e-firme.ro Open in urlscan Pro
89.38.129.80 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://e-firme.ro/sbcglobal/login.htm
Submission: On May 18 via automatic, source phishtank (May 18th 2017, 7:51:03 pm UTC)

Summary HTTP 52 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 15 IPs in 4 countries across 13 domains to perform 52 HTTP transactions. The main IP is 89.38.129.80, located in Bucharest, Romania and belongs to ETP-AS, RO. The main domain is e-firme.ro.

This is the only time e-firme.ro was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: AT&T (Telecommunication)

Domain & IP information

	IP Address	AS Autonomous System
3	89.38.129.80 89.38.129.80	31244 (ETP-AS) (ETP-AS)
14	2001:1890:1c0... 2001:1890:1c01:2::42	7018 (ATT-INTER...) (ATT-INTERNET4 - AT&T Services)
1	69.168.96.158 69.168.96.158	36271 (SYNACOR-C...) (SYNACOR-CLUSTER - Synacor)
12	2a02:26f0:78:... 2a02:26f0:78:19f::2db1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	54.194.240.68 54.194.240.68	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	66.235.148.129 66.235.148.129	15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.)
4	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE - Google Inc.)
3	172.217.22.2 172.217.22.2	15169 (GOOGLE) (GOOGLE - Google Inc.)
4	2a00:1450:400... 2a00:1450:4001:81a::2001	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	2a00:1450:401... 2a00:1450:401b:801::2004	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	13.107.21.200 13.107.21.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1	2a00:1450:401... 2a00:1450:401b:802::2003	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	2a03:2880:f01... 2a03:2880:f01c:9:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK - Facebook)
2	206.17.25.188 206.17.25.188	17231 (ATT-CERFN...) (ATT-CERFNET-BLOCK - AT&T Enhanced Network Services)
52	15

3 89.38.129.80 (Bucharest, Romania)

ASN31244 (ETP-AS, RO)
PTR: server.vado.ro

e-firme.ro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2001:1890:1c01:2::42 (United States)

ASN7018 (ATT-INTERNET4 - AT&T Services, Inc., US)

home.secureapp.att.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.168.96.158 (Buffalo, United States)

ASN36271 (SYNACOR-CLUSTER - Synacor, Inc., US)

sadlib.static-app.synacor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:26f0:78:19f::2db1 (European Union)

ASN20940 (AKAMAI-ASN1, US)

www.att.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.194.240.68 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-194-240-68.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.235.148.129 (Lehi, United States)

ASN15224 (OMNITURE - Adobe Systems Inc., US)
PTR: *.d1.sc.omtrdc.net

metrics.att.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:821::2002 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.22.2 (Mountain View, United States)

ASN15169 (GOOGLE - Google Inc., US)
PTR: fra16s14-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81a::2001 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:401b:801::2004 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.21.200 (Redmond, United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:401b:802::2003 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:9:face:b00c:0:1 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

ad.atdmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 206.17.25.188 (United States)

ASN17231 (ATT-CERFNET-BLOCK - AT&T Enhanced Network Services, US)

att.inq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	att.net home.secureapp.att.net	195 KB
13	att.com www.att.com metrics.att.com	225 KB
6	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	193 KB
4	doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net	69 KB
3	demdex.net dpm.demdex.net fast.att.demdex.net Failed	777 B
3	e-firme.ro e-firme.ro	248 KB
2	inq.com att.inq.com	9 KB
1	atdmt.com ad.atdmt.com	42 B
1	google.de www.google.de	42 B
1	bing.com bat.bing.com
1	google.com www.google.com
1	googletagservices.com www.googletagservices.com	1 KB
1	synacor.com sadlib.static-app.synacor.com	25 KB
52	13

	Domain	Requested by
14	home.secureapp.att.net	e-firme.ro home.secureapp.att.net
12	www.att.com	e-firme.ro
4	tpc.googlesyndication.com	securepubads.g.doubleclick.net
3	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net e-firme.ro
3	dpm.demdex.net	e-firme.ro
3	e-firme.ro	att.inq.com
2	att.inq.com	www.att.com att.inq.com
2	pagead2.googlesyndication.com	securepubads.g.doubleclick.net e-firme.ro
1	googleads.g.doubleclick.net	e-firme.ro
1	ad.atdmt.com
1	www.google.de
1	bat.bing.com	e-firme.ro
1	www.google.com	securepubads.g.doubleclick.net
1	www.googletagservices.com	sadlib.static-app.synacor.com
1	metrics.att.com	www.att.com
1	sadlib.static-app.synacor.com	e-firme.ro
0	fast.att.demdex.net Failed	www.att.com
52	17

This site contains links to these domains. Also see Links.

Domain
www.att.net
www.att.com
uverseonline.att.net
elportal.att.net
home.secureapp.att.net

Subject Issuer	Validity	Valid
home.secureapp.att.net Symantec Class 3 Secure Server CA - G4	`2016-09-07` - `2017-10-15`	a year	crt.sh
*.att.com Symantec Class 3 Secure Server CA - G4	`2017-01-04` - `2018-03-30`	a year	crt.sh
*.g.doubleclick.net Google Internet Authority G2	`2017-05-03` - `2017-07-26`	3 months	crt.sh
tpc.googlesyndication.com Google Internet Authority G2	`2017-05-03` - `2017-07-26`	3 months	crt.sh
*.inq.com GeoTrust SSL CA - G3	`2016-11-15` - `2019-12-01`	3 years	crt.sh

This page contains 4 frames:

Primary Page: http://e-firme.ro/sbcglobal/login.htm
Frame ID: 29393.1
Requests: 43 HTTP requests in this frame

Frame: http://fast.att.demdex.net/dest5.html?d_nsid=0
Frame ID: 29393.2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20170517/r20110914/client/ext/m_window_focus_non_hydra.js
Frame ID: 29393.3
Requests: 8 HTTP requests in this frame

Frame: http://e-firme.ro/inqChat.html?IFRAME
Frame ID: 29393.5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

52
Requests

63 %
HTTPS

50 %
IPv6

13
Domains

17
Subdomains

15
IPs

4
Countries

966 kB
Transfer

1940 kB
Size

6
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: http://www.att.net/
Title: att.net

Search URL Search Domain Scan URL

URL: http://www.att.com/
Title: att.com

Search URL Search Domain Scan URL

URL: http://uverseonline.att.net/
Title: uverse.com

Search URL Search Domain Scan URL

URL: http://elportal.att.net/
Title: En Español

Search URL Search Domain Scan URL

URL: https://www.att.com/esupport/index.jsp?App_ID=PBY
Title: AT&T Support

Search URL Search Domain Scan URL

URL: https://www.att.com/olam/unauth/enterEmailForgotId.myworld?origination_point=att.net&Return_URL=http://www.att.net&Cancel_URL=http://www.att.net
Title: Forgot User ID/Email Address?

Search URL Search Domain Scan URL

URL: https://home.secureapp.att.net/attportal/s/context.dll?id=9002001&type=clickthru&name=cgate.Register.Pageviews.www-att-net&redirecturl=https://attreg.att.net/PortalRegWeb/PortalRegController?callingAppId=OP&returnUrl=

Search URL Search Domain Scan URL

URL: http://www.att.net/s/context.dll?id=1400&type=clickthru&name=global.footer.att.support&redirecturl=https://www.att.com/esupport/index.jsp?App_ID=PBY
Title: AT&T Support

Search URL Search Domain Scan URL

URL: http://www.att.net/s/context.dll?id=1400&type=clickthru&name=global.footer.att.adinfo&redirecturl=http://www.att.net/legal/advertising
Title: Advertise with Us

Search URL Search Domain Scan URL

URL: http://www.att.net/s/context.dll?id=1400&type=clickthru&name=global.footer.att.TOS&redirecturl=http://www.att.com/shop/internet/att-internet-terms-of-service.jsp
Title: Terms of Service

Search URL Search Domain Scan URL

URL: http://www.att.net/s/context.dll?id=1400&type=clickthru&name=global.footer.att.copyright&redirecturl=http://info.yahoo.com/copyright/details.html
Title: Copyright

Search URL Search Domain Scan URL

URL: http://www.att.net/s/context.dll?id=1400&type=clickthru&name=global.footer.att.privacy&redirecturl=http://att.yahoo.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://www.att.net/s/context.dll?id=1400&type=clickthru&name=global.footer.att.aboutourads&redirecturl=http://info.yahoo.com/privacy/us/yahoo/attandyahoo/adchoices.html
Title: About Our Ads

Search URL Search Domain Scan URL

URL: http://www.att.net/s/context.dll?id=1400&type=clickthru&name=global.footer.att.AUP&redirecturl=http://www.corp.att.com/aup/
Title: Acceptable Use Policy

Search URL Search Domain Scan URL

URL: http://www.att.net/s/context.dll?id=1400&type=clickthru&name=global.footer.att.IP&redirecturl=http://www.att.com/gen/privacy-policy?pid=2587
Title: Copyright © 2015 AT&T Intellectual Property

