bellsouth-regdomain.duckdns.org
Open in
urlscan Pro
212.1.211.227
Malicious Activity!
Public Scan
Submission: On May 12 via automatic, source openphish
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on May 7th 2020. Valid for: 3 months.
This is the only time bellsouth-regdomain.duckdns.org was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic (Online) AT&T (Telecommunication)Domain & IP information
ASN47583 (AS-HOSTINGER, LT)
PTR: lio.boxsecured.com
bellsouth-regdomain.duckdns.org |
ASN15169 (GOOGLE, US)
PTR: fra15s11-in-f2.1e100.net
www.googleadservices.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net
securepubads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
adservice.google.com | |
pagead2.googlesyndication.com |
ASN16625 (AKAMAI-AS, US)
PTR: a104-111-216-57.deploy.static.akamaitechnologies.com
smetrics.att.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
PTR: wo-in-f155.1e100.net
bid.g.doubleclick.net |
ASN29990 (ASN-APPNEX, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com |
ASN15169 (GOOGLE, US)
tpc.googlesyndication.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
att.com
1 redirects
www.att.com pre-www.att.com smetrics.att.com |
272 KB |
17 |
att.net
home.secureapp.att.net |
220 KB |
9 |
googlesyndication.com
pagead2.googlesyndication.com tpc.googlesyndication.com |
401 KB |
9 |
doubleclick.net
2 redirects
securepubads.g.doubleclick.net googleads.g.doubleclick.net bid.g.doubleclick.net stats.g.doubleclick.net |
110 KB |
6 |
google.com
2 redirects
adservice.google.com www.google.com |
1 KB |
4 |
ampproject.org
cdn.ampproject.org |
148 KB |
4 |
google.de
www.google.de |
485 B |
4 |
duckdns.org
bellsouth-regdomain.duckdns.org |
14 KB |
2 |
facebook.com
www.facebook.com |
400 B |
2 |
inq.com
att.inq.com |
8 KB |
2 |
google-analytics.com
1 redirects
www.google-analytics.com |
18 KB |
1 |
agkn.com
d.agkn.com |
584 B |
1 |
adnxs.com
ib.adnxs.com |
356 B |
1 |
bing.com
bat.bing.com |
283 B |
1 |
facebook.net
connect.facebook.net |
105 KB |
1 |
google.ch
adservice.google.ch |
952 B |
1 |
googleadservices.com
www.googleadservices.com |
11 KB |
1 |
synacor.com
sadlib.static-app.synacor.com |
84 KB |
80 | 18 |
Domain | Requested by | |
---|---|---|
17 | home.secureapp.att.net |
bellsouth-regdomain.duckdns.org
home.secureapp.att.net |
13 | www.att.com |
bellsouth-regdomain.duckdns.org
www.att.com pre-www.att.com |
5 | tpc.googlesyndication.com |
securepubads.g.doubleclick.net
bellsouth-regdomain.duckdns.org tpc.googlesyndication.com cdn.ampproject.org |
5 | www.google.com |
2 redirects
bellsouth-regdomain.duckdns.org
|
4 | cdn.ampproject.org |
securepubads.g.doubleclick.net
|
4 | pagead2.googlesyndication.com |
securepubads.g.doubleclick.net
|
4 | www.google.de | |
4 | securepubads.g.doubleclick.net |
sadlib.static-app.synacor.com
securepubads.g.doubleclick.net bellsouth-regdomain.duckdns.org |
4 | pre-www.att.com |
www.att.com
|
4 | bellsouth-regdomain.duckdns.org |
bellsouth-regdomain.duckdns.org
att.inq.com |
3 | googleads.g.doubleclick.net |
1 redirects
www.googleadservices.com
|
2 | www.facebook.com | |
2 | smetrics.att.com | 1 redirects |
2 | att.inq.com |
www.att.com
att.inq.com |
2 | www.google-analytics.com |
1 redirects
www.att.com
|
1 | d.agkn.com | |
1 | ib.adnxs.com | |
1 | bat.bing.com | |
1 | stats.g.doubleclick.net | 1 redirects |
1 | connect.facebook.net |
www.att.com
|
1 | bid.g.doubleclick.net |
www.googleadservices.com
|
1 | adservice.google.com |
securepubads.g.doubleclick.net
|
1 | adservice.google.ch |
securepubads.g.doubleclick.net
|
1 | www.googleadservices.com |
www.att.com
|
1 | sadlib.static-app.synacor.com |
bellsouth-regdomain.duckdns.org
|
80 | 25 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.att.net |
www.att.com |
watch.att.com |
envivo.att.yahoo.com |
attreg.att.net |
about.att.com |
www.xandr.com |
survey.foreseeresults.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
bellsouth-regdomain.duckdns.org Let's Encrypt Authority X3 |
2020-05-07 - 2020-08-05 |
3 months | crt.sh |
*.att.com DigiCert SHA2 Secure Server CA |
2020-01-07 - 2021-02-04 |
a year | crt.sh |
home.secureapp.att.net DigiCert SHA2 Secure Server CA |
2018-09-17 - 2020-09-17 |
2 years | crt.sh |
*.static-app.synacor.com DigiCert SHA2 High Assurance Server CA |
2019-08-05 - 2021-08-25 |
2 years | crt.sh |
www.googleadservices.com GTS CA 1O1 |
2020-04-15 - 2020-07-08 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-04-15 - 2020-07-08 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2020-04-15 - 2020-07-08 |
3 months | crt.sh |
*.google.ch GTS CA 1O1 |
2020-04-28 - 2020-07-21 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2020-04-15 - 2020-07-08 |
3 months | crt.sh |
*.inq.com GeoTrust RSA CA 2018 |
2019-10-30 - 2021-12-08 |
2 years | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-04-15 - 2020-07-14 |
3 months | crt.sh |
www.google.de GTS CA 1O1 |
2020-04-15 - 2020-07-08 |
3 months | crt.sh |
www.bing.com Microsoft IT TLS CA 2 |
2019-04-30 - 2021-04-30 |
2 years | crt.sh |
*.adnxs.com DigiCert ECC Secure Server CA |
2019-01-23 - 2021-03-08 |
2 years | crt.sh |
www.google.com GTS CA 1O1 |
2020-04-15 - 2020-07-08 |
3 months | crt.sh |
tpc.googlesyndication.com GTS CA 1O1 |
2020-04-15 - 2020-07-08 |
3 months | crt.sh |
*.agkn.com RapidSSL RSA CA 2018 |
2018-06-21 - 2020-09-16 |
2 years | crt.sh |
misc-sni.google.com GTS CA 1O1 |
2020-04-15 - 2020-07-08 |
3 months | crt.sh |
This page contains 5 frames:
Primary Page:
https://bellsouth-regdomain.duckdns.org/new%20at&t/olam/?callingSystemId=eCare&key=ecare&returnURL=https://www.att.com/
Frame ID: AE811FDBDEBE9BA5198C7FB80396B9D2
Requests: 69 HTTP requests in this frame
Frame:
https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Frame ID: 9774DB37FC95229BEA4D8CDD9D00C485
Requests: 1 HTTP requests in this frame
Frame:
https://bellsouth-regdomain.duckdns.org/inqChat.html?IFRAME
Frame ID: FC591379B075449CEDC5D7F2CB5D7A9C
Requests: 1 HTTP requests in this frame
Frame:
https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js
Frame ID: ACCDF9D44E33461DBB920F5BE196B2E6
Requests: 9 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 7A99C57A9B128FAB45B4E2C9FE329CF6
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
LiteSpeed (Web Servers) ExpandDetected patterns
- headers server /^LiteSpeed$/i
Google AdSense (Advertising Networks) Expand
Detected patterns
- script /googlesyndication\.com\//i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Page Statistics
14 Outgoing links
These are links going to different origins than the main page.
