acter.org.co Open in urlscan Pro
199.250.218.2  Malicious Activity! Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request att.php Show response acter.org.co/At&t/	200 KB 200 KB	725ms 525ms	Document text/html	199.250.218.2 IMH-IAD
General Check archive.org Show headers Download Go to Full URL http://acter.org.co/At&t/att.php Protocol HTTP/1.1 Server 199.250.218.2 , United States, ASN54641 (IMH-IAD, US), Reverse DNS Software Apache / Resource Hash 945f5fd8fcf61e55f842f77ee2a5d5239f154d1c66c51af77989b64b4c679ebc Request headers Host acter.org.co Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent phishfarmer Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent phishfarmer Response headers Date Sat, 13 Feb 2021 00:34:05 GMT Server Apache Upgrade h2,h2c Connection Upgrade, Keep-Alive Keep-Alive timeout=3, max=100 Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H2	200	detm-container-hdr.js Show response www.att.com/scripts/adobe/prod/	97 KB 28 KB	45ms 24ms	Script application/x-javascript	2a02:26f0:7100:184::2db1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.att.com/scripts/adobe/prod/detm-container-hdr.js Requested by Host: acter.org.co URL: http://acter.org.co/At&t/att.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100:184::2db1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 240ec5a044be6d1899cc61402c8f5aa3e36933c895fd141870de29f34ee0c056 Security Headers Name Value Strict-Transport-Security max-age=15768000 ; preload Request headers Referer http://acter.org.co/At&t/att.php User-Agent phishfarmer Response headers date Sat, 13 Feb 2021 00:34:05 GMT content-encoding gzip last-modified Fri, 12 Feb 2021 01:11:04 GMT server AkamaiNetStorage etag "e7034c5e2a463bddac2a22e9dc4e9eb9:1613092264.689393" vary Accept-Encoding content-type application/x-javascript cache-control no-cache, private, max-age=7776000 server-timing cdn-cache; desc=HIT, edge; dur=1 strict-transport-security max-age=15768000 ; preload accept-ranges bytes content-length 27862
GET H2	200	quantum-att.js Show response cdn.quantummetric.com/qscripts/	425 KB 85 KB	59ms 35ms	Script text/javascript	2606:4700:10::ac43:149e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.quantummetric.com/qscripts/quantum-att.js Requested by Host: acter.org.co URL: http://acter.org.co/At&t/att.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:149e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 077081897423b9f7302aa007f0b807430502117e4b4690348208339f4f3d831b Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer http://acter.org.co/At&t/att.php User-Agent phishfarmer Response headers date Sat, 13 Feb 2021 00:34:05 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT age 124 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 083a68331500001f393c234000000001 server cloudflare etag W/"161317289829216118534512991613120404711" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000 content-type text/javascript access-control-allow-origin * cache-control public, max-age=300, stale-while-revalidate=21600, stale-if-error=21600 cf-ray 620a7631bddc1f39-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept
GET H2	200	ssaf-uc.js Show response www.att.com/scripts/ssaf_universal_client/prod/	103 KB 20 KB	28ms 25ms	Script application/javascript	2a02:26f0:7100:184::2db1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.att.com/scripts/ssaf_universal_client/prod/ssaf-uc.js Requested by Host: acter.org.co URL: http://acter.org.co/At&t/att.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100:184::2db1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Akamai Resource Optimizer / Resource Hash f6c43d1cbc979c0f2ef5a997a049954ff63c6e997d9bfcbb61babd4c5ad17520 Security Headers Name Value Strict-Transport-Security max-age=15768000 ; preload Request headers Referer http://acter.org.co/At&t/att.php User-Agent phishfarmer Response headers date Sat, 13 Feb 2021 00:34:05 GMT content-encoding br last-modified Thu, 11 Feb 2021 23:42:46 GMT server Akamai Resource Optimizer etag "19dde-5bb1576006d00-gzip" strict-transport-security max-age=15768000 ; preload content-type application/javascript uxtime YCXA9Swf8Meg-IPlVo2-DAAAAJc D=18937 cache-control max-age=900 content-length 20431 server-timing cdn-cache; desc=HIT, edge; dur=1 accept-ranges bytes x-check-cacheable YES x-akamai-ssl-client-sid /8WWj85d/OH8ifnIAMW51w==
GET H2	200	json Show response fls.doubleclick.net/	40 B 719 B	109ms 49ms	Script text/javascript	142.250.186.102 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fls.doubleclick.net/json?spot=6100125&src=&var=s_3_Integrate_DFA_get_0&host=integrate.112.2o7.net%2Fdfa_echo%3Fvar%3Ds_3_Integrate_DFA_get_0%26AQE%3D1%26A2S%3D1&ord=1606393771973 Requested by Host: acter.org.co URL: http://acter.org.co/At&t/att.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.102 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f6.1e100.net Software cafe / Resource Hash e32a6ae5e43f7f652674e0f03dc23f86839f839b29ee4e63c01c93da180bb0d0 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer http://acter.org.co/At&t/att.php User-Agent phishfarmer Response headers date Sat, 13 Feb 2021 00:34:05 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 60 x-xss-protection 0 pragma no-cache server cafe x-frame-options SAMEORIGIN content-type text/javascript; charset=ISO-8859-1 cache-control no-cache, must-revalidate timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	edmDataManager.js Show response www.att.com/scripts/adobe/prod/	90 KB 22 KB	202ms 199ms	Script application/x-javascript	2a02:26f0:7100:184::2db1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.att.com/scripts/adobe/prod/edmDataManager.js Requested by Host: acter.org.co URL: http://acter.org.co/At&t/att.