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request 5

http://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/satelliteLib-bee1ce9b89e943a46b1dfd167adc564fe75eef37.js
https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/satelliteLib-bee1ce9b89e943a46b1dfd167adc564fe75eef37.js

Request 7

http://dpm.demdex.net/id?d_visid_ver=2.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=55633F7A534535110A490D44%40AdobeOrg&d_nsid=0&ts=1495137051587
http://dpm.demdex.net/id/rd?d_visid_ver=2.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=55633F7A534535110A490D44%40AdobeOrg&d_nsid=0&ts=1495137051587

Request 8

http://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/mbox-contents-3fe7f1ac02f9f751c9c175021a5f0779a4287d23.js?12d3b145
https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/mbox-contents-3fe7f1ac02f9f751c9c175021a5f0779a4287d23.js?12d3b145

Request 9

http://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-57a4ae0964746d1d040013eb.js?5606e112
https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-57a4ae0964746d1d040013eb.js?5606e112

Request 10

http://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-54dcf7c934653000164e0300.js?6fe8f30c
https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-54dcf7c934653000164e0300.js?6fe8f30c

Request 13

http://cm.everesttech.net/cm/dd?d_uuid=78639991989078113902385833038439691848
http://dpm.demdex.net/ibs:dpid=411&dpuuid=WR37GwAAAZcPIIzC

Request 14

http://www.att.com/webtrends/scripts/dcs_tag_DTM.js
https://www.att.com/webtrends/scripts/dcs_tag_DTM.js

Request 15

http://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-54dcf8ae6431650019f80200.js?3218cdbc
https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-54dcf8ae6431650019f80200.js?3218cdbc

Request 16

http://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/s-code-contents-65778bc202aa3fe01113e6b6ea6d103eda099fe5.js?6082a0c9
https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/s-code-contents-65778bc202aa3fe01113e6b6ea6d103eda099fe5.js?6082a0c9

Request 37

https://home.secureapp.att.net/attportal/s/context.dll?id=9002001&type=clickthru&name=cgate.signIn.Pageviews.www-att-net&redirecturl=/i/s.gif?nocache=9815
https://home.secureapp.att.net/i/s.gif?nocache=9815

Request 38

http://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-5824e59764746d0663001815.js?125ce255
https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-5824e59764746d0663001815.js?125ce255

Request 39

http://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-583d593b64746d1bdc003fe1.js?79a483f1
https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-583d593b64746d1bdc003fe1.js?79a483f1

Request 40

http://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-5902439064746d5a880062b0.js?95d25e00
https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-5902439064746d5a880062b0.js?95d25e00

Request 41

http://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-5668bfa964746d342a005ca3.js?a4c763dc
https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-5668bfa964746d342a005ca3.js?a4c763dc

Request 44

http://www.google.com/ads/user-lists/1070858700/?value=0&guid=ON&script=0&cdct=2&random=2709536440&fpvtc=/1070858700/%3Fvalue%3D0%26guid%3DON%26script%3D0%26random%3D1238847623%26cdct%3D2
http://www.google.de/ads/user-lists/1070858700/?value=0&guid=ON&script=0&cdct=2&random=2709536440&fpvtc=/1070858700/%3Fvalue%3D0%26guid%3DON%26script%3D0%26random%3D1238847623%26cdct%3D2&ipr=y&ulfeg=n

Request 45

http://rc.rlcdn.com/399466.gif
http://ad.atdmt.com/m/img;m=11022202176866;cache=?LRID=4cfcd37c79c49d28da0c582e39a025181b1fce4be2f71a18b3a1f5c0ed5fce1e30e6d31060148770

Request 47

http://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-567046aa64746d0712008241.js?e30d9d9c
https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-567046aa64746d0712008241.js?e30d9d9c

52 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request login.htm Show response
e-firme.ro/sbcglobal/ 6 KB
6 KB 73ms
37ms Document
text/html 89.38.129.80
ETP-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://e-firme.ro/sbcglobal/login.htm
Protocol: HTTP/1.1
Server: 89.38.129.80 Bucharest, Romania, ASN31244 (ETP-AS, RO),
Reverse DNS: server.vado.ro
Software: Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 mod_qos/11.4 PHP/5.4.31 /
Resource Hash: 2e981e9cb9afede66fc26b3870bb26e4bc0b3e6cb742e48a57267209a17bc7bd

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: e-firme.ro
Accept-Language: en-US,en;q=0.8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Cache-Control: no-cache
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Thu, 18 May 2017 19:50:40 GMT
Last-Modified: Thu, 12 Jan 2017 19:11:58 GMT
Server: Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 mod_qos/11.4 PHP/5.4.31
ETag: "1388372-1950-545ea7dc0bb80"
Content-Type: text/html
Connection: close
Accept-Ranges: bytes
Content-Length: 6480

GET
H/1.0 200
OK main.css
home.secureapp.att.net/css/sso/slid/1201/ 28 KB
28 KB 931ms
222ms Stylesheet
text/css 2001:1890:1c01:2::42
AT&T Services

General

Check archive.org

Show headers Download Go to

Full URL: https://home.secureapp.att.net/css/sso/slid/1201/main.css
Requested by: Host: e-firme.ro
URL: http://e-firme.ro/sbcglobal/login.htm
Protocol: HTTP/1.0
Security: TLS 1.0, RSA, AES_256_CBC
Server: 2001:1890:1c01:2::42 , United States, ASN7018 (ATT-INTERNET4 - AT&T Services, Inc., US),
Reverse DNS
Software: "" /
Resource Hash: d1c5871391c2b49ed49d8d3de067a073139d9148712cbeaebe228a21f7adf0bb

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: home.secureapp.att.net
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://e-firme.ro/sbcglobal/login.htm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://e-firme.ro/sbcglobal/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Thu, 18 May 2017 19:49:37 GMT
Last-modified: Tue, 21 Mar 2017 02:53:36 GMT
Server: ""
Etag: "6f98-58d095b0"
Content-type: text/css
Connection: keep-alive
Accept-ranges: bytes
Content-length: 28568

GET
H/1.0 200
OK jquery-1.5.1.min.js Show response
home.secureapp.att.net/js/jquery/ 83 KB
83 KB 941ms
227ms Script
application/x-javascript 2001:1890:1c01:2::42
AT&T Services

General

Check archive.org

Show headers Download Go to

Full URL: https://home.secureapp.att.net/js/jquery/jquery-1.5.1.min.js
Requested by: Host: e-firme.ro
URL: http://e-firme.ro/sbcglobal/login.htm
Protocol: HTTP/1.0
Security: TLS 1.0, RSA, AES_256_CBC
Server: 2001:1890:1c01:2::42 , United States, ASN7018 (ATT-INTERNET4 - AT&T Services, Inc., US),
Reverse DNS
Software: "" /
Resource Hash: 764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: home.secureapp.att.net
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: http://e-firme.ro/sbcglobal/login.htm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://e-firme.ro/sbcglobal/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Thu, 18 May 2017 19:49:37 GMT
Last-modified: Fri, 11 Mar 2011 22:40:27 GMT
Server: ""
Etag: "14d0c-4d7aa4db"
Content-type: application/x-javascript
Connection: keep-alive
Accept-ranges: bytes
Content-length: 85260

GET
H/1.0 200
OK jquery.simplemodal.js Show response
home.secureapp.att.net/js/jquery/simplemodal/ 9 KB
9 KB 980ms
239ms Script
application/x-javascript 2001:1890:1c01:2::42
AT&T Services

General

Check archive.org

Show headers Download Go to

Full URL: https://home.secureapp.att.net/js/jquery/simplemodal/jquery.simplemodal.js
Requested by: Host: e-firme.ro
URL: http://e-firme.ro/sbcglobal/login.htm
Protocol: HTTP/1.0
Security: TLS 1.0, RSA, AES_256_CBC
Server: 2001:1890:1c01:2::42 , United States, ASN7018 (ATT-INTERNET4 - AT&T Services, Inc., US),
Reverse DNS
Software: "" /
Resource Hash: 70b5a6613f03d3c015d826185e39839e6dbc2d03871f151bafbed5cc58503f69

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: home.secureapp.att.net
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: http://e-firme.ro/sbcglobal/login.htm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://e-firme.ro/sbcglobal/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Thu, 18 May 2017 19:49:37 GMT
Last-modified: Fri, 05 Nov 2010 18:18:06 GMT
Server: ""
Etag: "24fd-4cd44a5e"
Content-type: application/x-javascript
Connection: keep-alive
Accept-ranges: bytes
Content-length: 9469

GET
H/1.0 200
OK script.js Show response
home.secureapp.att.net/js/sso/slid/1201/ 47 KB
47 KB 994ms
247ms Script
application/x-javascript 2001:1890:1c01:2::42
AT&T Services