Title: att.net
Search URL Search Domain Scan URL
Title: att.com
Search URL Search Domain Scan URL
Title: uverse.com
Search URL Search Domain Scan URL
Title: En Español
Search URL Search Domain Scan URL
Title: AT&T Support
Search URL Search Domain Scan URL
Title: Forgot User ID?
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Terms
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Advertise
Search URL Search Domain Scan URL
Title: Advertising Choices
Search URL Search Domain Scan URL
Title: Acceptable Use Policy
Search URL Search Domain Scan URL
Title: Feedback
Search URL Search Domain Scan URL
Title: © 2020 AT&T Intellectual Property
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 45- https://smetrics.att.com/b/ss/attglobaldev/1/JS-2.11.0/s28374068751105?AQB=1&ndh=1&pf=1&t=12%2F4%2F2020%202%3A29%3A7%202%20-120&ce=UTF-8&ns=att1&fpCookieDomainPeriods=2&pageName=net%7Cbellsouth-regdomain.duckdns%7Cnew%2520at%26t%7Colam%7C&g=https%3A%2F%2Fbellsouth-regdomain.duckdns.org%2Fnew%2520at%26t%2Folam%2F%3FcallingSystemId%3DeCare%26key%3Decare%26returnURL%3Dhttps%3A%2F%2Fwww.att.com%2F&c.&visitorAPI=VisitorAPI%20Present&.c&cc=USD&ch=net&server=bellsouth-regdomain.duckdns.org&c1=bellsouth-regdomain.duckdns&h1=net%2Fbellsouth-regdomain.duckdns%2Fnew%2520at%26t%2Folam%2F&c2=net%7Cbellsouth-regdomain.duckdns&c3=net%7Cbellsouth-regdomain.duckdns%7Cnew%2520at%26t&l3=%257B%2522events%2522%253A%255B%257B%2522eventAction%2522%253A%2522pageLoad%2522%252C%2522eventCode%2522%253A%2522page%2520loaded%2522%252C%2522id%2522%253A%2522b5604c1e-1933-40a0-82a2-24c30a4a4fa3%2522%252C%2522intersectid%2522%253A%2522b5604c1e-1933-40a0-82a2-24c30a4a4fa3%2522%252C%2522SSAFAdobeBypass%2522%253Atrue%252C%2522_evtAddressBarFullURL%2522%253A%2522https%253A%2F%2Fbellsouth-regdomain.duckdns.org%2Fnew%252520at%2526t%2Folam%2F%253FcallingSystemId%253DeCare%2526key%253Decare%2526returnURL%253Dhttps%253A%2F%2Fwww.att.com%2F%2522%252C%2522_evtDomain%2522%253A%2522bellsouth-regdomain.duckdns.org%2522%252C%2522_evtTitle%2522%253A%2522AT%2526T%2520-%2520Login%2522%252C%2522_evtPageName%2522%253A%2522net%257Cbellsouth-regdomain.duckdns%257Cnew%252520at%2526t%257Colam%257C%2522%252C%2522_evtChatState%2522%253A%2522offline%2522%252C%2522_evtQuerystring%2522%253A%2522callingSystemId%253DeCare%2526key%253Decare%2526returnURL%253Dhttps%253A%2F%2Fwww.att.com%2F%2522%252C%2522_evtLanguage%2522%253A%2522EN%2522%252C%2522_evtResponsiveWebDesignFlag%2522%253A%25220%2522%252C%2522_evtmaxPageDepthViewed%2522%253A%25221200%257C%257C%2522%252C%2522_evtPageGroup%2522%253A%2522UNDEFINED%2522%252C%2522_evtPageOwnership%2522%253A%2522Consumer%2522%252C%2522_evtSdgFlag%2522%253A%25220%2522%252C%2522_evtTechLanguage%2522%253A%2522en-US%2522%252C%2522_evtTechUserAgent%2522%253A%2522Mozilla%2F5.0%2520%2528Macintosh%253B%2520Intel%2520Mac%2520OS%2520X%252010_14_5%2529%2520AppleWebKit%2F537.36%2520%2528KHTML%252C%2520like%2520Gecko%2529%2520Chrome%2F74.0.3729.169%2520Safari%2F537.36%2522%252C%2522_evtPageURL%2522%253A%2522%2Fnew%252520at%2526t%2Folam%2F%2522%252C%2522_processedByWT%2522%253A1%252C%2522_processedByAdobe%2522%253A0%252C%2522_processedDueToTime%2522%253A0%252C%2522pageLoadNotificationIsDelayed%2522%253Afalse%252C%2522sourceSystem%2522%253A%2522DETM%2522%252C%2522_evtInstructions%2522%253A%257B%2522sendHitNow%2522%253Atrue%252C%2522isPageView%2522%253Atrue%252C%2522processor%2522%253A%2522PV%2522%257D%252C%2522_clearDataLayer%2522%253A0%252C%2522_sendHitNow%2522%253A1%252C%2522_evtTimestampJS%2522%253A1589243347764%252C%2522_evtPageTimestampJS%2522%253A1589243347764%252C%2522_evtDMInitTimestampJS%2522%253A1589243345673%252C%2522bindcounterpartexpunged%2522%253Afalse%252C%2522_evtIsBound%2522%253A0%252C%2522_evt_DTM_InEventHandler%2522%253A1%252C%2522_wtConditionProcessed%2522%253A0%252C%2522_evtOrder%2522%253A1%257D%255D%252C%2522edm%2522%253A%257B%257D%252C%2522page%2522%253A%257B%2522media%2522%253A%257B%2522objective%2522%253A%2522Other%2522%252C%2522type%2522%253A%2522Other%2522%257D%252C%2522pageInfo%2522%253A%257B%2522chatState%2522%253A%2522offline%2522%252C%2522maxPageDepthViewed%2522%253A%25221200%257C%257C%2522%257D%257D%252C%2522extended%2522%253A%257B%2522scvi%2522%253A%257B%2522Data_Source%2522%253A%2522%2522%252C%2522SC_Version%2522%253A%25221156%2522%252C%2522EDM_Version%2522%253A%25221107%2520prod%2522%252C%2522EDD_Version%2522%253A%25221110%2520prod%2522%252C%2522Direct_Call_Rule%2522%253A%2522PV%2522%252C%2522Reporting_Suite%2522%253A%2522attglobaldev%2522%252C%2522App_Measurement_Version%2522%253A%25222.11.0%2522%257D%257D%257D&c5=EN&c6=1156%7C2.11.0%7C3.4.0%7CDMapi%3D1107%20prod%7CDMcfg%3D1110%20prod&v7=D%3DUser-Agent&v8=8%3A29%20PM%7CMonday&v10=D%3Dchannel&c12=D%3DUser-Agent&v13=%2Fnew%2520at%26t%2Folam%2F&v14=callingSystemId%3DeCare%26key%3Decare%26returnURL%3Dhttps%3A%2F%2Fwww.att.com%2F&v18=net%7Cbellsouth-regdomain.duckdns%7Cnew%2520at%26t%7Colam%7C&c21=D%3Dmid&c24=AT%26T%20-%20Login&c25=8%3A29%20PM%7CMonday&c26=Nonresponsive%7CUNKNOWN&c27=not%20set&c29=%2Fnew%2520at%26t%2Folam%2F&c30=D%3Daid&v34=Nonresponsive%7CUNKNOWN&c35=True%7CdigitalData&v35=EN&c37=Default&c41=callingSystemId%3DeCare%26key%3Decare%26returnURL%3Dhttps%3A%2F%2Fwww.att.com%2F&c53=D%3Dpe&c58=pageLoad&v61=%7COther%7C%7COther%7C%7C%7C%7C%7C%7C&c67=DETM&c68=b5604c1e-1933-40a0-82a2-24c30a4a4fa3&v69=Qualified&c73=offline&v73=offline&v75=DM%7CSCode%3D1156%7CDM%3D1107%20prod%7CDD%3D1110%20prod%7CDTM%3Dundefined%7CDMRule%3DPV%7CVisitorID%3D3.4.0%7CAppMeasurement%3D2.11.0%7Cattglobaldev&v81=%7C&v85=https%3A%2F%2Fbellsouth-regdomain.duckdns.org%2Fnew%2520at%26t%2Folam%2F%3FcallingSystemId%3DeCare%26key%3Decare%26returnURL%3Dhttps%3A%2F%2Fwww.att.com%2F&v95=Consumer%7C%7C%7C&v100=1200%7C%7C&v161=bellsouth-regdomain.duckdns.org&v162=Consumer&v167=Unauthenticated&v188=%2Fnew%2520at%26t%2Folam%2F&v191=CC%3DNo%7CFN%3DNo%7CDAR%3DNo%7C%7C&v206=Default&s=1600x1200&c=24&j=1.6&v=N&k=N&bw=1600&bh=1200&AQE=1 HTTP 302
- https://smetrics.att.com/b/ss/attglobaldev/1/JS-2.11.0/s28374068751105?AQB=1&pccr=true&vidn=2F5CF6E98515A3CD-60000A0EB303A75F&ndh=1&pf=1&t=12%2F4%2F2020%202%3A29%3A7%202%20-120&ce=UTF-8&ns=att1&fpCookieDomainPeriods=2&pageName=net%7Cbellsouth-regdomain.duckdns%7Cnew%2520at%26t%7Colam%7C&g=https%3A%2F%2Fbellsouth-regdomain.duckdns.org%2Fnew%2520at%26t%2Folam%2F%3FcallingSystemId%3DeCare%26key%3Decare%26returnURL%3Dhttps%3A%2F%2Fwww.att.com%2F&c.&visitorAPI=VisitorAPI%20Present&.c&cc=USD&ch=net&server=bellsouth-regdomain.duckdns.org&c1=bellsouth-regdomain.duckdns&h1=net%2Fbellsouth-regdomain.duckdns%2Fnew%2520at%26t%2Folam%2F&c2=net%7Cbellsouth-regdomain.duckdns&c3=net%7Cbellsouth-regdomain.duckdns%7Cnew%2520at%26t&l3=%257B%2522events%2522%253A%255B%257B%2522eventAction%2522%253A%2522pageLoad%2522%252C%2522eventCode%2522%253A%2522page%2520loaded%2522%252C%2522id%2522%253A%2522b5604c1e-1933-40a0-82a2-24c30a4a4fa3%2522%252C%2522intersectid%2522%253A%2522b5604c1e-1933-40a0-82a2-24c30a4a4fa3%2522%252C%2522SSAFAdobeBypass%2522%253Atrue%252C%2522_evtAddressBarFullURL%2522%253A%2522https%253A%2F%2Fbellsouth-regdomain.duckdns.org%2Fnew%252520at%2526t%2Folam%2F%253FcallingSystemId%253DeCare%2526key%253Decare%2526returnURL%253Dhttps%253A%2F%2Fwww.att.com%2F%2522%252C%2522_evtDomain%2522%253A%2522bellsouth-regdomain.duckdns.org%2522%252C%2522_evtTitle%2522%253A%2522AT%2526T%2520-%2520Login%2522%252C%2522_evtPageName%2522%253A%2522net%257Cbellsouth-regdomain.duckdns%257Cnew%252520at%2526t%257Colam%257C%2522%252C%2522_evtChatState%2522%253A%2522offline%2522%252C%2522_evtQuerystring%2522%253A%2522callingSystemId%253DeCare%2526key%253Decare%2526returnURL%253Dhttps%253A%2F%2Fwww.att.com%2F%2522%252C%2522_evtLanguage%2522%253A%2522EN%2522%252C%2522_evtResponsiveWebDesignFlag%2522%253A%25220%2522%252C%2522_evtmaxPageDepthViewed%2522%253A%25221200%257C%257C%2522%252C%2522_evtPageGroup%2522%253A%2522UNDEFINED%2522%252C%2522_evtPageOwnership%2522%253A%2522Consumer%2522%252C%2522_evtSdgFlag%2522%253A%25220%2522%252C%2522_evtTechLanguage%2522%253A%2522en-US%2522%252C%2522_evtTechUserAgent%2522%253A%2522Mozilla%2F5.0%2520%2528Macintosh%253B%2520Intel%2520Mac%2520OS%2520X%252010_14_5%2529%2520AppleWebKit%2F537.36%2520%2528KHTML%252C%2520like%2520Gecko%2529%2520Chrome%2F74.0.3729.169%2520Safari%2F537.36%2522%252C%2522_evtPageURL%2522%253A%2522%2Fnew%252520at%2526t%2Folam%2F%2522%252C%2522_processedByWT%2522%253A1%252C%2522_processedByAdobe%2522%253A0%252C%2522_processedDueToTime%2522%253A0%252C%2522pageLoadNotificationIsDelayed%2522%253Afalse%252C%2522sourceSystem%2522%253A%2522DETM%2522%252C%2522_evtInstructions%2522%253A%257B%2522sendHitNow%2522%253Atrue%252C%2522isPageView%2522%253Atrue%252C%2522processor%2522%253A%2522PV%2522%257D%252C%2522_clearDataLayer%2522%253A0%252C%2522_sendHitNow%2522%253A1%252C%2522_evtTimestampJS%2522%253A1589243347764%252C%2522_evtPageTimestampJS%2522%253A1589243347764%252C%2522_evtDMInitTimestampJS%2522%253A1589243345673%252C%2522bindcounterpartexpunged%2522%253Afalse%252C%2522_evtIsBound%2522%253A0%252C%2522_evt_DTM_InEventHandler%2522%253A1%252C%2522_wtConditionProcessed%2522%253A0%252C%2522_evtOrder%2522%253A1%257D%255D%252C%2522edm%2522%253A%257B%257D%252C%2522page%2522%253A%257B%2522media%2522%253A%257B%2522objective%2522%253A%2522Other%2522%252C%2522type%2522%253A%2522Other%2522%257D%252C%2522pageInfo%2522%253A%257B%2522chatState%2522%253A%2522offline%2522%252C%2522maxPageDepthViewed%2522%253A%25221200%257C%257C%2522%257D%257D%252C%2522extended%2522%253A%257B%2522scvi%2522%253A%257B%2522Data_Source%2522%253A%2522%2522%252C%2522SC_Version%2522%253A%25221156%2522%252C%2522EDM_Version%2522%253A%25221107%2520prod%2522%252C%2522EDD_Version%2522%253A%25221110%2520prod%2522%252C%2522Direct_Call_Rule%2522%253A%2522PV%2522%252C%2522Reporting_Suite%2522%253A%2522attglobaldev%2522%252C%2522App_Measurement_Version%2522%253A%25222.11.0%2522%257D%257D%257D&c5=EN&c6=1156%7C2.11.0%7C3.4.0%7CDMapi%3D1107%20prod%7CDMcfg%3D1110%20