a44b6406943df9e4fca39e2ef43023c2ae9783f220 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers Referer https://signin.att.com/static/siam/en/halo_c/halo-c-login/styles.css?v=15.5.3 Origin https://s3.fr-par.scw.cloud accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Fri, 07 Oct 2022 14:33:59 GMT strict-transport-security max-age=31536000; includeSubDomains; preload last-modified Wed, 05 Oct 2022 05:51:41 GMT etag "4c8c-5ea432bbbf540" x-frame-options SAMEORIGIN iam_on 99 p3p CP="NON CUR OTPi OUR NOR UNI" access-control-allow-origin * accept-ranges bytes apser p770 content-length 19596
GET H2	200	json Show response fls.doubleclick.net/	40 B 357 B	56ms 56ms	Script text/javascript	142.250.186.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fls.doubleclick.net/json?spot=6100125&src=&var=s_3_Integrate_DFA_get_0&host=integrate.112.2o7.net%2Fdfa_echo%3Fvar%3Ds_3_Integrate_DFA_get_0%26AQE%3D1%26A2S%3D1&ord=1665153239123 Requested by Host: www.att.com URL: https://www.att.com/scripts/ssaf_universal_client/prod/ssaf-uc.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.134 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f6.1e100.net Software cafe / Resource Hash 121d7327471295d2aa1878ef94c8ab756375856d08ae24d3df11fa549e241633 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language fr-FR,fr;q=0.9 Referer https://s3.fr-par.scw.cloud/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Fri, 07 Oct 2022 14:33:59 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 60 x-xss-protection 0 pragma no-cache server cafe x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control no-cache, must-revalidate timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET DATA	200 OK	truncated /	89 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23 Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers Content-Type image/png
GET BLOB	200 OK	c3c2ce1d-a5b7-41b3-bb57-2ef0979b7a2a https://s3.fr-par.scw.cloud/	17 KB 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://s3.fr-par.scw.cloud/c3c2ce1d-a5b7-41b3-bb57-2ef0979b7a2a Requested by Host: s3.fr-par.scw.cloud URL: https://s3.fr-par.scw.cloud/pnhb.huuuattt/index.html Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 6b939eec497bda2f6fde6541be0e8b378d151160ad677629c9b4be7819ce0ba8 Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers Content-Length 17224 Content-Type application/javascript
POST H/1.1	200 OK	dip Show response signin-static-js.att.com/__imp_apg__/api/dip/v1/	206 B 934 B	823ms 166ms	XHR text/html	144.160.19.173 AMERITECH-AS
General Check archive.org Show headers Download Go to Full URL https://signin-static-js.att.com/__imp_apg__/api/dip/v1/dip Requested by Host: signin-static-js.att.com URL: https://signin-static-js.att.com/scripts/att_common.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 144.160.19.173 , United States, ASN797 (AMERITECH-AS, US), Reverse DNS clcontent-sf.att.com Software / Resource Hash 9ee1acc65ff8037c70f1c90140d05677db4ee77ee4d1572a9ed9522bc9363bda Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers Referer https://s3.fr-par.scw.cloud/ accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers pragma no-cache date Fri, 07 Oct 2022 14:34:01 GMT via 1.1 google strict-transport-security max-age=31536000; includeSubDomains; preload vary Origin x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 access-control-allow-origin https://s3.fr-par.scw.cloud iam_on 99 p3p CP="NON CUR OTPi OUR NOR UNI" cache-control no-cache, no-store, must-revalidate x-envoy-upstream-service-time 10 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 206 expires 0