General

Check archive.org

Show headers Download Go to

Full URL: https://home.secureapp.att.net/js/sso/slid/1201/script.js
Requested by: Host: e-firme.ro
URL: http://e-firme.ro/sbcglobal/login.htm
Protocol: HTTP/1.0
Security: TLS 1.0, RSA, AES_256_CBC
Server: 2001:1890:1c01:2::42 , United States, ASN7018 (ATT-INTERNET4 - AT&T Services, Inc., US),
Reverse DNS
Software: "" /
Resource Hash: f5d3bada8b3783f092d038170aa4359d79be4c1f275d98a7ecf48b87cd096ce3

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: home.secureapp.att.net
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: http://e-firme.ro/sbcglobal/login.htm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://e-firme.ro/sbcglobal/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Thu, 18 May 2017 19:49:37 GMT
Last-modified: Tue, 21 Mar 2017 04:37:54 GMT
Server: ""
Etag: "bb1b-58d0ae22"
Content-type: application/x-javascript
Connection: keep-alive
Accept-ranges: bytes
Content-length: 47899

GET
H/1.1 200
OK att.js Show response
sadlib.static-app.synacor.com/client/att/ 66 KB
25 KB 283ms
124ms Script
text/javascript 69.168.96.158
Synacor

General

Check archive.org

Show headers Download Go to

Full URL: http://sadlib.static-app.synacor.com/client/att/att.js
Requested by: Host: e-firme.ro
URL: http://e-firme.ro/sbcglobal/login.htm
Protocol: HTTP/1.1
Server: 69.168.96.158 Buffalo, United States, ASN36271 (SYNACOR-CLUSTER - Synacor, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: a63441b39edfd29139d7ca4f8dc06e8d77c0c50b0b2c76f7d735fcdc5b240231

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: sadlib.static-app.synacor.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: http://e-firme.ro/sbcglobal/login.htm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://e-firme.ro/sbcglobal/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Thu, 18 May 2017 19:50:51 GMT
Content-Encoding: gzip
Age: 295
P3P: CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
Connection: keep-alive
Content-Length: 25718
Access-Control-Allow-Origin: *
Last-Modified: Mon, 08 May 2017 15:45:21 GMT
Server: nginx
ETag: "108db-54f05206d0640"
Vary: Accept-Encoding
X-Varnish: 2248289566 2247862845
Via: 1.1 varnish
Cache-Control: max-age=300
Accept-Ranges: bytes
Content-Type: text/javascript
Expires: Thu, 18 May 2017 19:50:56 GMT

GET
H2

200

satelliteLib-bee1ce9b89e943a46b1dfd167adc564fe75eef37.js Show response
www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/
Redirect Chain

http://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/satelliteLib-bee1ce9b89e943a46b1dfd167adc564fe75eef37.js
https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/satelliteLib-bee1ce9b89e943a46b1dfd167adc564fe75eef37.js

382 KB
79 KB

35ms
15ms

Script
application/javascript

2a02:26f0:78:19f::2db1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/satelliteLib-bee1ce9b89e943a46b1dfd167adc564fe75eef37.js

Requested by

Host: e-firme.ro
URL: http://e-firme.ro/sbcglobal/login.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:78:19f::2db1 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Apache /

Resource Hash

bb6da1203bee515ba5bd147b40d3eae8f05473d83e495c9e2e9bbfb19fcca72d

Security Headers

Name	Value
Strict-Transport-Security	max-age=7200;

Request headers

:path: /scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/satelliteLib-bee1ce9b89e943a46b1dfd167adc564fe75eef37.js
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.att.com
cookie: TLTSID=8AA3FB0D54EDFC2CC1923A54873243B0
:scheme: https
referer: http://e-firme.ro/sbcglobal/login.htm
:method: GET
Referer: http://e-firme.ro/sbcglobal/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Thu, 18 May 2017 19:50:50 GMT
content-encoding: gzip
last-modified: Wed, 17 May 2017 18:47:56 GMT
server: Apache
etag: "5f7c2-54fbcb9f76f00"
vary: Accept-Encoding
content-type: application/javascript
status: 200
uxtime: WR3qkZCgOd8AAXknoUIAAABh D=46492
cache-control: max-age=900
strict-transport-security: max-age=7200;
accept-ranges: bytes
content-length: 80313
expires: Thu, 18 May 2017 20:05:50 GMT

Redirect headers

Date: Thu, 18 May 2017 19:50:50 GMT
Server: AkamaiGHost
Strict-Transport-Security: max-age=7200;
Location: https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/satelliteLib-bee1ce9b89e943a46b1dfd167adc564fe75eef37.js
Set-Cookie: TLTSID=8AA3FB0D54EDFC2CC1923A54873243B0; expires=Fri, 19-May-2017 19:50:50 GMT; path=/; domain=.att.com
Cache-Control: max-age=900
Connection: keep-alive
Content-Length: 0
Expires: Thu, 18 May 2017 20:05:50 GMT

GET
H/1.0 200
OK mobile.css
home.secureapp.att.net/css/sso/slid/1201/ 4 KB
4 KB 114ms
113ms Stylesheet
text/css 2001:1890:1c01:2::42
AT&T Services

General

Check archive.org

Show headers Download Go to

Full URL: https://home.secureapp.att.net/css/sso/slid/1201/mobile.css
Requested by: Host: e-firme.ro
URL: http://e-firme.ro/sbcglobal/login.htm
Protocol: HTTP/1.0
Security: TLS 1.0, RSA, AES_256_CBC
Server: 2001:1890:1c01:2::42 , United States, ASN7018 (ATT-INTERNET4 - AT&T Services, Inc., US),
Reverse DNS
Software: "" /
Resource Hash: 30a949cc26cd4f709fa897313f8d448b2cb724a40a170c4b8e8ce6b3aa890fd1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: home.secureapp.att.net
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://e-firme.ro/sbcglobal/login.htm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://e-firme.ro/sbcglobal/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Thu, 18 May 2017 19:49:37 GMT
Last-modified: Wed, 21 Dec 2016 10:14:45 GMT
Server: ""
Etag: "fa3-585a5615"
Content-type: text/css
Connection: keep-alive
Accept-ranges: bytes
Content-length: 4003

GET
H/1.1

302
Found

Cookie set rd
dpm.demdex.net/id/
Redirect Chain

http://dpm.demdex.net/id?d_visid_ver=2.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=55633F7A534535110A490D44%40AdobeOrg&d_nsid=0&ts=1495137051587
http://dpm.demdex.net/id/rd?d_visid_ver=2.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=55633F7A534535110A490D44%40AdobeOrg&d_nsid=0&ts=1495137051587

0
0

59ms
31ms

XHR

54.194.240.68
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://dpm.demdex.net/id/rd?d_visid_ver=2.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=55633F7A534535110A490D44%40AdobeOrg&d_nsid=0&ts=1495137051587
Requested by: Host: e-firme.ro
URL: http://e-firme.ro/sbcglobal/login.htm
Protocol: HTTP/1.1
Server: 54.194.240.68 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-194-240-68.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Pragma: no-cache
Origin: http://e-firme.ro
Accept-Encoding: gzip, deflate, sdch
Host: dpm.demdex.net
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: */*
Cache-Control: no-cache
Referer: http://e-firme.ro/sbcglobal/login.htm
Connection: keep-alive
Referer: http://e-firme.ro/sbcglobal/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 May 2017 19:50:51 GMT
Access-Control-Allow-Origin: http://e-firme.ro
X-TID: zatcLSYmTYY=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: http://dpm.demdex.net/id/rd?d_visid_ver=2.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=55633F7A534535110A490D44%40AdobeOrg&d_nsid=0&ts=1495137051587
Set-Cookie: demdex=78639991989078113902385833038439691848;Path=/;Domain=.demdex.net;Expires=Tue, 14-Nov-2017 19:50:51 GMT
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 18 May 2017 19:50:51 GMT
Access-Control-Allow-Origin: http://e-firme.ro
X-TID: zatcLSYmTYY=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: http://dpm.demdex.net/id/rd?d_visid_ver=2.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=55633F7A534535110A490D44%40AdobeOrg&d_nsid=0&ts=1495137051587
Set-Cookie: demdex=78639991989078113902385833038439691848;Path=/;Domain=.demdex.net;Expires=Tue, 14-Nov-2017 19:50:51 GMT
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 2009 00:00:00 GMT

GET
H2

200

mbox-contents-3fe7f1ac02f9f751c9c175021a5f0779a4287d23.js Show response
www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/
Redirect Chain

http://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/mbox-contents-3fe7f1ac02f9f751c9c175021a5f0779a4287d23.js?12d3b145
https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/mbox-contents-3fe7f1ac02f9f751c9c175021a5f0779a4287d23.js?12d3b145

192 KB
58 KB

14ms
13ms

Script
application/javascript

2a02:26f0:78:19f::2db1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/mbox-contents-3fe7f1ac02f9f751c9c175021a5f0779a4287d23.js?12d3b145

Requested by

Host: e-firme.ro
URL: http://e-firme.ro/sbcglobal/login.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:78:19f::2db1 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Apache /

Resource Hash

16bcbf46129b48c10d3b19bbcd3b9476c081e3978220a25e5d308da42fea8d7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=7200;