prod&v7=D%3DUser-Agent&v8=8%3A29%20PM%7CMonday&v10=D%3Dchannel&c12=D%3DUser-Agent&v13=%2Fnew%2520at%26t%2Folam%2F&v14=callingSystemId%3DeCare%26key%3Decare%26returnURL%3Dhttps%3A%2F%2Fwww.att.com%2F&v18=net%7Cbellsouth-regdomain.duckdns%7Cnew%2520at%26t%7Colam%7C&c21=D%3Dmid&c24=AT%26T%20-%20Login&c25=8%3A29%20PM%7CMonday&c26=Nonresponsive%7CUNKNOWN&c27=not%20set&c29=%2Fnew%2520at%26t%2Folam%2F&c30=D%3Daid&v34=Nonresponsive%7CUNKNOWN&c35=True%7CdigitalData&v35=EN&c37=Default&c41=callingSystemId%3DeCare%26key%3Decare%26returnURL%3Dhttps%3A%2F%2Fwww.att.com%2F&c53=D%3Dpe&c58=pageLoad&v61=%7COther%7C%7COther%7C%7C%7C%7C%7C%7C&c67=DETM&c68=b5604c1e-1933-40a0-82a2-24c30a4a4fa3&v69=Qualified&c73=offline&v73=offline&v75=DM%7CSCode%3D1156%7CDM%3D1107%20prod%7CDD%3D1110%20prod%7CDTM%3Dundefined%7CDMRule%3DPV%7CVisitorID%3D3.4.0%7CAppMeasurement%3D2.11.0%7Cattglobaldev&v81=%7C&v85=https%3A%2F%2Fbellsouth-regdomain.duckdns.org%2Fnew%2520at%26t%2Folam%2F%3FcallingSystemId%3DeCare%26key%3Decare%26returnURL%3Dhttps%3A%2F%2Fwww.att.com%2F&v95=Consumer%7C%7C%7C&v100=1200%7C%7C&v161=bellsouth-regdomain.duckdns.org&v162=Consumer&v167=Unauthenticated&v188=%2Fnew%2520at%26t%2Folam%2F&v191=CC%3DNo%7CFN%3DNo%7CDAR%3DNo%7C%7C&v206=Default&s=1600x1200&c=24&j=1.6&v=N&k=N&bw=1600&bh=1200&AQE=1
- https://googleads.g.doubleclick.net/pagead/viewthroughconversion/999036414/?random=1589243347820&cv=9&fst=1589243347820&num=1&fmt=3&bg=ffffff&hl=EN&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0>m=2od4t0&sendb=1&ig=1&data=event%3Dpage_view%3BlineOfBusiness-hit%3DDefault%3BlineOfBusiness-session%3DDefault%3BloggedIn%3D(not%20set)%3BcustomerType%3DUNKNOWN%3BpageType-hit%3DDefault%3BpageType-session%3DDefault%3BflowCode%3DDefault%3Bliabilitytype%3DDefault%3Bcustomerproducts%3DDefault%3Bpagename%3Dnet%7Cbellsouth-regdomain.duckdns%7Cnew%2520at%26t%7Colam%7C%3Bid%3D&frm=0&url=https%3A%2F%2Fbellsouth-regdomain.duckdns.org%2Fnew%2520at%26t%2Folam%2F%3FcallingSystemId%3DeCare%26key%3Decare%26returnURL%3Dhttps%3A%2F%2Fwww.att.com%2F&tiba=AT%26T%20-%20Login&hn=www.googleadservices.com&async=1 HTTP 302
- https://www.google.com/pagead/1p-user-list/999036414/?random=1589243347820&cv=9&fst=1589241600000&num=1&fmt=3&bg=ffffff&hl=EN&guid=ON&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0>m=2od4t0&sendb=1&data=event%3Dpage_view%3BlineOfBusiness-hit%3DDefault%3BlineOfBusiness-session%3DDefault%3BloggedIn%3D(not%20set)%3BcustomerType%3DUNKNOWN%3BpageType-hit%3DDefault%3BpageType-session%3DDefault%3BflowCode%3DDefault%3Bliabilitytype%3DDefault%3Bcustomerproducts%3DDefault%3Bpagename%3Dnet%7Cbellsouth-regdomain.duckdns%7Cnew%2520at%26t%7Colam%7C%3Bid%3D&frm=0&url=https%3A%2F%2Fbellsouth-regdomain.duckdns.org%2Fnew%2520at%26t%2Folam%2F%3FcallingSystemId%3DeCare%26key%3Decare%26returnURL%3Dhttps%3A%2F%2Fwww.att.com%2F&tiba=AT%26T%20-%20Login&async=1&is_vtc=1&random=1851493000&resp=GooglemKTybQhCsO HTTP 302
- https://www.google.de/pagead/1p-user-list/999036414/?random=1589243347820&cv=9&fst=1589241600000&num=1&fmt=3&bg=ffffff&hl=EN&guid=ON&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0>m=2od4t0&sendb=1&data=event%3Dpage_view%3BlineOfBusiness-hit%3DDefault%3BlineOfBusiness-session%3DDefault%3BloggedIn%3D(not%20set)%3BcustomerType%3DUNKNOWN%3BpageType-hit%3DDefault%3BpageType-session%3DDefault%3BflowCode%3DDefault%3Bliabilitytype%3DDefault%3Bcustomerproducts%3DDefault%3Bpagename%3Dnet%7Cbellsouth-regdomain.duckdns%7Cnew%2520at%26t%7Colam%7C%3Bid%3D&frm=0&url=https%3A%2F%2Fbellsouth-regdomain.duckdns.org%2Fnew%2520at%26t%2Folam%2F%3FcallingSystemId%3DeCare%26key%3Decare%26returnURL%3Dhttps%3A%2F%2Fwww.att.com%2F&tiba=AT%26T%20-%20Login&async=1&is_vtc=1&random=1851493000&resp=GooglemKTybQhCsO&ipr=y
- https://www.google-analytics.com/r/collect?v=1&_v=j82&a=805369421&t=pageview&cu=USD&_s=1&dl=https%3A%2F%2Fbellsouth-regdomain.duckdns.org%2Fnew%2520at%26t%2Folam%2F%3FcallingSystemId%3DeCare%26key%3Decare%26returnURL%3Dhttps%3A%2F%2Fwww.att.com%2F&dp=%2Fnew%2520at%26t%2Folam%2F%3FcallingSystemId%3DeCare%26key%3Decare%26returnURL%3Dhttps%3A%2F%2Fwww.att.com%2F&ul=EN&de=UTF-8&dt=AT%26T%20-%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=qGBACUABB~&jid=166976527&gjid=879937149&cid=1317332166.1589243346&tid=UA-156897858-1&_gid=1492560263.1589243346&_r=1&cd1=Default&cd3=Default&cd4=(not%20set)&cd11=UNKNOWN&cd12=Default&cd13=Default&cd21=Default&cd22=EN&cd23=Default&cd24=Default&cd49=net%7Cbellsouth-regdomain.duckdns%7Cnew%2520at%26t%7Colam%7C>m=2od4t0&cd7=1317332166.1589243346&z=1024412574 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-156897858-1&cid=1317332166.1589243346&jid=166976527&_gid=1492560263.1589243346&gjid=879937149&_v=j82&z=1024412574 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-156897858-1&cid=1317332166.1589243346&jid=166976527&_v=j82&z=1024412574 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-156897858-1&cid=1317332166.1589243346&jid=166976527&_v=j82&z=1024412574&slf_rd=1&random=523161778