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100:184::2db1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash d77b871e65dca5b2cd96c005e842108511b744e88ff180621ba501b8ff7f7b19 Security Headers Name Value Strict-Transport-Security max-age=15768000 ; preload Request headers Referer http://acter.org.co/At&t/att.php User-Agent phishfarmer Response headers date Sat, 13 Feb 2021 00:34:05 GMT content-encoding gzip last-modified Thu, 19 Nov 2020 00:11:32 GMT server AkamaiNetStorage etag "19be0b3dd37a20cde7148b5ef17ddf1b:1605744692.762721" vary Accept-Encoding content-type application/x-javascript cache-control no-cache, private, max-age=7776000 server-timing cdn-cache; desc=HIT, edge; dur=163 strict-transport-security max-age=15768000 ; preload accept-ranges bytes content-length 22247
GET H2	200	edmDataDefinition.js Show response www.att.com/scripts/adobe/prod/	109 KB 19 KB	107ms 104ms	Script application/x-javascript	2a02:26f0:7100:184::2db1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.att.com/scripts/adobe/prod/edmDataDefinition.js Requested by Host: acter.org.co URL: http://acter.org.co/At&t/att.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100:184::2db1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 25204a5b89e87ca8f9dced5e81e2452c6f2fad3af3a3d09d1face28315fca3ac Security Headers Name Value Strict-Transport-Security max-age=15768000 ; preload Request headers Referer http://acter.org.co/At&t/att.php User-Agent phishfarmer Response headers date Sat, 13 Feb 2021 00:34:05 GMT content-encoding gzip last-modified Fri, 12 Feb 2021 01:11:02 GMT server AkamaiNetStorage etag "2c90254fb71dee3938d6deb3495cb979:1613092262.498005" vary Accept-Encoding content-type application/x-javascript cache-control no-cache, private, max-age=7776000 server-timing cdn-cache; desc=HIT, edge; dur=50 strict-transport-security max-age=15768000 ; preload accept-ranges bytes content-length 19281
GET H2	200	detm_adobe.js Show response www.att.com/scripts/adobe/prod/	324 KB 85 KB	98ms 96ms	Script application/x-javascript	2a02:26f0:7100:184::2db1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.att.com/scripts/adobe/prod/detm_adobe.js Requested by Host: acter.org.co URL: http://acter.org.co/At&t/att.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100:184::2db1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash ffd04a1be5ea1ecca5b46ef897cf65b0e44b053a2ec85a0fae632e7aca147a30 Security Headers Name Value Strict-Transport-Security max-age=15768000 ; preload Request headers Referer http://acter.org.co/At&t/att.php User-Agent phishfarmer Response headers date Sat, 13 Feb 2021 00:34:05 GMT content-encoding gzip last-modified Fri, 12 Feb 2021 01:11:03 GMT server AkamaiNetStorage etag "29765f5f2576f9229c21c7bfa8a66574:1613092263.502179" vary Accept-Encoding content-type application/x-javascript cache-control no-cache, private, max-age=7776000 server-timing cdn-cache; desc=HIT, edge; dur=37 strict-transport-security max-age=15768000 ; preload accept-ranges bytes content-length 86894
GET H/1.1	200 OK	att_common.js Show response signin-static-js.att.com/scripts/	17 B 515 B	1125ms 203ms	Script application/javascript	144.161.77.234 AMERITECH-AS
General Check archive.org Show headers Download Go to Full URL https://signin-static-js.att.com/scripts/att_common.js?seed=AACubAR2AQAAAzuT-PUVORJiYElfbBj8nxKMIOS1rwejrafmJa5e_3GD3W4N&X-IOZYaZcd--z=q Requested by Host: acter.org.co URL: http://acter.org.co/At&t/att.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 144.161.77.234 , United States, ASN797 (AMERITECH-AS, US), Reverse DNS clcontent-ff.att.com Software / Resource Hash a91ff3ee197f1ad91d5903d6cc8d61e79596018dacf8f5d55935d70bbd7323f7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers Referer http://acter.org.co/At&t/att.php User-Agent phishfarmer Response headers date Sat, 13 Feb 2021 00:34:06 GMT x-frame-options SAMEORIGIN iam_on 607 p3p CP="NON CUR OTPi OUR NOR UNI" cache-control public, max-age=3600, immutable strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=UTF-8 content-length 17
GET H/1.1	200 OK	timeout.js Show response signin.att.com/static/siam/en/halo_c/timeout_redirect/	1 KB 852 B	1026ms 188ms	Script application/javascript	144.161.77.234 AMERITECH-AS
General Check archive.org Show headers Download Go to Full URL https://signin.att.com/static/siam/en/halo_c/timeout_redirect/timeout.js?v=8.5.1 Requested by Host: acter.org.co URL: http://acter.org.co/At&t/att.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 144.161.77.234 , United States, ASN797 (AMERITECH-AS, US), Reverse DNS clcontent-ff.att.com Software / Resource Hash 83f5ed17f46cd4448a02c705214a95e869ecb411c8ea95e1256593c75e178e56 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers Referer http://acter.org.co/At&t/att.php User-Agent phishfarmer Response headers date Sat, 13 Feb 2021 00:34:06 GMT content-encoding gzip last-modified Fri, 08 Jan 2021 03:08:21 GMT etag "430-5b85ade60b340" x-frame-options SAMEORIGIN iam_on 607 p3p CP="NON CUR OTPi OUR NOR UNI" access-control-allow-origin * transfer-encoding chunked strict-transport-security max-age=31536000; includeSubDomains; preload accept-ranges bytes content-type application/javascript apser p578