Request headers

:path: /scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/mbox-contents-3fe7f1ac02f9f751c9c175021a5f0779a4287d23.js?12d3b145
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
accept: */*
cache-control: no-cache
:authority: www.att.com
cookie: TLTSID=8AA3FB0D54EDFC2CC1923A54873243B0
:scheme: https
referer: http://e-firme.ro/sbcglobal/login.htm
:method: GET
Referer: http://e-firme.ro/sbcglobal/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Thu, 18 May 2017 19:50:51 GMT
content-encoding: gzip
last-modified: Wed, 10 May 2017 17:30:54 GMT
server: Apache
etag: "300fb-54f2ed595af80"
vary: Accept-Encoding
content-type: application/javascript
status: 200
uxtime: WR3qlQoUAVsAAH6J84QAAAOE D=48965
cache-control: max-age=5184000
strict-transport-security: max-age=7200;
accept-ranges: bytes
content-length: 58739
expires: Mon, 17 Jul 2017 19:50:51 GMT

Redirect headers

Location: https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/mbox-contents-3fe7f1ac02f9f751c9c175021a5f0779a4287d23.js?12d3b145
Non-Authoritative-Reason: HSTS

GET
H2

200

satellite-57a4ae0964746d1d040013eb.js Show response
www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/
Redirect Chain

http://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-57a4ae0964746d1d040013eb.js?5606e112
https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-57a4ae0964746d1d040013eb.js?5606e112

3 KB
704 B

55ms
54ms

Script
application/javascript

2a02:26f0:78:19f::2db1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-57a4ae0964746d1d040013eb.js?5606e112

Requested by

Host: e-firme.ro
URL: http://e-firme.ro/sbcglobal/login.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:78:19f::2db1 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Apache /

Resource Hash

0c27e2f7dd8f30e8d30404ab20b4cc4d6c6980553b7e632de98b9c66a0e13b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=7200;

Request headers

:path: /scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-57a4ae0964746d1d040013eb.js?5606e112
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.att.com
cookie: TLTSID=8AA3FB0D54EDFC2CC1923A54873243B0
:scheme: https
referer: http://e-firme.ro/sbcglobal/login.htm
:method: GET
Referer: http://e-firme.ro/sbcglobal/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Thu, 18 May 2017 19:50:51 GMT
content-encoding: gzip
last-modified: Wed, 01 Feb 2017 22:01:23 GMT
server: Apache
etag: "a20-5477f3075d2c0"
vary: Accept-Encoding
content-type: application/javascript
status: 200
uxtime: WR3qlAoUAUEAAKLWmZkAAAhT D=14048
cache-control: max-age=5184000
strict-transport-security: max-age=7200;
accept-ranges: bytes
content-length: 686
expires: Mon, 17 Jul 2017 19:50:51 GMT

Redirect headers

Location: https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-57a4ae0964746d1d040013eb.js?5606e112
Non-Authoritative-Reason: HSTS

GET
H2

200

satellite-54dcf7c934653000164e0300.js Show response
www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/
Redirect Chain

http://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-54dcf7c934653000164e0300.js?6fe8f30c
https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-54dcf7c934653000164e0300.js?6fe8f30c

138 KB
28 KB

204ms
203ms

Script
application/javascript

2a02:26f0:78:19f::2db1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-54dcf7c934653000164e0300.js?6fe8f30c

Requested by

Host: e-firme.ro
URL: http://e-firme.ro/sbcglobal/login.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:78:19f::2db1 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Apache /

Resource Hash

04189b4727df128542c5431d99a78f7d7d692c8eb1c7b9d399181b413c783c21

Security Headers

Name	Value
Strict-Transport-Security	max-age=7200;

Request headers

:path: /scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-54dcf7c934653000164e0300.js?6fe8f30c
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
accept: */*
cache-control: no-cache
:authority: www.att.com
cookie: TLTSID=8AA3FB0D54EDFC2CC1923A54873243B0
:scheme: https
referer: http://e-firme.ro/sbcglobal/login.htm
:method: GET
Referer: http://e-firme.ro/sbcglobal/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Thu, 18 May 2017 19:50:51 GMT
content-encoding: gzip
last-modified: Wed, 17 May 2017 18:46:34 GMT
server: Apache
etag: "226de-54fbcb5143680"
vary: Accept-Encoding
content-type: application/javascript
status: 200
uxtime: WR3qlgoUAVsAAH6J85AAAAOE D=25596
cache-control: max-age=5184000
strict-transport-security: max-age=7200;
accept-ranges: bytes
content-length: 28099
expires: Mon, 17 Jul 2017 19:50:51 GMT

Redirect headers

Location: https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-54dcf7c934653000164e0300.js?6fe8f30c
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK Cookie set rd Show response
dpm.demdex.net/id/ 2 KB
735 B 34ms
33ms XHR
application/json 54.194.240.68
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://dpm.demdex.net/id/rd?d_visid_ver=2.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=55633F7A534535110A490D44%40AdobeOrg&d_nsid=0&ts=1495137051587
Requested by: Host: e-firme.ro
URL: http://e-firme.ro/sbcglobal/login.htm
Protocol: HTTP/1.1
Server: 54.194.240.68 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-194-240-68.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2d7bbc64919b386b22d801019cc7e75a570a53b99e946eb162b53e88768a389c

Request headers

Pragma: no-cache
Origin: http://e-firme.ro
Accept-Encoding: gzip, deflate, sdch
Host: dpm.demdex.net
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: */*
Cache-Control: no-cache
Referer: http://e-firme.ro/sbcglobal/login.htm
Cookie: demdex=78639991989078113902385833038439691848
Connection: keep-alive
X-DevTools-Emulate-Network-Conditions-Client-Id: 4b44081d-e76a-4976-a965-8dd0442c3d98
Origin: http://e-firme.ro
Referer: http://e-firme.ro/sbcglobal/login.htm
X-DevTools-Request-Id: 29393.15
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: irl1-prod-dcs-050c084cd8f5e5677.edge-irl1.demdex.com 5.10.0.20170425201447 4ms
Pragma: no-cache
Date: Thu, 18 May 2017 19:50:51 GMT
Content-Encoding: gzip
X-TID: IqZV0JKrRmU=
Vary: Origin Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: http://e-firme.ro
Set-Cookie: demdex=78639991989078113902385833038439691848;Path=/;Domain=.demdex.net;Expires=Tue, 14-Nov-2017 19:50:51 GMT
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=UTF-8
Content-Length: 735
Expires: Thu, 01 Jan 2009 00:00:00 GMT

GET
H/1.1 200
OK id Show response
metrics.att.com/ 49 B
49 B 56ms
19ms XHR
application/x-javascript 66.235.148.129
Adobe Systems Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://metrics.att.com/id?d_visid_ver=2.0.0&d_fieldgroup=A&mcorgid=55633F7A534535110A490D44%40AdobeOrg&mid=78724745243033805082413369493119541354&ts=1495137051686
Requested by: Host: www.att.com
URL: https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/satelliteLib-bee1ce9b89e943a46b1dfd167adc564fe75eef37.js
Protocol: HTTP/1.1
Server: 66.235.148.129 Lehi, United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS: *.d1.sc.omtrdc.net
Software: Omniture DC/2.0.0 /
Resource Hash: 0afb17fdc1a02a9f4346d4f194555b4a66dad5a18c55095e14a4cb04acaaa3f5

Request headers

Pragma: no-cache
Origin: http://e-firme.ro
Accept-Encoding: gzip, deflate, sdch
Host: metrics.att.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: */*
Cache-Control: no-cache
Referer: http://e-firme.ro/sbcglobal/login.htm
Cookie: TLTSID=8AA3FB0D54EDFC2CC1923A54873243B0
Connection: keep-alive
Referer: http://e-firme.ro/sbcglobal/login.htm
Origin: http://e-firme.ro
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Thu, 18 May 2017 19:50:51 GMT
Server: Omniture DC/2.0.0
xserver: www69
Vary: Origin
X-C: ms-5.2.0
Content-Type: application/x-javascript
Access-Control-Allow-Origin: http://e-firme.ro
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Keep-Alive: timeout=15
Content-Length: 49

GET
H/1.1

200
OK

Cookie set ibs:dpid=411&dpuuid=WR37GwAAAZcPIIzC
dpm.demdex.net/
Redirect Chain

http://cm.everesttech.net/cm/dd?d_uuid=78639991989078113902385833038439691848
http://dpm.demdex.net/ibs:dpid=411&dpuuid=WR37GwAAAZcPIIzC

42 B
42 B

32ms
32ms

Image
image/gif

54.194.240.68
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dpm.demdex.net/ibs:dpid=411&dpuuid=WR37GwAAAZcPIIzC
Requested by: Host: e-firme.ro
URL: http://e-firme.ro/sbcglobal/login.htm
Protocol: HTTP/1.1
Server: 54.194.240.68 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-194-240-68.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: dpm.demdex.net
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://e-firme.ro/sbcglobal/login.htm
Cookie: demdex=78639991989078113902385833038439691848
Connection: keep-alive
Cache-Control: no-cache
Referer: http://e-firme.ro/sbcglobal/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