POST H/1.1	200 OK	/ Show response signin-static-js.att.com/__imp_apg__/api/imp/v1.0/report/	265 B 1 KB	870ms 208ms	Fetch text/plain	144.160.19.173 AMERITECH-AS
General Check archive.org Show headers Download Go to Full URL https://signin-static-js.att.com/__imp_apg__/api/imp/v1.0/report/?m&fq=load Requested by Host: signin-static-js.att.com URL: https://signin-static-js.att.com/scripts/att_common.js?apg Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 144.160.19.173 , United States, ASN797 (AMERITECH-AS, US), Reverse DNS clcontent-sf.att.com Software / Resource Hash 085f11d8fd80e413917fe09c9e508d40e5f87269d769732266ea1281a946965d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept text/plain,*/*;q=0.9 Referer https://s3.fr-par.scw.cloud/ accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 content-type text/plain;charset=UTF-8 Response headers date Fri, 07 Oct 2022 14:34:01 GMT content-encoding gzip via 1.1 google strict-transport-security max-age=31536000; includeSubDomains; preload transfer-encoding chunked iam_on 99 p3p CP="NON CUR OTPi OUR NOR UNI" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 pragma no-cache x-frame-options SAMEORIGIN access-control-allow-methods OPTIONS, GET, POST content-type text/plain; charset=UTF-8 access-control-allow-origin https://s3.fr-par.scw.cloud cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true access-control-allow-headers Accept,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range expires 0
POST H2	200	/ Show response att-app.quantummetric.com/ Frame ADBF	90 B 431 B	398ms 127ms	XHR application/json	35.225.144.85 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://att-app.quantummetric.com/?T=B&u=https%3A%2F%2Fs3.fr-par.scw.cloud%2Fpnhb.huuuattt%2Findex.html&t=1665153240330&v=1665153240978&z=1&S=0&N=0&P=0 Requested by Host: cdn.quantummetric.com URL: https://cdn.quantummetric.com/qscripts/quantum-att.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.225.144.85 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 85.144.225.35.bc.googleusercontent.com Software nginx / Resource Hash 90141272b8a96c1312e73aeacde55a38353b1a654b287fb96b99a2b2b8fe4146 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Content-Type text/plain Response headers date Fri, 07 Oct 2022 14:34:01 GMT strict-transport-security max-age=31536000 content-encoding gzip server nginx vary Accept-Encoding content-type application/json access-control-allow-origin https://s3.fr-par.scw.cloud access-control-allow-credentials true
POST H2	200	/ Show response att-sync.quantummetric.com/ Frame ADBF	0 159 B	385ms 122ms	XHR application/json	35.238.154.230 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://att-sync.quantummetric.com/?T=B&u=https%3A%2F%2Fs3.fr-par.scw.cloud%2Fpnhb.huuuattt%2Findex.html&t=1665153240330&v=1665153240982&z=1&Q=1&Y=1&X=8fbe29125df445f1aa0ce83ebaac7dd3 Requested by Host: cdn.quantummetric.com URL: https://cdn.quantummetric.com/qscripts/quantum-att.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.238.154.230 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 230.154.238.35.bc.googleusercontent.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://s3.fr-par.scw.cloud date Fri, 07 Oct 2022 14:34:01 GMT strict-transport-security max-age=31536000 access-control-allow-credentials true server nginx content-length 0 content-type application/json