GET H/1.1	200 OK	styles.css signin.att.com/static/siam/en/halo_c/halo-c-login/	155 KB 34 KB	1032ms 197ms	Stylesheet text/css	144.161.77.234 AMERITECH-AS
General Check archive.org Show headers Download Go to Full URL https://signin.att.com/static/siam/en/halo_c/halo-c-login/styles.css?v=8.5.1 Requested by Host: acter.org.co URL: http://acter.org.co/At&t/att.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 144.161.77.234 , United States, ASN797 (AMERITECH-AS, US), Reverse DNS clcontent-ff.att.com Software / Resource Hash 9585a6de2c003816b07ae4fd8b535fdba5928fdb2e40ca1a34214c7031a8fa1c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers Referer http://acter.org.co/At&t/att.php User-Agent phishfarmer Response headers date Sat, 13 Feb 2021 00:34:06 GMT content-encoding gzip last-modified Fri, 08 Jan 2021 03:08:21 GMT etag "26be7-5b85ade60b340" x-frame-options SAMEORIGIN iam_on 607 p3p CP="NON CUR OTPi OUR NOR UNI" access-control-allow-origin * transfer-encoding chunked strict-transport-security max-age=31536000; includeSubDomains; preload accept-ranges bytes content-type text/css apser p580
GET H/1.1	200 OK	logo.svg signin.att.com/static/siam/en/halo_c/halo-c-login/assets/images/	8 KB 9 KB	1019ms 205ms	Image image/svg+xml	144.161.77.234 AMERITECH-AS
General Check archive.org Show headers Download Go to Show image Full URL https://signin.att.com/static/siam/en/halo_c/halo-c-login/assets/images/logo.svg Requested by Host: acter.org.co URL: http://acter.org.co/At&t/att.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 144.161.77.234 , United States, ASN797 (AMERITECH-AS, US), Reverse DNS clcontent-ff.att.com Software / Resource Hash 6982fbe858e30068de9301b49438c83838bc7beb058146703b22b701e6709c7e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers Referer http://acter.org.co/At&t/att.php User-Agent phishfarmer Response headers date Sat, 13 Feb 2021 00:34:06 GMT last-modified Fri, 08 Jan 2021 03:08:21 GMT etag "20b1-5b85ade60b340" x-frame-options SAMEORIGIN iam_on 607 p3p CP="NON CUR OTPi OUR NOR UNI" access-control-allow-origin * strict-transport-security max-age=31536000; includeSubDomains; preload accept-ranges bytes content-type image/svg+xml apser p579 content-length 8369
GET H/1.1	200 OK	runtime.js Show response signin.att.com/static/siam/en/halo_c/halo-c-login/	1 KB 1 KB	1007ms 191ms	Script application/javascript	144.161.77.234 AMERITECH-AS
General Check archive.org Show headers Download Go to Full URL https://signin.att.com/static/siam/en/halo_c/halo-c-login/runtime.js?v=8.5.1 Requested by Host: acter.org.co URL: http://acter.org.co/At&t/att.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 144.161.77.234 , United States, ASN797 (AMERITECH-AS, US), Reverse DNS clcontent-ff.att.com Software / Resource Hash 6c5acbb82a46a4971660f65131241dffcc28828f4dbd76b8ec7bab0b468250f8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers Referer http://acter.org.co/At&t/att.php User-Agent phishfarmer Response headers date Sat, 13 Feb 2021 00:34:06 GMT content-encoding gzip last-modified Fri, 08 Jan 2021 03:08:21 GMT etag "5cd-5b85ade60b340" x-frame-options SAMEORIGIN iam_on 607 p3p CP="NON CUR OTPi OUR NOR UNI" access-control-allow-origin * transfer-encoding chunked strict-transport-security max-age=31536000; includeSubDomains; preload accept-ranges bytes content-type application/javascript apser p527
GET H/1.1	200 OK	polyfills.js Show response signin.att.com/static/siam/en/halo_c/halo-c-login/	45 KB 17 KB	1013ms 197ms	Script application/javascript	144.161.77.234 AMERITECH-AS
General Check archive.org Show headers Download Go to Full URL https://signin.att.com/static/siam/en/halo_c/halo-c-login/polyfills.js?v=8.5.1 Requested by Host: acter.org.co URL: http://acter.org.co/At&t/att.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 144.161.77.234 , United States, ASN797 (AMERITECH-AS, US), Reverse DNS clcontent-ff.att.com Software / Resource Hash 404242f2c176ef500776c795d03817ee93ec04b15fa756a4a19d8e288a53377f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers Referer http://acter.org.co/At&t/att.php User-Agent phishfarmer Response headers date Sat, 13 Feb 2021 00:34:06 GMT content-encoding gzip last-modified Fri, 08 Jan 2021 03:08:21 GMT etag "b3d2-5b85ade60b340" x-frame-options SAMEORIGIN iam_on 607 p3p CP="NON CUR OTPi OUR NOR UNI" access-control-allow-origin * transfer-encoding chunked strict-transport-security max-age=31536000; includeSubDomains; preload accept-ranges bytes content-type application/javascript apser p577
GET H/1.1	200 OK	vendor.js Show response signin.att.com/static/siam/en/halo_c/halo-c-login/	445 KB 150 KB	1014ms 197ms	Script application/javascript	144.161.77.234 AMERITECH-AS