DCS: irl1-prod-dcs-8cef081a.edge-irl1.demdex.com 5.10.0.20170425201447 2ms
Pragma: no-cache
Date: Thu, 18 May 2017 19:50:51 GMT
X-TID: x2ugcXOySTw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Set-Cookie: demdex=78639991989078113902385833038439691848;Path=/;Domain=.demdex.net;Expires=Tue, 14-Nov-2017 19:50:51 GMT dpm=78639991989078113902385833038439691848;Path=/;Domain=.dpm.demdex.net;Expires=Tue, 14-Nov-2017 19:50:51 GMT
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 2009 00:00:00 GMT

Redirect headers

Date: Thu, 18 May 2017 19:50:51 GMT
Server: AMO-cookiemap/1.1
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Location: http://dpm.demdex.net/ibs:dpid=411&dpuuid=WR37GwAAAZcPIIzC
Set-Cookie: everest_g_v2=g_surferid~WR37GwAAAZcPIIzC; Domain=.everesttech.net; Expires=Sat, 18-May-2019 19:50:51 GMT; Path=/ everest_session_v2=WR37GwAAAZcPIYzC; Domain=.everesttech.net; Path=/
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=15,max=100
Content-Length: 0

GET
H2

200

dcs_tag_DTM.js Show response
www.att.com/webtrends/scripts/
Redirect Chain

http://www.att.com/webtrends/scripts/dcs_tag_DTM.js
https://www.att.com/webtrends/scripts/dcs_tag_DTM.js

297 B
223 B

60ms
60ms

Script
application/javascript

2a02:26f0:78:19f::2db1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.att.com/webtrends/scripts/dcs_tag_DTM.js

Requested by

Host: e-firme.ro
URL: http://e-firme.ro/sbcglobal/login.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:78:19f::2db1 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Apache /

Resource Hash

25c64cff5e2b58634a460cf7cd4035e58725e5769577e20a6132ed78b400de2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=7200;

Request headers

:path: /webtrends/scripts/dcs_tag_DTM.js
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.att.com
cookie: TLTSID=8AA3FB0D54EDFC2CC1923A54873243B0
:scheme: https
referer: http://e-firme.ro/sbcglobal/login.htm
:method: GET
Referer: http://e-firme.ro/sbcglobal/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Thu, 18 May 2017 19:50:51 GMT
content-encoding: gzip
last-modified: Tue, 25 Apr 2017 18:34:55 GMT
server: Apache
etag: "129-54e01fae811c0"
vary: Accept-Encoding
content-type: application/javascript
status: 200
uxtime: WR3qkZCgOesAAfalwqIAAACt D=32495
cache-control: max-age=900
strict-transport-security: max-age=7200;
accept-ranges: bytes
content-length: 205

Redirect headers

Location: https://www.att.com/webtrends/scripts/dcs_tag_DTM.js
Non-Authoritative-Reason: HSTS

GET
H2

200

satellite-54dcf8ae6431650019f80200.js Show response
www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/
Redirect Chain

http://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-54dcf8ae6431650019f80200.js?3218cdbc
https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-54dcf8ae6431650019f80200.js?3218cdbc

20 B
58 B

214ms
214ms

Script
application/javascript

2a02:26f0:78:19f::2db1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-54dcf8ae6431650019f80200.js?3218cdbc

Requested by

Host: e-firme.ro
URL: http://e-firme.ro/sbcglobal/login.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:78:19f::2db1 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Apache /

Resource Hash

abb251c405f5e06e94307d9b98a7b50900b326e1312fe80e5ef2eceee4485cec

Security Headers

Name	Value
Strict-Transport-Security	max-age=7200;

Request headers

:path: /scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-54dcf8ae6431650019f80200.js?3218cdbc
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
accept: */*
cache-control: no-cache
:authority: www.att.com
cookie: TLTSID=8AA3FB0D54EDFC2CC1923A54873243B0
:scheme: https
referer: http://e-firme.ro/sbcglobal/login.htm
:method: GET
Referer: http://e-firme.ro/sbcglobal/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Thu, 18 May 2017 19:50:52 GMT
content-encoding: gzip
last-modified: Mon, 16 Nov 2015 19:16:28 GMT
server: Apache
etag: "14-524ad3ef8fb00"
vary: Accept-Encoding
content-type: application/javascript
status: 200
uxtime: WR3qlAoUAV0AANw36q4AAAMm D=16569
cache-control: max-age=5184000
strict-transport-security: max-age=7200;
accept-ranges: bytes
content-length: 40
expires: Mon, 17 Jul 2017 19:50:52 GMT

Redirect headers

Location: https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-54dcf8ae6431650019f80200.js?3218cdbc
Non-Authoritative-Reason: HSTS

GET
H2

200

s-code-contents-65778bc202aa3fe01113e6b6ea6d103eda099fe5.js Show response
www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/
Redirect Chain

http://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/s-code-contents-65778bc202aa3fe01113e6b6ea6d103eda099fe5.js?6082a0c9
https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/s-code-contents-65778bc202aa3fe01113e6b6ea6d103eda099fe5.js?6082a0c9

121 KB
40 KB

63ms
62ms

Script
application/javascript

2a02:26f0:78:19f::2db1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/s-code-contents-65778bc202aa3fe01113e6b6ea6d103eda099fe5.js?6082a0c9

Requested by

Host: e-firme.ro
URL: http://e-firme.ro/sbcglobal/login.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:78:19f::2db1 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Apache /

Resource Hash

b2e778cd1ecec3780ea6e51c4fa9fbfc93479b98a28a1dcc05130059716546d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=7200;

Request headers

:path: /scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/s-code-contents-65778bc202aa3fe01113e6b6ea6d103eda099fe5.js?6082a0c9
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.att.com
cookie: TLTSID=8AA3FB0D54EDFC2CC1923A54873243B0
:scheme: https
referer: http://e-firme.ro/sbcglobal/login.htm
:method: GET
Referer: http://e-firme.ro/sbcglobal/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Thu, 18 May 2017 19:50:51 GMT
content-encoding: gzip
last-modified: Wed, 17 May 2017 18:46:34 GMT
server: Apache
etag: "1e29b-54fbcb5143680"
vary: Accept-Encoding
content-type: application/javascript
status: 200
uxtime: WR3qlQoUAV8AACMCEkQAAAXQ D=41927
cache-control: max-age=5184000
strict-transport-security: max-age=7200;
accept-ranges: bytes
content-length: 40756
expires: Mon, 17 Jul 2017 19:50:51 GMT

Redirect headers

Location: https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/s-code-contents-65778bc202aa3fe01113e6b6ea6d103eda099fe5.js?6082a0c9
Non-Authoritative-Reason: HSTS

GET
H/1.0 200
OK pageBg.png
home.secureapp.att.net/design/cdls10/img/ui/ 169 B
169 B 122ms
122ms Image
image/png 2001:1890:1c01:2::42
AT&T Services

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://home.secureapp.att.net/design/cdls10/img/ui/pageBg.png
Requested by: Host: e-firme.ro
URL: http://e-firme.ro/sbcglobal/login.htm
Protocol: HTTP/1.0
Security: TLS 1.0, RSA, AES_256_CBC
Server: 2001:1890:1c01:2::42 , United States, ASN7018 (ATT-INTERNET4 - AT&T Services, Inc., US),
Reverse DNS
Software: "" /
Resource Hash: c537cf7e2770d1b4953255dfccff8e0bdbfd4adb4e88d868e353208ae7ff13c1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: home.secureapp.att.net
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://home.secureapp.att.net/css/sso/slid/1201/main.css
Connection: keep-alive
Cache-Control: no-cache
Referer: https://home.secureapp.att.net/css/sso/slid/1201/main.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Thu, 18 May 2017 19:49:37 GMT
Last-modified: Tue, 11 Aug 2009 21:10:32 GMT
Server: ""
Etag: "a9-4a81de48"
Content-type: image/png
Connection: keep-alive
Accept-ranges: bytes
Content-length: 169

GET
H/1.0 200
OK btnSumbit.png
home.secureapp.att.net/img/sso/slid/ 1 KB
1 KB 111ms
111ms Image
image/png 2001:1890:1c01:2::42
AT&T Services

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://home.secureapp.att.net/img/sso/slid/btnSumbit.png
Requested by: Host: e-firme.ro
URL: http://e-firme.ro/sbcglobal/login.htm
Protocol: HTTP/1.0
Security: TLS 1.0, RSA, AES_256_CBC
Server: 2001:1890:1c01:2::42 , United States, ASN7018 (ATT-INTERNET4 - AT&T Services, Inc., US),
Reverse DNS
Software: "" /
Resource Hash: 27da51ec2023f96407f92161ddda0e290b0661a765822ff03e5d61f3aecf8aa0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: home.secureapp.att.net
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://home.secureapp.att.net/css/sso/slid/1201/main.css
Connection: keep-alive
Cache-Control: no-cache
Referer: https://home.secureapp.att.net/css/sso/slid/1201/main.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Thu, 18 May 2017 19:49:37 GMT
Last-modified: Tue, 21 Sep 2010 15:06:50 GMT
Server: ""
Etag: "573-4c98ca0a"
Content-type: image/png
Connection: keep-alive
Accept-ranges: bytes
Content-length: 1395