GET H2	200	/ Show response att-app.quantummetric.com/ Frame ADBF	28 B 253 B	128ms 127ms	XHR application/json	35.225.144.85 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://att-app.quantummetric.com/?s=6482e4a111888985011de74b57b56fe0&H=310472b3a381b73a0a7d28a7&Q=3 Requested by Host: cdn.quantummetric.com URL: https://cdn.quantummetric.com/qscripts/quantum-att.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.225.144.85 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 85.144.225.35.bc.googleusercontent.com Software nginx / Resource Hash 12d77f615d7df0946899d769baa6094c8060d6006df35a1afb54c152b070871e Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Fri, 07 Oct 2022 14:34:01 GMT strict-transport-security max-age=31536000 content-encoding gzip server nginx vary Accept-Encoding content-type application/json access-control-allow-origin https://s3.fr-par.scw.cloud access-control-allow-credentials true
POST H/1.1	200 OK	fc09f351-c4e7-46dc-afb8-cd98de60285e Show response dynatrace.att.com/bf/	909 B 1 KB	353ms 104ms	XHR text/plain	20.72.123.232 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://dynatrace.att.com/bf/fc09f351-c4e7-46dc-afb8-cd98de60285e?type=js3&sn=v_4_srv_-2D73_sn_RJIPVK8T796E1LAMH8J8I0163O8J1AL1&svrid=-73&flavor=cors&vi=CWOPEMMFBFUJGHCLCWUIAMMHUMPUREGE-0&modifiedSince=1651582451315&rf=https%3A%2F%2Fs3.fr-par.scw.cloud%2Fpnhb.huuuattt%2Findex.html&bp=3&app=52b8119d19be9235&crc=2098671531&en=910bdnkt&end=1 Requested by Host: s3.fr-par.scw.cloud URL: https://s3.fr-par.scw.cloud/pnhb.huuuattt/index.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.72.123.232 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 2a5b7be28b3dd8199d42d206225d22e451d32c3204977bfe6848649d1c486c06 Request headers Referer https://s3.fr-par.scw.cloud/ accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Access-Control-Allow-Origin https://s3.fr-par.scw.cloud Date Fri, 07 Oct 2022 14:34:01 GMT Cache-Control no-cache Connection keep-alive Content-Length 909 Content-Type text/plain;charset=utf-8
POST H2	200	/ Show response att-app.quantummetric.com/ Frame ADBF	0 158 B	126ms 126ms	XHR application/json	35.225.144.85 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://att-app.quantummetric.com/?T=B&u=https%3A%2F%2Fs3.fr-par.scw.cloud%2Fpnhb.huuuattt%2Findex.html&t=1665153240330&v=1665153241524&H=310472b3a381b73a0a7d28a7&s=6482e4a111888985011de74b57b56fe0&U=df2b51c5657055eb6eb030790562a7a9&z=1&Q=2&S=0&N=0 Requested by Host: cdn.quantummetric.com URL: https://cdn.quantummetric.com/qscripts/quantum-att.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.225.144.85 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 85.144.225.35.bc.googleusercontent.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://s3.fr-par.scw.cloud date Fri, 07 Oct 2022 14:34:01 GMT strict-transport-security max-age=31536000 access-control-allow-credentials true server nginx content-length 0 content-type application/json
POST H2	200	/ Show response att-app.quantummetric.com/ Frame ADBF	0 158 B	128ms 128ms	XHR application/json	35.225.144.85 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://att-app.quantummetric.com/?T=B&u=https%3A%2F%2Fs3.fr-par.scw.cloud%2Fpnhb.huuuattt%2Findex.html&t=1665153240330&v=1665153241720&H=310472b3a381b73a0a7d28a7&s=6482e4a111888985011de74b57b56fe0&z=1&S=923&N=2&P=1 Requested by Host: cdn.quantummetric.com URL: https://cdn.quantummetric.com/qscripts/quantum-att.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.225.144.85 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 85.144.225.35.bc.googleusercontent.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://s3.fr-par.scw.cloud date Fri, 07 Oct 2022 14:34:01 GMT strict-transport-security max-age=31536000 access-control-allow-credentials true server nginx content-length 0 content-type application/json