General Check archive.org Show headers Download Go to Full URL https://signin.att.com/static/siam/en/halo_c/halo-c-login/vendor.js?v=8.5.1 Requested by Host: acter.org.co URL: http://acter.org.co/At&t/att.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 144.161.77.234 , United States, ASN797 (AMERITECH-AS, US), Reverse DNS clcontent-ff.att.com Software / Resource Hash a0c98fd4b30de8c0da998012e49673f84af12a8daf3d170ed2cd3865aeefba63 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers Referer http://acter.org.co/At&t/att.php User-Agent phishfarmer Response headers date Sat, 13 Feb 2021 00:34:06 GMT content-encoding gzip last-modified Fri, 08 Jan 2021 03:08:21 GMT etag "6f463-5b85ade60b340" x-frame-options SAMEORIGIN iam_on 607 p3p CP="NON CUR OTPi OUR NOR UNI" access-control-allow-origin * transfer-encoding chunked strict-transport-security max-age=31536000; includeSubDomains; preload accept-ranges bytes content-type application/javascript apser p580
GET H/1.1	200 OK	main.js Show response signin.att.com/static/siam/en/halo_c/halo-c-login/	91 KB 25 KB	193ms 193ms	Script application/javascript	144.161.77.234 AMERITECH-AS
General Check archive.org Show headers Download Go to Full URL https://signin.att.com/static/siam/en/halo_c/halo-c-login/main.js?v=8.5.1 Requested by Host: acter.org.co URL: http://acter.org.co/At&t/att.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 144.161.77.234 , United States, ASN797 (AMERITECH-AS, US), Reverse DNS clcontent-ff.att.com Software / Resource Hash 7fb499762f70ff748a9657f16eaf3fa2e40f29fe1bf9beddbde4673f8ece838e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers Referer http://acter.org.co/At&t/att.php User-Agent phishfarmer Response headers date Sat, 13 Feb 2021 00:34:06 GMT content-encoding gzip last-modified Fri, 08 Jan 2021 03:08:21 GMT etag "16bee-5b85ade60b340" x-frame-options SAMEORIGIN iam_on 607 p3p CP="NON CUR OTPi OUR NOR UNI" access-control-allow-origin * transfer-encoding chunked strict-transport-security max-age=31536000; includeSubDomains; preload accept-ranges bytes content-type application/javascript apser p580
GET H2	200	detm-container-ftr.js Show response www.att.com/scripts/adobe/prod/	581 B 688 B	96ms 93ms	Script application/x-javascript	2a02:26f0:7100:184::2db1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.att.com/scripts/adobe/prod/detm-container-ftr.js Requested by Host: acter.org.co URL: http://acter.org.co/At&t/att.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100:184::2db1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash bfb9ce8a55af349aac152bf1ef818376642d93fb4c2ccc3f54332cacbce1ad8f Security Headers Name Value Strict-Transport-Security max-age=15768000 ; preload Request headers Referer http://acter.org.co/At&t/att.php User-Agent phishfarmer Response headers date Sat, 13 Feb 2021 00:34:05 GMT content-encoding gzip last-modified Tue, 27 Oct 2020 23:04:26 GMT server AkamaiNetStorage etag "c7508b0191b26fbf61d7f89e013f14c9:1603839866.030563" vary Accept-Encoding content-type application/x-javascript cache-control no-cache, private, max-age=7776000 server-timing cdn-cache; desc=HIT, edge; dur=78 strict-transport-security max-age=15768000 ; preload accept-ranges bytes content-length 340
GET BLOB	200 OK	666c258f-86e6-4bc8-80af-56332e214612 http://acter.org.co/	17 KB 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:http://acter.org.co/666c258f-86e6-4bc8-80af-56332e214612 Requested by Host: acter.org.co URL: http://acter.org.co/At&t/att.php Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 17143b89bc1d01bed24799f4f4a41ef408bf571270c066a2e8d12b1e26f410d8 Request headers Referer User-Agent phishfarmer Response headers Content-Length 17224 Content-Type application/javascript
GET H3-Q050	200	json Show response fls.doubleclick.net/	40 B 819 B	95ms 63ms	Script text/javascript	142.250.186.102 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fls.doubleclick.net/json?spot=6100125&src=&var=s_3_Integrate_DFA_get_0&host=integrate.112.2o7.net%2Fdfa_echo%3Fvar%3Ds_3_Integrate_DFA_get_0%26AQE%3D1%26A2S%3D1&ord=1613176445816 Requested by Host: www.att.com URL: https://www.att.com/scripts/ssaf_universal_client/prod/ssaf-uc.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 142.250.186.102 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f6.1e100.net Software cafe / Resource Hash 121d7327471295d2aa1878ef94c8ab756375856d08ae24d3df11fa549e241633 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer http://acter.org.co/At&t/att.php User-Agent phishfarmer Response headers date Sat, 13 Feb 2021 00:34:05 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 60 x-xss-protection 0 pragma no-cache server cafe x-frame-options SAMEORIGIN content-type text/javascript; charset=ISO-8859-1 cache-control no-cache, must-revalidate timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	ATTAleckSans_W_Rg.woff signin.att.com/static/siam/en/halo_c/halo-c-login/	22 KB 23 KB	764ms 191ms	Font application/x-font-woff	144.161.77.234 AMERITECH-AS