GET
H/1.0 200
OK footerBg.png
home.secureapp.att.net/design/CDLS10/img/ui/ 560 B
560 B 120ms
119ms Image
image/png 2001:1890:1c01:2::42
AT&T Services

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://home.secureapp.att.net/design/CDLS10/img/ui/footerBg.png
Requested by: Host: e-firme.ro
URL: http://e-firme.ro/sbcglobal/login.htm
Protocol: HTTP/1.0
Security: TLS 1.0, RSA, AES_256_CBC
Server: 2001:1890:1c01:2::42 , United States, ASN7018 (ATT-INTERNET4 - AT&T Services, Inc., US),
Reverse DNS
Software: "" /
Resource Hash: 61e91515aaf72cba3014a136331a138eca6b27831c8f2e6b0c128825243f5263

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: home.secureapp.att.net
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://home.secureapp.att.net/css/sso/slid/1201/main.css
Connection: keep-alive
Cache-Control: no-cache
Referer: https://home.secureapp.att.net/css/sso/slid/1201/main.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Thu, 18 May 2017 19:49:37 GMT
Last-modified: Fri, 17 Jul 2009 17:05:33 GMT
Server: ""
Etag: "230-4a60af5d"
Content-type: image/png
Connection: keep-alive
Accept-ranges: bytes
Content-length: 560

GET dest5.html
fast.att.demdex.net/ Frame 2939 0
0

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ 3 KB
1 KB 12ms
5ms Script
text/javascript 2a00:1450:4001:821::2002
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: sadlib.static-app.synacor.com
URL: http://sadlib.static-app.synacor.com/client/att/att.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

0fed2c496c042e1c5f24e842706a71952914f6d9db597e678b5764bc6da05d98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.googletagservices.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: http://e-firme.ro/sbcglobal/login.htm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://e-firme.ro/sbcglobal/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Thu, 18 May 2017 19:43:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 18 May 2017 15:31:00 GMT
Server: sffe
Age: 426
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1314
X-XSS-Protection: 1; mode=block
Expires: Thu, 18 May 2017 19:43:45 GMT

GET
H2 200 pubads_impl_118.js Show response
securepubads.g.doubleclick.net/gpt/ 183 KB
63 KB 21ms
6ms Script
text/javascript 172.217.22.2
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_118.js

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.217.22.2 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

110417940547624a23611dd62df0388e95b910497ea2fb958a9400714d4327d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /gpt/pubads_impl_118.js
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: securepubads.g.doubleclick.net
referer: http://e-firme.ro/sbcglobal/login.htm
:scheme: https
x-client-data: CIi2yQEIpLbJAQ==
:method: GET
Referer: http://e-firme.ro/sbcglobal/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Mon, 15 May 2017 22:46:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 248649
status: 200
alt-svc: quic=":443"; ma=2592000; v="37,36,35"
content-length: 64693
x-xss-protection: 1; mode=block
last-modified: Mon, 15 May 2017 22:09:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 May 2018 22:46:42 GMT

GET
H/1.1 200
OK container.html
tpc.googlesyndication.com/safeframe/1-0-8/html/ 3 KB
2 KB 11ms
5ms Other
text/html 2a00:1450:4001:81a::2001
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://tpc.googlesyndication.com/safeframe/1-0-8/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_118.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81a::2001 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

96d3bf038966f99afc2c91b78a83c887caf0456db1e58ed2c7be2504dde9e810

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Purpose: prefetch
Accept-Encoding: gzip, deflate, sdch
Host: tpc.googlesyndication.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: http://e-firme.ro/sbcglobal/login.htm
Connection: keep-alive
Cache-Control: no-cache
Purpose: prefetch
Referer: http://e-firme.ro/sbcglobal/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Tue, 09 May 2017 13:49:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 18 Apr 2017 21:46:52 GMT
Server: sffe
Age: 799253
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: public, immutable, max-age=31536000
Accept-Ranges: bytes
Content-Length: 1747
X-XSS-Protection: 1; mode=block
Expires: Wed, 09 May 2018 13:49:58 GMT

GET
H/1.0 200
OK txt-clear.png
home.secureapp.att.net/img/sso/slid/ 3 KB
3 KB 123ms
123ms Image
image/png 2001:1890:1c01:2::42
AT&T Services

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://home.secureapp.att.net/img/sso/slid/txt-clear.png
Requested by: Host: home.secureapp.att.net
URL: https://home.secureapp.att.net/js/jquery/jquery-1.5.1.min.js
Protocol: HTTP/1.0
Security: TLS 1.0, RSA, AES_256_CBC
Server: 2001:1890:1c01:2::42 , United States, ASN7018 (ATT-INTERNET4 - AT&T Services, Inc., US),
Reverse DNS
Software: "" /
Resource Hash: fdee766a03e4032897a2cd75326c135d8e938592bfb00f12ed5b4eb223f54c3f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: home.secureapp.att.net
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://home.secureapp.att.net/css/sso/slid/1201/main.css
Connection: keep-alive
Cache-Control: no-cache
Referer: https://home.secureapp.att.net/css/sso/slid/1201/main.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Thu, 18 May 2017 19:49:38 GMT
Last-modified: Tue, 29 Jul 2014 15:04:17 GMT
Server: ""
Etag: "cda-53d7b7f1"
Content-type: image/png
Connection: keep-alive
Accept-ranges: bytes
Content-length: 3290

GET
H/1.0 200
OK att_globe_blue_80x80.png
home.secureapp.att.net/design/CDLS10/img/logos/ 16 KB
16 KB 121ms
121ms Image
image/png 2001:1890:1c01:2::42
AT&T Services

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://home.secureapp.att.net/design/CDLS10/img/logos/att_globe_blue_80x80.png
Requested by: Host: home.secureapp.att.net
URL: https://home.secureapp.att.net/js/jquery/jquery-1.5.1.min.js
Protocol: HTTP/1.0
Security: TLS 1.0, RSA, AES_256_CBC
Server: 2001:1890:1c01:2::42 , United States, ASN7018 (ATT-INTERNET4 - AT&T Services, Inc., US),
Reverse DNS
Software: "" /
Resource Hash: dfa35aa4643a991e1d2ec6e3562e1a0465174c7200a7572c92619904bb08530f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: home.secureapp.att.net
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://home.secureapp.att.net/css/sso/slid/1201/main.css
Connection: keep-alive
Cache-Control: no-cache
Referer: https://home.secureapp.att.net/css/sso/slid/1201/main.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Thu, 18 May 2017 19:49:38 GMT
Last-modified: Fri, 20 May 2016 12:43:47 GMT
Server: ""
Etag: "40c4-573f0683"
Content-type: image/png
Connection: keep-alive
Accept-ranges: bytes
Content-length: 16580

GET
H/1.0 200
OK support-icon.jpg
home.secureapp.att.net/img/sso/slid/ 2 KB
2 KB 113ms
112ms Image
image/jpeg 2001:1890:1c01:2::42
AT&T Services

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://home.secureapp.att.net/img/sso/slid/support-icon.jpg
Requested by: Host: home.secureapp.att.net
URL: https://home.secureapp.att.net/js/jquery/jquery-1.5.1.min.js
Protocol: HTTP/1.0
Security: TLS 1.0, RSA, AES_256_CBC
Server: 2001:1890:1c01:2::42 , United States, ASN7018 (ATT-INTERNET4 - AT&T Services, Inc., US),
Reverse DNS
Software: "" /
Resource Hash: 01a7e22fd83c617ff55898233518c54a9ecce7e0de3e8a63c4fa59315b029c6b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: home.secureapp.att.net
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://home.secureapp.att.net/css/sso/slid/1201/main.css
Connection: keep-alive
Cache-Control: no-cache
Referer: https://home.secureapp.att.net/css/sso/slid/1201/main.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Thu, 18 May 2017 19:49:38 GMT
Last-modified: Mon, 26 Jul 2010 21:26:50 GMT
Server: ""
Etag: "615-4c4dfd9a"
Content-type: image/jpeg
Connection: keep-alive
Accept-ranges: bytes
Content-length: 1557

GET
H/1.0 200
OK attGlobalNavHeader-bg.gif
home.secureapp.att.net/design/cdls20/img/ui/ 149 B
149 B 116ms
115ms Image
image/gif 2001:1890:1c01:2::42
AT&T Services

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://home.secureapp.att.net/design/cdls20/img/ui/attGlobalNavHeader-bg.gif
Requested by: Host: home.secureapp.att.net
URL: https://home.secureapp.att.net/js/jquery/jquery-1.5.1.min.js
Protocol: HTTP/1.0
Security: TLS 1.0, RSA, AES_256_CBC
Server: 2001:1890:1c01:2::42 , United States, ASN7018 (ATT-INTERNET4 - AT&T Services, Inc., US),
Reverse DNS
Software: "" /
Resource Hash: 9880eb5b6a6b1dec8f568c14a1a5be755c460d2ea2df66fa7b5e6b99227f7128