80 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
bellsouth-regdomain.duckdns.org/new%20at&t/olam/ |
9 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
att.js
bellsouth-regdomain.duckdns.org/new%20at&t/olam/ |
20 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
detm-container-hdr.js
www.att.com/scripts/adobe/prod/ |
92 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
_fontface.css
home.secureapp.att.net/css/sso/slid/1201/ |
0 960 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
home.secureapp.att.net/css/sso/slid/1201/ |
28 KB 29 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.5.1.min.js
home.secureapp.att.net/js/jquery/ |
83 KB 84 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.simplemodal.js
home.secureapp.att.net/js/jquery/simplemodal/ |
9 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
script.js
home.secureapp.att.net/js/sso/slid/1201/ |
53 KB 54 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
att.js
sadlib.static-app.synacor.com/client/att/ |
273 KB 84 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Button.png
home.secureapp.att.net/design/CDLS10/img/logos/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
AT&T_logo.png
home.secureapp.att.net/design/CDLS10/img/logos/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
detm-container-ftr.js
www.att.com/scripts/adobe/prod/ |
485 B 552 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mbox-contents.js
www.att.com/scripts/adobe/prod/ |
109 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ssaf-uc.js
www.att.com/scripts/ssaf_universal_client/prod/ |
138 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
edmDataManager.js
www.att.com/scripts/adobe/prod/ |
91 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
edmDataDefinition.js
www.att.com/scripts/adobe/prod/ |
108 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
detm_adobe.js
www.att.com/scripts/adobe/prod/ |
315 KB 58 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marketing.min.js
www.att.com/scripts/adobe/prod/ |
341 KB 49 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
engage.min.js
www.att.com/scripts/adobe/prod/ |
62 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
28 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
45 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eComm_Universal_AppNexus.js
pre-www.att.com/scripts/adobe/pre-www/mktg-rules/global/ |
367 B 542 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eComm_Universal_Bing.js
pre-www.att.com/scripts/adobe/pre-www/mktg-rules/global/ |
624 B 660 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eComm_Universal_Facebook.js
pre-www.att.com/scripts/adobe/pre-www/mktg-rules/global/ |
625 B 670 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mobile.css
home.secureapp.att.net/css/sso/slid/1201/ |
4 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webtrends.min.js
bellsouth-regdomain.duckdns.org/commonLogin/igate_edam/staticContent/images/SLID/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pageBg.png
home.secureapp.att.net/design/cdls10/img/ui/ |
169 B 1002 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
btnSumbit.png
home.secureapp.att.net/img/sso/slid/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
footerBg.png
home.secureapp.att.net/design/CDLS10/img/ui/ |
560 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
appnexus.js
www.att.com/scripts/adobe/prod/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
attGlobalNavHeader-bg.gif
home.secureapp.att.net/design/cdls20/img/ui/ |
149 B 981 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
att_globe_blue_80x80.png
home.secureapp.att.net/design/CDLS10/img/logos/ |
16 KB 17 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
support-icon.jpg
home.secureapp.att.net/img/sso/slid/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
txt-clear.png
home.secureapp.att.net/img/sso/slid/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ques.png
home.secureapp.att.net/img/sso/slid/ |
363 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bing.js
www.att.com/scripts/adobe/prod/ |
23 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
facebook.js
www.att.com/scripts/adobe/prod/ |
118 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gpt.js
securepubads.g.doubleclick.net/tag/js/ |
43 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.ch/adsid/ |
109 B 952 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.com/adsid/ |
109 B 171 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubads_impl_2020050602.js
securepubads.g.doubleclick.net/gpt/ |
243 KB 87 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
context.dll
home.secureapp.att.net/attportal/s/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
controllerdata
www.att.com/ssaf/ssafc/v1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
attmonetization.config.js
www.att.com/scripts/adobe/prod/attmonetization/js/ |
23 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eComm_bConsumerVisitor_DIR.js