POST H/1.1	200 OK	fc09f351-c4e7-46dc-afb8-cd98de60285e Show response dynatrace.att.com/bf/	207 B 431 B	105ms 105ms	XHR text/plain	20.72.123.232 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://dynatrace.att.com/bf/fc09f351-c4e7-46dc-afb8-cd98de60285e?type=js3&sn=v_4_srv_18_sn_RJIPVK8T796E1LAMH8J8I0163O8J1AL1_app-3A52b8119d19be9235_1_ol_0_perc_100000_mul_1&svrid=18&flavor=cors&vi=CWOPEMMFBFUJGHCLCWUIAMMHUMPUREGE-0&modifiedSince=1665147261900&rf=https%3A%2F%2Fs3.fr-par.scw.cloud%2Fpnhb.huuuattt%2Findex.html&bp=3&app=52b8119d19be9235&crc=1032908953&en=910bdnkt&end=1 Requested by Host: s3.fr-par.scw.cloud URL: https://s3.fr-par.scw.cloud/pnhb.huuuattt/index.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.72.123.232 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash d09b6a0a06208121b218859a8213f9af2b672a4b572c628e1fc7aa3bc5fd2350 Request headers Referer https://s3.fr-par.scw.cloud/ accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Access-Control-Allow-Origin https://s3.fr-par.scw.cloud Date Fri, 07 Oct 2022 14:34:03 GMT Cache-Control no-cache Connection keep-alive Content-Length 207 Content-Type text/plain;charset=utf-8
POST H/1.1	200 OK	/ Show response signin-static-js.att.com/__imp_apg__/api/imp/v1.0/report/	0 953 B	394ms 156ms	Fetch text/plain	144.160.19.173 AMERITECH-AS
General Check archive.org Show headers Download Go to Full URL https://signin-static-js.att.com/__imp_apg__/api/imp/v1.0/report/?m Requested by Host: signin-static-js.att.com URL: https://signin-static-js.att.com/scripts/att_common.js?apg Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 144.160.19.173 , United States, ASN797 (AMERITECH-AS, US), Reverse DNS clcontent-sf.att.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept text/plain,*/*;q=0.9 Referer https://s3.fr-par.scw.cloud/ accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 content-type text/plain;charset=UTF-8 Response headers date Fri, 07 Oct 2022 14:34:04 GMT content-encoding gzip via 1.1 google strict-transport-security max-age=31536000; includeSubDomains; preload transfer-encoding chunked iam_on 99 p3p CP="NON CUR OTPi OUR NOR UNI" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 pragma no-cache x-frame-options SAMEORIGIN access-control-allow-methods OPTIONS, GET, POST content-type text/plain; charset=UTF-8 access-control-allow-origin https://s3.fr-par.scw.cloud cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true access-control-allow-headers Accept,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range expires 0

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: AT&T (Telecommunication)