General Check archive.org Show headers Download Go to Full URL https://signin.att.com/static/siam/en/halo_c/halo-c-login/ATTAleckSans_W_Rg.woff Requested by Host: signin.att.com URL: https://signin.att.com/static/siam/en/halo_c/halo-c-login/styles.css?v=8.5.1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 144.161.77.234 , United States, ASN797 (AMERITECH-AS, US), Reverse DNS clcontent-ff.att.com Software / Resource Hash 07b3a3d0f02092988f8b70fa51992fa109b23bbc82638fc857dee5ee0e3ad5dc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers Origin http://acter.org.co Referer https://signin.att.com/static/siam/en/halo_c/halo-c-login/styles.css?v=8.5.1 User-Agent phishfarmer Response headers date Sat, 13 Feb 2021 00:34:07 GMT last-modified Fri, 08 Jan 2021 03:08:21 GMT etag "5948-5b85ade60b340" x-frame-options SAMEORIGIN iam_on 607 p3p CP="NON CUR OTPi OUR NOR UNI" access-control-allow-origin * strict-transport-security max-age=31536000; includeSubDomains; preload accept-ranges bytes content-type application/x-font-woff apser p527 content-length 22856
GET H/1.1	200 OK	zenkey-icon.svg signin.att.com/static/siam/en/halo_c/halo-c-login/	373 B 770 B	191ms 190ms	Image image/svg+xml	144.161.77.234 AMERITECH-AS
General Check archive.org Show headers Download Go to Show image Full URL https://signin.att.com/static/siam/en/halo_c/halo-c-login/zenkey-icon.svg Requested by Host: signin.att.com URL: https://signin.att.com/static/siam/en/halo_c/halo-c-login/styles.css?v=8.5.1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 144.161.77.234 , United States, ASN797 (AMERITECH-AS, US), Reverse DNS clcontent-ff.att.com Software / Resource Hash bde0c02c23f58bacdd0622f928446c1512fdc85d9c141ceabffd36aee8aba60c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers Referer https://signin.att.com/static/siam/en/halo_c/halo-c-login/styles.css?v=8.5.1 User-Agent phishfarmer Response headers date Sat, 13 Feb 2021 00:34:07 GMT last-modified Fri, 08 Jan 2021 03:08:21 GMT etag "175-5b85ade60b340" x-frame-options SAMEORIGIN iam_on 607 p3p CP="NON CUR OTPi OUR NOR UNI" access-control-allow-origin * strict-transport-security max-age=31536000; includeSubDomains; preload accept-ranges bytes content-type image/svg+xml apser p577 content-length 373
GET H/1.1	200 OK	ATTAleckSans_W_Md.woff signin.att.com/static/siam/en/halo_c/halo-c-login/	23 KB 24 KB	778ms 194ms	Font application/x-font-woff	144.161.77.234 AMERITECH-AS
General Check archive.org Show headers Download Go to Full URL https://signin.att.com/static/siam/en/halo_c/halo-c-login/ATTAleckSans_W_Md.woff Requested by Host: signin.att.com URL: https://signin.att.com/static/siam/en/halo_c/halo-c-login/styles.css?v=8.5.1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 144.161.77.234 , United States, ASN797 (AMERITECH-AS, US), Reverse DNS clcontent-ff.att.com Software / Resource Hash d0c4812c9f1b672a7ea3420b10ea389cabb4b50694418965003250c876a2b13b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers Origin http://acter.org.co Referer https://signin.att.com/static/siam/en/halo_c/halo-c-login/styles.css?v=8.5.1 User-Agent phishfarmer Response headers date Sat, 13 Feb 2021 00:34:07 GMT last-modified Fri, 08 Jan 2021 03:08:21 GMT etag "5d6c-5b85ade60b340" x-frame-options SAMEORIGIN iam_on 607 p3p CP="NON CUR OTPi OUR NOR UNI" access-control-allow-origin * strict-transport-security max-age=31536000; includeSubDomains; preload accept-ranges bytes content-type application/x-font-woff apser p580 content-length 23916
GET H/1.1	200 OK	ATTAleckSans_W_BdIt.woff signin.att.com/static/siam/en/halo_c/halo-c-login/	23 KB 23 KB	779ms 195ms	Font application/x-font-woff	144.161.77.234 AMERITECH-AS
General Check archive.org Show headers Download Go to Full URL https://signin.att.com/static/siam/en/halo_c/halo-c-login/ATTAleckSans_W_BdIt.woff Requested by Host: signin.att.com URL: https://signin.att.com/static/siam/en/halo_c/halo-c-login/styles.css?v=8.5.1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 144.161.77.234 , United States, ASN797 (AMERITECH-AS, US), Reverse DNS clcontent-ff.att.com Software / Resource Hash 3664f91baec63678fabaa2afa2411aa50292e47cacb796aaf7c862620698d11e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers Origin http://acter.org.co Referer https://signin.att.com/static/siam/en/halo_c/halo-c-login/styles.css?v=8.5.1 User-Agent phishfarmer Response headers date Sat, 13 Feb 2021 00:34:07 GMT last-modified Fri, 08 Jan 2021 03:08:21 GMT etag "5c5c-5b85ade60b340" x-frame-options SAMEORIGIN iam_on 607 p3p CP="NON CUR OTPi OUR NOR UNI" access-control-allow-origin * strict-transport-security max-age=31536000; includeSubDomains; preload accept-ranges bytes content-type application/x-font-woff apser p577 content-length 23644
GET H/1.1	200 OK	ATTAleckSans_W_It.woff signin.att.com/static/siam/en/halo_c/halo-c-login/	23 KB 23 KB	783ms 196ms	Font application/x-font-woff	144.161.77.234 AMERITECH-AS
General Check archive.org Show headers Download Go to Full URL https://signin.att.com/static/siam/en/halo_c/halo-c-login/ATTAleckSans_W_It.woff Requested by Host: signin.att.com URL: https://signin.att.com/static/siam/en/halo_c/halo-c-login/styles.css?v=8.5.1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 144.161.77.234 , United States, ASN797 (AMERITECH-AS, US), Reverse DNS clcontent-ff.att.com Software / Resource Hash 9fd21e6b9dec5cfa594219e83c197897158642ef7f6f3e614b6872e6e15a6892 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers Origin http://acter.org.co Referer https://signin.att.com/static/siam/en/halo_c/halo-c-login/styles.css?v=8.5.1 User-Agent phishfarmer Response headers date Sat, 13 Feb 2021 00:34:07 GMT last-modified Fri, 08 Jan 2021 03:08:21 GMT etag "5b58-5b85ade60b340" x-frame-options SAMEORIGIN iam_on 607 p3p CP="NON CUR OTPi OUR NOR UNI" access-control-allow-origin * strict-transport-security max-age=31536000; includeSubDomains; preload accept-ranges bytes content-type application/x-font-woff apser p578 content-length 23384