pre-www.att.com/scripts/adobe/pre-www/mktg-rules/global/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inqChatLaunch10004119.js
att.inq.com/chatskins/launch/ |
30 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s28374068751105
smetrics.att.com/b/ss/attglobaldev/1/JS-2.11.0/ Redirect Chain
|
43 B 505 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1049001539/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1036745755/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel
bid.g.doubleclick.net/xbbe/ Frame 9774 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
128900881029137
connect.facebook.net/signals/config/ |
414 KB 105 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/999036414/ Redirect Chain
|
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0
bat.bing.com/action/ |
0 283 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pixie
ib.adnxs.com/ |
42 B 356 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/1049001539/ |
42 B 151 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/1049001539/ |
42 B 156 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/1036745755/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/1036745755/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 250 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
resolvePage
att.inq.com/tagserver/launch/ |
167 B 514 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inqChat.html
bellsouth-regdomain.duckdns.org/ Frame FC59 |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
show_companion_ad.js
pagead2.googlesyndication.com/pagead/ |
180 KB 66 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads
securepubads.g.doubleclick.net/gampad/ |
16 KB 5 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
d.agkn.com/pixel/8597/ |
43 B 584 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
amp4ads-v0.js
cdn.ampproject.org/rtv/012005012256000/ Frame ACCD |
204 KB 56 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
amp4ads-v0.js
cdn.ampproject.org/rtv/012005012256000/ Frame ACCD |
204 KB 56 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012005012256000/v0/ Frame ACCD |
98 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame ACCD |
211 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
amp4ads-host-v0.js
cdn.ampproject.org/rtv/012005012256000/ |
21 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8955425650647376986
tpc.googlesyndication.com/simgad/ Frame ACCD |
162 KB 162 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
view
securepubads.g.doubleclick.net/pcs/ Frame ACCD |
0 57 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
www.google.com/ads/measurement/ Frame ACCD |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar
pagead2.googlesyndication.com/getconfig/ |
7 KB 5 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
14 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 7A99 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8955425650647376986
tpc.googlesyndication.com/simgad/ Frame ACCD |
162 KB 162 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gen_204
pagead2.googlesyndication.com/pagead/ |
0 58 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 150 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
activeview
pagead2.googlesyndication.com/pcs/ Frame ACCD |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.att.com
- URL
- https://www.att.com/ssaf/ssafc/v1/controllerdata
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic (Online) AT&T (Telecommunication)283 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| Aes object| Base64 object| Utf8 string| hea2p string| hea2t string| output string| ctrTxt string| mid string| adobe_mc string| href undefined| analytics_app_visitor_id undefined| ts undefined| newurl object| detm_last_link_info function| e boolean| disableAudienceManager object| visitor function| isIE object| DataMappingInterface string| detm_tag_notification_key string| legacyModeKey string| detmTagsKey object| scripts object| script string| src function| satelliteDetector function| scriptExecutor string| filesadded boolean| monecontwatched function| loadAdsFile function| injectHtmlTag function| executeMonetizationTagInjection function| injectMonetization function| iterateANConfigObj function| findAccurateConfig object| detmScriptLoaderConfig function| detmScriptLoader object| detmLoader boolean| AllowDelayedLoad function| Visitor object| s_c_il number| s_c_in boolean| detmDisabled object| detmScriptExecutor function| detmDomainMapper object| detmTagControls string| path object| _satellite object| head_ab boolean| pageLoadFired function| targetView function| targetPageParams object| targetGlobalSettings function| ab$ function| ABJSFrameworkLibrary object| adobe function| mboxCreate function| mboxDefine function| mboxUpdate string| AB_LOCATION_CHANGE object| ddo function| AnalyticsNotificationFramework boolean| DMviaDM function| edmDataManager function| docReady