119 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| dT_ object| dtrum string| detmScriptLoadType string| hcc string| mid string| adobe_mc number| ts string| href object| hcc_check undefined| analytics_app_visitor_id undefined| newurl undefined| halo_app_visitor_id object| detm_last_link_info function| isIE function| _pageLoadDetector function| _earlyAnalytics function| e boolean| disableAudienceManager object| visitor object| DataMappingInterface string| detm_tag_notification_key string| legacyModeKey string| retireDLKey object| scripts object| script string| src function| satelliteDetector function| scriptExecutor string| filesadded boolean| monecontwatched function| loadAdsFile function| injectHtmlTag function| executeMonetizationTagInjection function| injectMonetization function| iterateANConfigObj function| findAccurateConfig object| detmScriptLoaderConfig function| detmScriptLoader object| detmLoader boolean| AllowDelayedLoad function| dunBradstreet undefined| dnbvid undefined| andiPresent undefined| scriptFiles undefined| vameg object| earlyAnalytics object| chatAnalytics function| Visitor object| s_c_il number| s_c_in boolean| detmDisabled object| detmScriptExecutor function| detmDomainMapper object| detmTagControls string| path object| _satellite object| head_ab boolean| pageLoadFired function| targetView function| listAbVariants function| targetPageParams object| targetGlobalSettings function| ab$ function| ABJSFrameworkLibrary object| adobe function| mboxCreate function| mboxDefine function| mboxUpdate string| AB_LOCATION_CHANGE string| sdidUrl object| timeoutJspVars object| HaloCTimeout object| s_3_Integrate_DFA_get_0 function| $ boolean| ‮saFelNds‭ function| detmExecuteFooter function| docReady object| ddo object| ssaf function| AnalyticsNotificationFramework function| QuantumMetricInstrumentationStart object| QuantumMetricAPI object| uc_dfa_val number| dfaSuccess function| qmflate function| _QuantumMetricSymbol number| ‮chXsmTds‭ boolean| qmIDPErrSet boolean| qmSetEvent501 boolean| qmSetEvent637 boolean| qmSetEvent759 boolean| qmSetEvent858 boolean| qmSetEvent1096 boolean| qmSetEvent2005 boolean| qm3377 boolean| qmSetEvent3483 boolean| qmSetEvent699 boolean| qm1141Set boolean| evaluation boolean| qm2069Set boolean| qm3162Set boolean| qm3197Set boolean| qmSet3322 boolean| qmSetEvent3422 boolean| qm3463Set boolean| qm3464Set boolean| qm3465Set boolean| qmSetEvent3586 boolean| qmSetEvent3606

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			s3.fr-par.scw.cloud/	1969-12-31 23:59:59	Name: rxVisitor Value: 16651532377600A9AC3S9IA0RE9A00PCRGL74694DNSKH
			s3.fr-par.scw.cloud/	1969-12-31 23:59:59	Name: dtLatC Value: 32
			.doubleclick.net/	1970-01-20 16:08:33	Name: IDE Value: AHWqTUnLyiEdvKIOJ1cKIumk9KKN-9FGAMSa3i7gcByLdthhhjzK9lkEZgJVqYGy318
			s3.fr-par.scw.cloud/	1969-12-31 23:59:59	Name: rxvt Value: 1665155040337|1665153237761
			s3.fr-par.scw.cloud/	1969-12-31 23:59:59	Name: dtPC Value: -73$153237757_670h-vCWOPEMMFBFUJGHCLCWUIAMMHUMPUREGE-0e0
			att-app.quantummetric.com/	1969-12-31 23:59:59	Name: s Value: 6482e4a111888985011de74b57b56fe0
			att-app.quantummetric.com/	1970-01-20 15:18:09	Name: U Value: df2b51c5657055eb6eb030790562a7a9
			s3.fr-par.scw.cloud/	1970-01-20 06:32:35	Name: QuantumMetricSessionID Value: 6482e4a111888985011de74b57b56fe0
			s3.fr-par.scw.cloud/	1970-01-20 15:18:09	Name: QuantumMetricUserID Value: df2b51c5657055eb6eb030790562a7a9
			s3.fr-par.scw.cloud/	1970-01-20 15:18:09	Name: _imp_di_pc_ Value: Adk4QGMAAAAAZmiB9Y9wmxlTSa0ORCMm
			s3.fr-par.scw.cloud/	1970-01-20 07:15:45	Name: _imp_apg_r_ Value: %7B%22_fr%22%3A20000%2C%22diA%22%3A%22Adk4QGMAAAAAZmiB9Y9wmxlTSa0ORCMm%22%2C%22diB%22%3A%22AR9vQKi%2F0yll8lRnl6ugx4RtVg3VceSv%22%2C%22fr%22%3A%22rvKyZfWc4eCSsxuLo3B6lQ%3D%3DtFItj6B9582XD7IxS4WUqdtpkDRrMUJK3FfoS9LFuTPXMFWveQ4f9nSm587P77Sn5aGsJ_waAiP6KfBv2Vmd3RlYke07vas5tS1GVKGcwOeRfiKPEJbaWpfbbR0oYlHMcrD1LPMNpJqDL2nIeqt-Cj5QmIdjp1lmD0o4-eiM6EuNM7S9QTl3rek3%22%2C%22ct%22%3A%22N0xqfP9dvTHN%2FDf8tmCks8VQDPCc6h2i0XkH9Uo%3D%22%7D