GET DATA	200 OK	truncated /	343 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0e83d280e36ce078cd1d301e8a02367860d245e752f308eed1201c273fccf3e4 Request headers Referer User-Agent phishfarmer Response headers Content-Type image/svg+xml
GET H/1.1	403 Forbidden	/ signin.att.com/static/siam/	0 0	191ms 190ms	Image text/html	144.161.77.234 AMERITECH-AS
General Check archive.org Show headers Download Go to Show image Full URL https://signin.att.com/static/siam/ Requested by Host: acter.org.co URL: http://acter.org.co/At&t/att.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 144.161.77.234 , United States, ASN797 (AMERITECH-AS, US), Reverse DNS clcontent-ff.att.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://acter.org.co/At&t/att.php User-Agent phishfarmer Response headers
POST H2	200	/ Show response att-app.quantummetric.com/ Frame F399	90 B 425 B	397ms 130ms	XHR application/json	35.223.197.217 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://att-app.quantummetric.com/?T=B&u=http%3A%2F%2Facter.org.co%2FAt%26t%2Fatt.php&t=1613176447558&v=1613176447588&z=1&S=0&N=0&P=0 Requested by Host: cdn.quantummetric.com URL: https://cdn.quantummetric.com/qscripts/quantum-att.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.223.197.217 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 217.197.223.35.bc.googleusercontent.com Software nginx / Resource Hash 37b764dee6079758f6e2afe139220a7657cf8ef0f087abe14ea4477b4472da76 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer User-Agent phishfarmer Content-Type text/plain Response headers date Sat, 13 Feb 2021 00:34:07 GMT content-encoding gzip server nginx vary Accept-Encoding, Origin content-type application/json access-control-allow-origin http://acter.org.co access-control-allow-credentials true strict-transport-security max-age=31536000
POST H2	200	/ Show response att-sync.quantummetric.com/ Frame F399	0 165 B	399ms 133ms	XHR application/json	35.188.210.33 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://att-sync.quantummetric.com/?T=B&u=http%3A%2F%2Facter.org.co%2FAt%26t%2Fatt.php&t=1613176447558&v=1613176447591&z=1&Q=1&Y=1&X=279411d07bf04da83a93b954476b1c0f Requested by Host: cdn.quantummetric.com URL: https://cdn.quantummetric.com/qscripts/quantum-att.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.188.210.33 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 33.210.188.35.bc.googleusercontent.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer User-Agent phishfarmer Content-Type text/plain Response headers date Sat, 13 Feb 2021 00:34:07 GMT server nginx vary Origin content-type application/json access-control-allow-origin http://acter.org.co access-control-allow-credentials true strict-transport-security max-age=31536000 content-length 0
GET H2	200	/ Show response att-app.quantummetric.com/ Frame F399	28 B 244 B	134ms 134ms	XHR application/json	35.223.197.217 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://att-app.quantummetric.com/?s=e477aabf2575ccb5247f2b981e6122ec&H=1e9c23e9c06db5ecb14e22e5&Q=3 Requested by Host: cdn.quantummetric.com URL: https://cdn.quantummetric.com/qscripts/quantum-att.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.223.197.217 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 217.197.223.35.bc.googleusercontent.com Software nginx / Resource Hash 12d77f615d7df0946899d769baa6094c8060d6006df35a1afb54c152b070871e Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer User-Agent phishfarmer Response headers date Sat, 13 Feb 2021 00:34:08 GMT content-encoding gzip server nginx vary Accept-Encoding, Origin content-type application/json access-control-allow-origin http://acter.org.co access-control-allow-credentials true strict-transport-security max-age=31536000
POST H2	200	/ Show response att-app.quantummetric.com/ Frame F399	0 164 B	130ms 130ms	XHR application/json	35.223.197.217 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://att-app.quantummetric.com/?T=B&u=http%3A%2F%2Facter.org.co%2FAt%26t%2Fatt.php&t=1613176447558&v=1613176448138&H=1e9c23e9c06db5ecb14e22e5&s=e477aabf2575ccb5247f2b981e6122ec&U=6f30ca322e0fdb6cbcb346b599f9dc93&z=1&Q=2&S=0&N=0 Requested by Host: cdn.quantummetric.com URL: https://cdn.quantummetric.com/qscripts/quantum-att.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.223.197.217 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 217.197.223.35.bc.googleusercontent.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer User-Agent phishfarmer Content-Type text/plain Response headers date Sat, 13 Feb 2021 00:34:08 GMT server nginx vary Origin content-type application/json access-control-allow-origin http://acter.org.co access-control-allow-credentials true strict-transport-security max-age=31536000 content-length 0