function| master_ddo function| master_dmf function| emptyObject function| $setCacheVar number| $initTimestamp object| bits string| loadOn string| reqKey number| customerMaxDepth boolean| listnerFlag number| ddoCheckEventInterval object| legacy_ddo string| addressBarFullURL string| viewOnlineBill object| legacy_DataMappingInterface function| setMapUrls function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_ActivityMap string| j function| E function| AppMeasurement_Module_Media function| AppMeasurement_Module_AudienceManagement function| AppMeasurement function| s_gi function| s_pgicq function| DIL number| s_objectID number| s_giq object| s_att string| gaMeasurementID object| domainName object| linker number| ga_checkOutStep number| ga_pageLoadCount function| loadMarketingFile function| getCookie function| getQueryVariable function| setCookie function| gtag object| google_tag_manager object| dataLayer object| google_tag_data string| GoogleAnalyticsObject function| ga string| evtAction string| evtCode string| successFlag string| statusMessage string| errorType string| linkName string| linkPosition string| linkDestinationUrl string| chatInviteType string| chatSessionId string| chatBusinessUnit string| chatAgentGroup string| pageName object| chatLaunchedListener object| chatEngagedListener object| c2cStateChanged object| InqRegistry object| antiClickjack undefined| noFrameBusting function| $ function| jQuery string| agent string| ORIGINATION_POINT_URL string| RETURN_URL string| CANCEL_URL function| getWindowWidth function| getWindowHeight function| GetURLParameter function| setRegURL function| logPgvw function| refer function| submitForm function| trimAll function| chkTick function| unchkTick function| getElementsByClassName function| btnChange function| acctSelBtnEnable function| ie6Img function| getYadContents function| init undefined| countdownElement function| overlay function| cancelLoad function| Redirecturl string| focusableElementsString function| trapTabKey function| supportRedirect function| webtrendsAsyncInit function| pixie object| gaplugins object| gaGlobal object| gaData function| detmExecuteFooter undefined| q1Zidx string| q2Zidx object| uetq string| attSid function| fbq function| _fbq function| UET function| GooglemKTybQhCsO function| google_trackConversion object| Sadlib_Config object| TN8 object| SW_Config object| rubicontag object| googletag object| Sadlib object| SynDetectPii object| sadlib object| ggeac object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken number| google_srt function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| aTmp undefined| accountInFocusType boolean| sameAcctFlag string| metaPN object| aPattern object| val object| detmEventHandler string| tempPageOwnership string| altSegmentType string| liabilityType string| enterpriseType string| companyName string| agreementNumber string| tempABFURL string| tempVS string| temp81 string| tempReferrer string| employeeId string| employeeSegment string| bargainInd object| tempEvent number| aplevt object| internal string| tempPmtArrange string| temp29 string| url string| viewedUIExperience string| wdf object| tempc49 string| result undefined| tempSkuQty undefined| tempSkuPrice undefined| tempSku string| tempPageUrl string| temp88 string| temp_LOB string| temp_devMake string| temp_devModel string| temp_devOS string| temp_devType string| temp_devPIFunc string| temp_devPIFG string| temp61 string| adbPNCheck object| adbTempPLImpObj object| s_i_attglobaldev undefined| comScore object| GooglebQhCsO object| appMonetizationFtrUnitsConfig undefined| cookies undefined| cookie undefined| eqPos undefined| cookieName undefined| host undefined| s undefined| params undefined| query undefined| qs function| getParentV3LanderConfig function| getOpenerV3LanderConfig function| getV3LanderConfigProperty object| v3LanderConfig object| v3Lander function| googleCompanionsServicePresent function| googleGetCompanionAdSlots function| googleSetCompanionAdContents function| google_show_companion_ad function| google_show_companion_ad_in_slot function| google_get_companion_slot_params function| google_companion_error function| google_companion_loaded function| google_increment_num_ad_mouseovers string| google_ad_output string| google_flash_version boolean| google_webgl_support string| google_ad_section string| google_country number| __google_ad_urls_id number| google_unique_id object| ampInaboxIframes object| ampInaboxPendingMessages object| __AMP_LOG object| __AMP_ERRORS boolean| ampInaboxInitialized object| __AMP_MODE function| __AMP_REPORT_ERROR object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| AMP object| GoogleGcLKhOms object| google_image_requests5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
bellsouth-regdomain.duckdns.org/ | Name: pses Value: {"id":"cj2x20jqrp6","start":1589243346516,"last":1589243346517} |
|
bellsouth-regdomain.duckdns.org/ | Name: IV_JCT Value: %2FcommonLogin |
|