			s3.fr-par.scw.cloud/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_18_sn_RJIPVK8T796E1LAMH8J8I0163O8J1AL1_app-3A52b8119d19be9235_1_ol_0_perc_100000_mul_1

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.att.com/scripts/adobe/prod/detm-container-hdr.js(Line 7) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.att.com/scripts/adobe/prod/mbox-contents.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.att.com/scripts/adobe/prod/detm-container-hdr.js(Line 7) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.att.com/scripts/adobe/prod/mbox-contents.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
rendering	warning	URL: https://signin-static-js.att.com/scripts/att_common.js Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering	warning	URL: https://signin-static-js.att.com/scripts/att_common.js Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

att-app.quantummetric.com
att-sync.quantummetric.com
cdn.quantummetric.com
cdnjs.cloudflare.com
code.jquery.com
dynatrace.att.com
fls.doubleclick.net
s3.fr-par.scw.cloud
signin-static-js.att.com
signin.att.com
www.att.com
142.250.186.134
144.160.19.173
20.72.123.232
2001:4de0:ac18::1:a:1b
2001:bc8:10::7
2606:4700:10::6816:35fc
2606:4700::6811:190e
2a02:26f0:1700:393::2db1
35.225.144.85
35.238.154.230
026ec02eb6b28985ccbd45ee015a8dd502b57d47f00b7269ac5601d3c278544f
03d188255a6f1b49c8aabe7174fc431642965f906a9be9ea9efab3c202c1b080
085f11d8fd80e413917fe09c9e508d40e5f87269d769732266ea1281a946965d
121d7327471295d2aa1878ef94c8ab756375856d08ae24d3df11fa549e241633
12d77f615d7df0946899d769baa6094c8060d6006df35a1afb54c152b070871e
15d70dd6d2024b7cc2925bcd47aad1a429b08042ebcc15364004c0c887f719d6
2a5b7be28b3dd8199d42d206225d22e451d32c3204977bfe6848649d1c486c06
355eea3dbc229cc8aae696f8d02d8401f1f0940ebf8f6bee1453a38085c747c2
43f774da83292822f54305d69e01286ca018b6f3f0fe86250451ad93d9252f9c
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23
59ea63b5ffe0f060e37c24a44b6406943df9e4fca39e2ef43023c2ae9783f220
6982fbe858e30068de9301b49438c83838bc7beb058146703b22b701e6709c7e
6b939eec497bda2f6fde6541be0e8b378d151160ad677629c9b4be7819ce0ba8
782dc57d3fddeb4879f5a973d631b4054fad736cd729d5c3a004609cf1271266
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
83f5ed17f46cd4448a02c705214a95e869ecb411c8ea95e1256593c75e178e56
8632be4d936a6b44250274c9663562a4a734b4690ae8b19f3a78e3cc4b9399a2
8d4525f9eee48caf23f5ad073371667114500e8a4f253f888044b585c2421ff1
90141272b8a96c1312e73aeacde55a38353b1a654b287fb96b99a2b2b8fe4146
917a54c6e271504356ce865326e43a0b31a211ed3700e25354b05fad27ff9155
9aec75411569df3d0372dbcd3f478382cb0b0a4e0380692727f8d2151fff02fa
9b8659596c575886c9202ec3a8506949e69140b50818ca4fc1e58494f3d4e8c9
9ee1acc65ff8037c70f1c90140d05677db4ee77ee4d1572a9ed9522bc9363bda
b589ac98cac6d578082d9d2e8bb354abcab6f41f25a081a613227a37def44c9a
c2eb39ee130a5b2f8fc823f8bfa06f527bc9708f024ed5b9904e23039fd1f086
c35c9374b358b069d197d55865a092b7ff2e60bcc0830af921b2c887ad66d95e
d09b6a0a06208121b218859a8213f9af2b672a4b572c628e1fc7aa3bc5fd2350
d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad
db8f928b76604c3c3411437b6df8dcd9017c21758430804a9f2db77f2ae88ffc
e2740c7b209e33aca7176250d80f94b4924e5e5d18076ee3b95f32a0e20d1f58
e32a6ae5e43f7f652674e0f03dc23f86839f839b29ee4e63c01c93da180bb0d0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855