POST H2	200	/ Show response att-app.quantummetric.com/ Frame F399	0 164 B	133ms 133ms	XHR application/json	35.223.197.217 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://att-app.quantummetric.com/?T=B&u=http%3A%2F%2Facter.org.co%2FAt%26t%2Fatt.php&t=1613176447558&v=1613176448277&H=1e9c23e9c06db5ecb14e22e5&s=e477aabf2575ccb5247f2b981e6122ec&z=1&S=843&N=7&P=1 Requested by Host: cdn.quantummetric.com URL: https://cdn.quantummetric.com/qscripts/quantum-att.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.223.197.217 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 217.197.223.35.bc.googleusercontent.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer User-Agent phishfarmer Content-Type text/plain Response headers date Sat, 13 Feb 2021 00:34:08 GMT server nginx vary Origin content-type application/json access-control-allow-origin http://acter.org.co access-control-allow-credentials true strict-transport-security max-age=31536000 content-length 0
POST H/1.1	200 OK	5058f9a1-d426-4412-9328-8a4d87697dee Show response managed.att.com/bf/	803 B 995 B	903ms 191ms	XHR text/plain	144.161.77.194 AMERITECH-AS
General Check archive.org Show headers Download Go to Full URL https://managed.att.com/bf/5058f9a1-d426-4412-9328-8a4d87697dee?dtCookie=-2%245B5BBE80A49UBFKUB5TJ1GJCN33MM4TJ;dtLatC=101;referer=http%3A%2F%2Facter.org.co%2FAt%26t%2Fatt.php;visitID=DRJFTEPBURVTJFMJLHCLPFQQMNPQIMAI-0;app=52b8119d19be9235;end=1 Requested by Host: acter.org.co URL: http://acter.org.co/At&t/att.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 144.161.77.194 , United States, ASN797 (AMERITECH-AS, US), Reverse DNS Software / Resource Hash 808ff6fb1788a0e79d2ed8f8913343cf056bfcb8170f5ea66a9c5a8594582465 Request headers Referer http://acter.org.co/At&t/att.php User-Agent phishfarmer Content-Type text/plain;charset=UTF-8 Response headers Access-Control-Allow-Origin http://acter.org.co Date Sat, 13 Feb 2021 00:34:09 GMT Cache-Control no-cache Content-Length 803 Content-Type text/plain;charset=utf-8
POST H2	200	/ Show response att-app.quantummetric.com/ Frame F399	0 164 B	130ms 130ms	XHR application/json	35.223.197.217 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://att-app.quantummetric.com/?T=B&u=http%3A%2F%2Facter.org.co%2FAt%26t%2Fatt.php&t=1613176447558&v=1613176452590&H=1e9c23e9c06db5ecb14e22e5&s=e477aabf2575ccb5247f2b981e6122ec&z=1&S=1399&N=15&P=2 Requested by Host: cdn.quantummetric.com URL: https://cdn.quantummetric.com/qscripts/quantum-att.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.223.197.217 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 217.197.223.35.bc.googleusercontent.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer User-Agent phishfarmer Content-Type text/plain Response headers date Sat, 13 Feb 2021 00:34:12 GMT server nginx vary Origin content-type application/json access-control-allow-origin http://acter.org.co access-control-allow-credentials true strict-transport-security max-age=31536000 content-length 0
POST H2	200	/ Show response att-app.quantummetric.com/ Frame F399	0 164 B	130ms 130ms	XHR application/json	35.223.197.217 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://att-app.quantummetric.com/?T=B&u=http%3A%2F%2Facter.org.co%2FAt%26t%2Fatt.php&t=1613176447558&v=1613176452722&H=1e9c23e9c06db5ecb14e22e5&s=e477aabf2575ccb5247f2b981e6122ec&z=1&Q=2&S=670&N=1 Requested by Host: cdn.quantummetric.com URL: https://cdn.quantummetric.com/qscripts/quantum-att.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.223.197.217 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 217.197.223.35.bc.googleusercontent.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer User-Agent phishfarmer Content-Type text/plain Response headers date Sat, 13 Feb 2021 00:34:12 GMT server nginx vary Origin content-type application/json access-control-allow-origin http://acter.org.co access-control-allow-credentials true strict-transport-security max-age=31536000 content-length 0
POST H/1.1	200 OK	5058f9a1-d426-4412-9328-8a4d87697dee Show response managed.att.com/bf/	803 B 995 B	191ms 190ms	XHR text/plain	144.161.77.194 AMERITECH-AS
General Check archive.org Show headers Download Go to Full URL https://managed.att.com/bf/5058f9a1-d426-4412-9328-8a4d87697dee?dtCookie=null;referer=http%3A%2F%2Facter.org.co%2FAt%26t%2Fatt.php;visitID=DRJFTEPBURVTJFMJLHCLPFQQMNPQIMAI-0;app=52b8119d19be9235;end=1 Requested by Host: acter.org.co URL: http://acter.org.co/At&t/att.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 144.161.77.194 , United States, ASN797 (AMERITECH-AS, US), Reverse DNS Software / Resource Hash e637a08a61105577e9819cf4d9d30df0c11ac4bb0fecc0280a131d500b9df69a Request headers Referer http://acter.org.co/At&t/att.php User-Agent phishfarmer Content-Type text/plain;charset=UTF-8 Response headers Access-Control-Allow-Origin http://acter.org.co Date Sat, 13 Feb 2021 00:34:16 GMT Cache-Control no-cache Content-Length 803 Content-Type text/plain;charset=utf-8

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: AT&T (Telecommunication)