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: home.secureapp.att.net
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://home.secureapp.att.net/css/sso/slid/1201/main.css
Connection: keep-alive
Cache-Control: no-cache
Referer: https://home.secureapp.att.net/css/sso/slid/1201/main.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Thu, 18 May 2017 19:49:38 GMT
Last-modified: Thu, 26 Apr 2012 21:04:53 GMT
Server: ""
Etag: "95-4f99b875"
Content-type: image/gif
Connection: keep-alive
Accept-ranges: bytes
Content-length: 149

GET
H/1.0 200
OK ques.png
home.secureapp.att.net/img/sso/slid/ 363 B
363 B 224ms
111ms Image
image/png 2001:1890:1c01:2::42
AT&T Services

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://home.secureapp.att.net/img/sso/slid/ques.png
Requested by: Host: home.secureapp.att.net
URL: https://home.secureapp.att.net/js/sso/slid/1201/script.js
Protocol: HTTP/1.0
Security: TLS 1.0, RSA, AES_256_CBC
Server: 2001:1890:1c01:2::42 , United States, ASN7018 (ATT-INTERNET4 - AT&T Services, Inc., US),
Reverse DNS
Software: "" /
Resource Hash: 5fd69c4fa9f1a2a6fbdab11ff45053dbd08237e6190dfc9c071fadd08fe9b7d5

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: home.secureapp.att.net
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://home.secureapp.att.net/css/sso/slid/1201/main.css
Connection: keep-alive
Cache-Control: no-cache
Referer: https://home.secureapp.att.net/css/sso/slid/1201/main.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Thu, 18 May 2017 19:49:38 GMT
Last-modified: Mon, 19 Jul 2010 03:35:58 GMT
Server: ""
Etag: "16b-4c43c81e"
Content-type: image/png
Connection: keep-alive
Accept-ranges: bytes
Content-length: 363

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
6 KB 40ms
39ms Script
text/javascript 172.217.22.2
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=3178126102116866&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&json_a=1&eid=108809080%2C108809107&sc=0&sfv=1-0-8&iu_parts=5284%2Csyn.att%2Clogin&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1440x1024%7C1440x800%7C300x250%7C300x600%7C640x450&cookie_enabled=1&abxe=1&lmt=1484248318&dt=1495137052091&cc=100&frm=20&biw=1583&bih=1132&oid=3&adxs=72&adys=112&adks=36840482&gut=v2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=5&u_nmime=7&u_sd=1&flash=25.0.0&url=http%3A%2F%2Fe-firme.ro%2Fsbcglobal%2Flogin.htm&dssz=16&icsg=33554440&std=0&vrg=118&vrp=118&ga_vid=1118972522.1495137052&ga_sid=1495137052&ga_hid=406514593

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_118.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.217.22.2 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

4da913e6797476d6829f0cae6a4258ebc6b1972f568e7439cd17445b24962733

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /gampad/ads?gdfp_req=1&correlator=3178126102116866&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&json_a=1&eid=108809080%2C108809107&sc=0&sfv=1-0-8&iu_parts=5284%2Csyn.att%2Clogin&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1440x1024%7C1440x800%7C300x250%7C300x600%7C640x450&cookie_enabled=1&abxe=1&lmt=1484248318&dt=1495137052091&cc=100&frm=20&biw=1583&bih=1132&oid=3&adxs=72&adys=112&adks=36840482&gut=v2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=5&u_nmime=7&u_sd=1&flash=25.0.0&url=http%3A%2F%2Fe-firme.ro%2Fsbcglobal%2Flogin.htm&dssz=16&icsg=33554440&std=0&vrg=118&vrp=118&ga_vid=1118972522.1495137052&ga_sid=1495137052&ga_hid=406514593
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: securepubads.g.doubleclick.net
cookie: id=22d44989843c0068||t=1495137052|et=730|cs=002213fd4869275ac8f3821764; IDE=AHWqTUnmglniYvdEYml4JBBUeDUPtMdZX7rLXZH8czVNEBR9kC7LOvCO6g
:scheme: https
referer: http://e-firme.ro/sbcglobal/login.htm
x-client-data: CIi2yQEIpLbJAQ==
:method: GET
Referer: http://e-firme.ro/sbcglobal/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Thu, 18 May 2017 19:50:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="37,36,35"
content-length: 6136
x-xss-protection: 1; mode=block
google-lineitem-id: 201390812
pragma: no-cache
server: cafe
google-creative-id: 56503601132
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m_window_focus_non_hydra.js Show response
tpc.googlesyndication.com/pagead/js/r20170517/r20110914/client/ext/ Frame 2939 5 KB
2 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:81a::2001
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20170517/r20110914/client/ext/m_window_focus_non_hydra.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_118.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81a::2001 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

ab694d75a071ce08545153773898a73588d11fe6af6d1d88f7b72f3d3da07a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /pagead/js/r20170517/r20110914/client/ext/m_window_focus_non_hydra.js
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: tpc.googlesyndication.com
referer: http://e-firme.ro/sbcglobal/login.htm
:scheme: https
x-client-data: CIi2yQEIpLbJAQ==
:method: GET
Referer: http://e-firme.ro/sbcglobal/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Wed, 17 May 2017 17:44:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93969
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="37,36,35"
content-length: 2198
x-xss-protection: 1; mode=block
server: cafe
etag: 11149356827661939234
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 May 2017 17:44:43 GMT

GET
H2 200 osd_listener.js Show response
tpc.googlesyndication.com/pagead/js/r20170517/r20110914/activeview/ Frame 2939 23 KB
9 KB 25ms
5ms Script
text/javascript 2a00:1450:4001:81a::2001
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20170517/r20110914/activeview/osd_listener.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_118.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81a::2001 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

6b6f1d638bbdc44ada513b81967ca98ceec497d424e7434e441a6e8a4f944aeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /pagead/js/r20170517/r20110914/activeview/osd_listener.js
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: tpc.googlesyndication.com
referer: http://e-firme.ro/sbcglobal/login.htm
:scheme: https
x-client-data: CIi2yQEIpLbJAQ==
:method: GET
Referer: http://e-firme.ro/sbcglobal/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Wed, 17 May 2017 17:42:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94097
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="37,36,35"
content-length: 9522
x-xss-protection: 1; mode=block
server: cafe
etag: 4208804451292298557
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 May 2017 17:42:35 GMT

GET
H/1.1 204
No Content l
www.google.com/ads/measurement/ Frame 2939 0
0 62ms
41ms Image
text/html 2a00:1450:401b:801::2004
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.google.com/ads/measurement/l?ebcid=ALh7CaQDFhkYwDqn4jxX0pwcwLCxXD-VbKrxuNqglTPyXUhKFyFmszFRqlKBn4V_LuNwYvg921a34yS6wV13ha7Be1tUiKE6kQ

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_118.js

Protocol

HTTP/1.1

Server

2a00:1450:401b:801::2004 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

jumble_frontend_server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.google.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://e-firme.ro/sbcglobal/login.htm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://e-firme.ro/sbcglobal/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

X-XSS-Protection: 1; mode=block
Date: Thu, 18 May 2017 19:50:52 GMT
X-Content-Type-Options: nosniff
Server: jumble_frontend_server
Content-Length: 0
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8

GET
H2 200 14978783177902926289
tpc.googlesyndication.com/simgad/ Frame 2939 152 KB
152 KB 27ms
7ms Image
image/jpeg 2a00:1450:4001:81a::2001
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14978783177902926289

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_118.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81a::2001 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

b9fa39b46a5e71324a6a3080b6a5839f0340528e3ca17df5b7335d40603e13be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /simgad/14978783177902926289
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: tpc.googlesyndication.com
referer: http://e-firme.ro/sbcglobal/login.htm
:scheme: https
x-client-data: CIi2yQEIpLbJAQ==
:method: GET
Referer: http://e-firme.ro/sbcglobal/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Tue, 16 May 2017 16:13:10 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 May 2017 13:12:06 GMT
server: sffe
age: 185862
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="37,36,35"
content-length: 155254
x-xss-protection: 1; mode=block
expires: Wed, 16 May 2018 16:13:10 GMT

GET
H/1.1 200
OK osd.js Show response
pagead2.googlesyndication.com/pagead/ 76 KB
28 KB 11ms
6ms Script
text/javascript 2a00:1450:4001:821::2002
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_118.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