.bellsouth-regdomain.duckdns.org/ | Name: _gid Value: GA1.3.1492560263.1589243346 |
|
.bellsouth-regdomain.duckdns.org/ | Name: _ga Value: GA1.3.1317332166.1589243346 |
|
.bellsouth-regdomain.duckdns.org/ | Name: _gcl_au Value: 1.1.2091937703.1589243346 |
33 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
adservice.google.ch
adservice.google.com
att.inq.com
bat.bing.com
bellsouth-regdomain.duckdns.org
bid.g.doubleclick.net
cdn.ampproject.org
connect.facebook.net
d.agkn.com
googleads.g.doubleclick.net
home.secureapp.att.net
ib.adnxs.com
pagead2.googlesyndication.com
pre-www.att.com
sadlib.static-app.synacor.com
securepubads.g.doubleclick.net
smetrics.att.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.att.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.att.com
104.111.216.57
144.160.36.70
172.217.16.162
172.217.18.98
185.33.220.145
206.17.25.188
212.1.211.227
2600:9000:2016:e200:19:fc2c:a140:93a1
2620:1ec:c11::200
2a00:1450:4001:808::2004
2a00:1450:4001:815::2001
2a00:1450:4001:816::2002
2a00:1450:4001:81b::2001
2a00:1450:4001:81d::200e
2a00:1450:4001:821::2002
2a00:1450:4001:824::2002
2a00:1450:4001:825::2003
2a00:1450:400c:c04::9a
2a02:26f0:6a:582::2db1
2a02:26f0:6c00:192::2db1
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
69.168.104.86
74.125.133.155
01a7e22fd83c617ff55898233518c54a9ecce7e0de3e8a63c4fa59315b029c6b
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1c592a51351836456628c2cb9a7dd86d41257d821f8926b137c8f5c63aaf0ca3
1d21ac452c51e830f10717e89b5dc07ea4b216ca292d5c08cd891f106c82b16a
20f2b7c4f6f460542ac14424e621a9aa42dbdd98447feb325b3e81e322598860
230d91b44ffd4de6a3cfe521b2560e5ed59763df51a5de76fc01513787fb1682
253ba2898669fa238d51640d65eed78186d522d8e2325d6fb3e75529979df7b1
2618037936808d2e605fc238511168fbb62f0b94daad18a556f25a711d496ad6
27da51ec2023f96407f92161ddda0e290b0661a765822ff03e5d61f3aecf8aa0
2ec6b828f84ae13a1b4a59ab8ea34eb04cdd0f5a0689a9039e59f755e91c454c
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
46ea6b38645fd619b32070248fa33c56711af1d2ec28ba3bac95234305516c6f
4b03bd51dfcc67317d385fb31588360ba04963f343cd45320c5787f241e7b8f8
560c27eb8737dad9980b0534470fc68b7ea87c5ef6139e65cd36cb1698ec29e2
595d5a1142e4fb8e86a6fdce3dc11b6d108b7441081a99c7189a6bb72a699097
5a61e3be6ed1f8b23b43ac97c6feb1f70358bf13ec89e6242f2615865c05835b
5fd69c4fa9f1a2a6fbdab11ff45053dbd08237e6190dfc9c071fadd08fe9b7d5
601f450bfc37544f6ebbdcbecf66d18121b3a6c99ff9ab31994769f1b08f6e86
61e91515aaf72cba3014a136331a138eca6b27831c8f2e6b0c128825243f5263
64697dd950d251e2e82ca5a125f9de74aedb2588b8d8d5e2c81ad6f3f0e0c83c
699696c04792ff4f7a3376b543d8dac715a9a7c79df987cc109c3aadd0a5e58f
6bddb070fcdad142cc35efa64f3ba2401865e8a5f52ede675f23f7251da166ae
6e6637b17028547b196959ec2665cfce8b313bf36bb24a2c1dbb731fc5f3b49e
70b5a6613f03d3c015d826185e39839e6dbc2d03871f151bafbed5cc58503f69
764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b
847c86ae982abe9180233276125b930b4a1b6f1bd12649b0c07535c1e984def8
870b439647b2411a1eaf5c8345610ab3b1fbe724b8a8bba683541dfc2cddc0bb
87b97fc1f196c9c8c17a5aae1189ebef7feddf056858aa7b876405154881b6b3
8e6ec1efd720fba57823309829b05bb57ebb5716c813c88b3c88cf36ab9aa5e9
8f2bd0a17eb55b38e352473212fa4e8b189b30eadff241548f19c071807bb9c5
916cb73c04adcb14e4a68cf6629fcbe117b4373da371f06df064dc8e04ae8052
9880eb5b6a6b1dec8f568c14a1a5be755c460d2ea2df66fa7b5e6b99227f7128
988641b4f321545ad3442931ec546f6f66e9e043f77e05772e623c3ec3b4666f
9f26c2e906a6c2fae8e4f0dad17e97d2a499926a49e57c723db2c0a40df375c4
a09a45d621b5fa4d93adf280db5b51b3449cb12e1e1de5f0b38a6d7d0fbfad9d
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a5182fbd8bbbbc358b704a5a070ffad58bd079b7800803935d9e3b2b8b9c5d87
a8c89bb3937cdc4a70b3568eae5a390d918433be78f89deba07846932ae7c695
aba6cac62a8afefb6941267c9925445094f66f80f2ecb5eb547112c434dc7f80
c4b5c1f949f059e3abb05ddcb7cc9944f8c16811e0eb1db9003bc5f8a4eb0634
c537cf7e2770d1b4953255dfccff8e0bdbfd4adb4e88d868e353208ae7ff13c1
cc8914c6285956a2af752d4c742b2e8dc46907f331624555ceaaf4f829ee34a9
cdda804f5bc3e5e92c8b19e500d72b4b833de11250129e301641e4b0b6017b5e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d11e529716dcfafaa7b0f61aa2ba8d0058e5fcc5ef05ffaf26fb45cf6569505d
d2b891e379840927eaf16ac1147b0e270c409d7a9e2655dd866a175b996dea9c
d4c3c551975feb2886098a9c60d8b516541baaf7f464a7942c6f452b39e12293
dd0c4ff5bc4e85bcd1ff717afc9d15b8274efe8e644542489bc31fae0346541b
dfa35aa4643a991e1d2ec6e3562e1a0465174c7200a7572c92619904bb08530f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecdb30efb8b7b54e2fe8fddc0719e57c766bca740a3717e8b36f6f67777d2bbc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0517f76184f899b738515a124efe8f335f585847387b8889dfa7c0fb132f75a
f3c4c5df425cfbdf20f92e94880d8715bce2a4473b0d04b27687483636febcf1
f812581fdc45af5c663831b50c0c20465677b0c77f43b68ecac22d459a98a299
f982bc8006d6e242f3ac3a3bce4f11ff5c24839cec43f546b5066b926ab27f9d
fb6fdfa494d6b35ce3fb21b1c2eba4a1899f209e0dd2e1c015523ddff3455e99
fdee766a03e4032897a2cd75326c135d8e938592bfb00f12ed5b4eb223f54c3f