229 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated object| dT_ object| dtrum string| detmScriptLoadType string| mid string| adobe_mc string| href undefined| analytics_app_visitor_id undefined| ts undefined| newurl object| detm_last_link_info function| isIE function| _pageLoadDetector function| _earlyAnalytics function| e boolean| disableAudienceManager object| visitor object| DataMappingInterface string| detm_tag_notification_key string| legacyModeKey object| scripts object| script string| src function| satelliteDetector function| scriptExecutor string| filesadded boolean| monecontwatched function| loadAdsFile function| injectHtmlTag function| executeMonetizationTagInjection function| injectMonetization function| iterateANConfigObj function| findAccurateConfig undefined| detmScriptLoaderConfig function| detmScriptLoader undefined| detmLoader undefined| AllowDelayedLoad object| earlyAnalytics object| chatAnalytics function| Visitor object| s_c_il number| s_c_in boolean| detmDisabled object| detmScriptExecutor function| detmDomainMapper object| detmTagControls function| QuantumMetricInstrumentationStart object| QuantumMetricAPI function| qmflate object| s_3_Integrate_DFA_get_0 object| ddo function| AnalyticsNotificationFramework function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_ActivityMap object| j function| E function| AppMeasurement_Module_Media function| AppMeasurement_Module_AudienceManagement function| AppMeasurement function| s_gi function| s_pgicq function| DIL number| s_objectID number| s_giq function| master_ddo function| master_dmf object| uc_dfa_val number| dfaSuccess boolean| DMviaDM function| edmDataManager function| docReady object| loginJspEnvVars string| loginLanguage object| HaloCTimeout function| detmExecuteFooter function| $localize function| Zone function| __zone_symbol__Promise function| __zone_symbol__ZoneAwarePromise function| __zone_symbol__fetch function| __zone_symbol__legacyPatch function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononmessageerrorpatched function| _ object| __zone_symbol__DM_DOC_READYfalse function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers object| __zone_symbol__keydownfalse object| __zone_symbol__keyupfalse object| __zone_symbol__messagefalse function| __zone_symbol__ON_PROPERTYerror object| __zone_symbol__errorfalse object| __zone_symbol__loadfalse object| __zone_symbol__DOMContentLoadedfalse object| __zone_symbol__resizefalse object| __zone_symbol__pagehidefalse object| __zone_symbol__orientationchangefalse object| __zone_symbol__scrollfalse object| __zone_symbol__focustrue object| __zone_symbol__blurtrue function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.acter.org.co/	1969-12-31 23:59:59	Name: rxvt Value: 1613178247907|1613176445714
			.acter.org.co/	1969-12-31 23:59:59	Name: dtPC Value: -2$376445707_287h12vDRJFTEPBURVTJFMJLHCLPFQQMNPQIMAI-0e1
			.acter.org.co/	1969-12-31 23:59:59	Name: dtSa Value: -
			.acter.org.co/	1969-12-31 23:59:59	Name: rxVisitor Value: 1613176445711S98PTKB1PIP7946059FRH42O0FT8KI20
			.acter.org.co/	1969-12-31 23:59:59	Name: dtLatC Value: 101
			.acter.org.co/	1969-12-31 23:59:59	Name: dtCookie Value: -2$5B5BBE80A49UBFKUB5TJ1GJCN33MM4TJ

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.att.com/scripts/ssaf_universal_client/prod/ssaf-uc.js(Line 2) Message: loadFile: Sucessfully loaded DFA script [object Event]
console-api	log	URL: https://www.att.com/scripts/ssaf_universal_client/prod/ssaf-uc.js(Line 2) Message: DFA Success response data [object Event]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acter.org.co
att-app.quantummetric.com
att-sync.quantummetric.com
cdn.quantummetric.com
fls.doubleclick.net
managed.att.com
signin-static-js.att.com
signin.att.com
www.att.com
142.250.186.102
144.161.77.194
144.161.77.234
199.250.218.2
2606:4700:10::ac43:149e
2a02:26f0:7100:184::2db1
35.188.210.33
35.223.197.217
077081897423b9f7302aa007f0b807430502117e4b4690348208339f4f3d831b
07b3a3d0f02092988f8b70fa51992fa109b23bbc82638fc857dee5ee0e3ad5dc
0e83d280e36ce078cd1d301e8a02367860d245e752f308eed1201c273fccf3e4
121d7327471295d2aa1878ef94c8ab756375856d08ae24d3df11fa549e241633
12d77f615d7df0946899d769baa6094c8060d6006df35a1afb54c152b070871e
17143b89bc1d01bed24799f4f4a41ef408bf571270c066a2e8d12b1e26f410d8
240ec5a044be6d1899cc61402c8f5aa3e36933c895fd141870de29f34ee0c056
25204a5b89e87ca8f9dced5e81e2452c6f2fad3af3a3d09d1face28315fca3ac
3664f91baec63678fabaa2afa2411aa50292e47cacb796aaf7c862620698d11e
37b764dee6079758f6e2afe139220a7657cf8ef0f087abe14ea4477b4472da76
404242f2c176ef500776c795d03817ee93ec04b15fa756a4a19d8e288a53377f
6982fbe858e30068de9301b49438c83838bc7beb058146703b22b701e6709c7e
6c5acbb82a46a4971660f65131241dffcc28828f4dbd76b8ec7bab0b468250f8
7fb499762f70ff748a9657f16eaf3fa2e40f29fe1bf9beddbde4673f8ece838e
808ff6fb1788a0e79d2ed8f8913343cf056bfcb8170f5ea66a9c5a8594582465
83f5ed17f46cd4448a02c705214a95e869ecb411c8ea95e1256593c75e178e56
945f5fd8fcf61e55f842f77ee2a5d5239f154d1c66c51af77989b64b4c679ebc
9585a6de2c003816b07ae4fd8b535fdba5928fdb2e40ca1a34214c7031a8fa1c
9fd21e6b9dec5cfa594219e83c197897158642ef7f6f3e614b6872e6e15a6892
a0c98fd4b30de8c0da998012e49673f84af12a8daf3d170ed2cd3865aeefba63
a91ff3ee197f1ad91d5903d6cc8d61e79596018dacf8f5d55935d70bbd7323f7
bde0c02c23f58bacdd0622f928446c1512fdc85d9c141ceabffd36aee8aba60c
bfb9ce8a55af349aac152bf1ef818376642d93fb4c2ccc3f54332cacbce1ad8f
d0c4812c9f1b672a7ea3420b10ea389cabb4b50694418965003250c876a2b13b
d77b871e65dca5b2cd96c005e842108511b744e88ff180621ba501b8ff7f7b19
e32a6ae5e43f7f652674e0f03dc23f86839f839b29ee4e63c01c93da180bb0d0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e637a08a61105577e9819cf4d9d30df0c11ac4bb0fecc0280a131d500b9df69a
f6c43d1cbc979c0f2ef5a997a049954ff63c6e997d9bfcbb61babd4c5ad17520
ffd04a1be5ea1ecca5b46ef897cf65b0e44b053a2ec85a0fae632e7aca147a30