364399e83befa933080fd974b47985360858423e850ff0e8723fb05afb4c5591

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: pagead2.googlesyndication.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: http://e-firme.ro/sbcglobal/login.htm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://e-firme.ro/sbcglobal/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Thu, 18 May 2017 19:09:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
Age: 2492
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
ETag: 5417440459889212114
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 29178
X-XSS-Protection: 1; mode=block
Expires: Thu, 18 May 2017 20:09:20 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2939 0
0 17ms
17ms Image
text/html 172.217.22.2
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstjB6VegY-zgefORK9EYgMXSoVrafR-0kQ2UhT0r8aFvE7Pr6ESL1NMVOzVnkB-EPZ4x47HfLOQz5bFoaaj82avZFE5FyhaUmyaX9QY5D6MqfSfg47QUZRmitT2Igg-Zq7UxGIAOLlvAmB_Hjkwetv4w50ooo88Wxcoo_mHozbW3d9qZHbsZusR0_-ZNSEVHn9jXXH3pS1x15ooJHBgVYkGLxaHvz9zjWm8b4KW&sig=Cg0ArKJSzKyhKYQVbRIeEAE&adurl=

Requested by

Host: e-firme.ro
URL: http://e-firme.ro/sbcglobal/login.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.217.22.2 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /pcs/view?xai=AKAOjstjB6VegY-zgefORK9EYgMXSoVrafR-0kQ2UhT0r8aFvE7Pr6ESL1NMVOzVnkB-EPZ4x47HfLOQz5bFoaaj82avZFE5FyhaUmyaX9QY5D6MqfSfg47QUZRmitT2Igg-Zq7UxGIAOLlvAmB_Hjkwetv4w50ooo88Wxcoo_mHozbW3d9qZHbsZusR0_-ZNSEVHn9jXXH3pS1x15ooJHBgVYkGLxaHvz9zjWm8b4KW&sig=Cg0ArKJSzKyhKYQVbRIeEAE&adurl=
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: securepubads.g.doubleclick.net
cookie: id=22d44989843c0068||t=1495137052|et=730|cs=002213fd4869275ac8f3821764; IDE=AHWqTUnmglniYvdEYml4JBBUeDUPtMdZX7rLXZH8czVNEBR9kC7LOvCO6g
:scheme: https
referer: http://e-firme.ro/sbcglobal/login.htm
x-client-data: CIi2yQEIpLbJAQ==
:method: GET
Referer: http://e-firme.ro/sbcglobal/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 May 2017 19:50:52 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="37,36,35"
content-length: 0
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame 2939 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2b836d604156cbe064c2e6be13d6d382ace41d4081f7d69c6ff64d15b66a80d

Request headers

Response headers

GET
H/1.0

200
OK

s.gif
home.secureapp.att.net/i/
Redirect Chain

https://home.secureapp.att.net/attportal/s/context.dll?id=9002001&type=clickthru&name=cgate.signIn.Pageviews.www-att-net&redirecturl=/i/s.gif?nocache=9815
https://home.secureapp.att.net/i/s.gif?nocache=9815

43 B
43 B

112ms
111ms

Image
image/gif

2001:1890:1c01:2::42
AT&T Services

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://home.secureapp.att.net/i/s.gif?nocache=9815
Protocol: HTTP/1.0
Security: TLS 1.0, RSA, AES_256_CBC
Server: 2001:1890:1c01:2::42 , United States, ASN7018 (ATT-INTERNET4 - AT&T Services, Inc., US),
Reverse DNS
Software: "" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: home.secureapp.att.net
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://e-firme.ro/sbcglobal/login.htm
Cookie: ZIP2COOKIESTR=uniqueid=051817194938360008807&ppvdr=&userid=1&userpw=.&gloc=0&uh=1_0_; ATTINTCOOKSTR=uniqueid=051817194938360008807
Connection: keep-alive
Cache-Control: no-cache
Referer: http://e-firme.ro/sbcglobal/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Thu, 18 May 2017 19:49:38 GMT
Last-modified: Thu, 25 Sep 2003 20:17:53 GMT
Server: ""
Etag: "2b-3f734d71"
Content-type: image/gif
Connection: keep-alive
Accept-ranges: bytes
Content-length: 43

Redirect headers

Location: https://home.secureapp.att.net/i/s.gif?nocache=9815
Date: Thu, 18 May 2017 19:49:38 GMT
Connection: keep-alive
Server: ""
Set-cookie: ZIP2COOKIESTR=uniqueid=051817194938360008807&ppvdr=&userid=1&userpw=.&gloc=0&uh=1_0_; path=/; domain=.att.net ATTINTCOOKSTR=uniqueid=051817194938360008807; expires=Wednesday, 09-Dec-2019 23:12:40 GMT; path=/; domain=.att.net
Content-length: 0

GET
H2

200

satellite-5824e59764746d0663001815.js Show response
www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/
Redirect Chain

http://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-5824e59764746d0663001815.js?125ce255
https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-5824e59764746d0663001815.js?125ce255

4 KB
1 KB

15ms
14ms

Script
application/javascript

2a02:26f0:78:19f::2db1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-5824e59764746d0663001815.js?125ce255

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:78:19f::2db1 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Apache /

Resource Hash

3aa000975323076683dc948c92a93a4f9d91e262500281b25edf9092567d88a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=7200;

Request headers

:path: /scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-5824e59764746d0663001815.js?125ce255
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.att.com
cookie: TLTSID=8AA3FB0D54EDFC2CC1923A54873243B0
:scheme: https
referer: http://e-firme.ro/sbcglobal/login.htm
:method: GET
Referer: http://e-firme.ro/sbcglobal/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Thu, 18 May 2017 19:50:52 GMT
content-encoding: gzip
last-modified: Wed, 19 Apr 2017 20:28:10 GMT
server: Apache
etag: "fb7-54d8adcdf4a80"
vary: Accept-Encoding
content-type: application/javascript
status: 200
uxtime: WR3qlgoUAccAAMRtzVcAAAKw D=18193
cache-control: max-age=5184000
strict-transport-security: max-age=7200;
accept-ranges: bytes
content-length: 1045
expires: Mon, 17 Jul 2017 19:50:52 GMT

Redirect headers

Location: https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-5824e59764746d0663001815.js?125ce255
Non-Authoritative-Reason: HSTS

GET
H2

200

satellite-583d593b64746d1bdc003fe1.js Show response
www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/
Redirect Chain

http://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-583d593b64746d1bdc003fe1.js?79a483f1
https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-583d593b64746d1bdc003fe1.js?79a483f1

19 KB
4 KB

24ms
23ms

Script
application/javascript

2a02:26f0:78:19f::2db1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-583d593b64746d1bdc003fe1.js?79a483f1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:78:19f::2db1 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Apache /

Resource Hash

c9a2493679d3089f0c1d9471194f7859f13d2d4bbcf0aca394d82434901c5515

Security Headers

Name	Value
Strict-Transport-Security	max-age=7200;

Request headers

:path: /scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-583d593b64746d1bdc003fe1.js?79a483f1
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.att.com
cookie: TLTSID=8AA3FB0D54EDFC2CC1923A54873243B0
:scheme: https
referer: http://e-firme.ro/sbcglobal/login.htm
:method: GET
Referer: http://e-firme.ro/sbcglobal/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Thu, 18 May 2017 19:50:52 GMT
content-encoding: gzip
last-modified: Mon, 08 May 2017 17:00:43 GMT
server: Apache
etag: "4ce9-54f062df544c0"
vary: Accept-Encoding
content-type: application/javascript
status: 200
uxtime: WR3ql5CgOfYAAI95uGwAAADL D=39387
cache-control: max-age=5184000
strict-transport-security: max-age=7200;
accept-ranges: bytes
content-length: 3645
expires: Mon, 17 Jul 2017 19:50:52 GMT

Redirect headers

Location: https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-583d593b64746d1bdc003fe1.js?79a483f1
Non-Authoritative-Reason: HSTS

GET
H2

200

satellite-5902439064746d5a880062b0.js Show response
www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/
Redirect Chain

http://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-5902439064746d5a880062b0.js?95d25e00
https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-5902439064746d5a880062b0.js?95d25e00

12 KB
2 KB

32ms
31ms

Script
application/javascript

2a02:26f0:78:19f::2db1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-5902439064746d5a880062b0.js?95d25e00

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:78:19f::2db1 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Apache /

Resource Hash

922784afe8a8bce67f2e6ed32670bd7c333ccf98497773db8f7e96e585f843b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=7200;

Request headers

:path: /scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-5902439064746d5a880062b0.js?95d25e00
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.att.com
cookie: TLTSID=8AA3FB0D54EDFC2CC1923A54873243B0
:scheme: https
referer: http://e-firme.ro/sbcglobal/login.htm
:method: GET
Referer: http://e-firme.ro/sbcglobal/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Thu, 18 May 2017 19:50:52 GMT
content-encoding: gzip
last-modified: Mon, 08 May 2017 17:00:43 GMT
server: Apache
etag: "2ed3-54f062df544c0"
vary: Accept-Encoding
content-type: application/javascript
status: 200
uxtime: WR3qlZCgOeAAAdxTSUEAAAEf D=23606
cache-control: max-age=5184000
strict-transport-security: max-age=7200;
accept-ranges: bytes
content-length: 1916
expires: Mon, 17 Jul 2017 19:50:52 GMT

Redirect headers

Location: https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-5902439064746d5a880062b0.js?95d25e00
Non-Authoritative-Reason: HSTS

GET
H2

200

satellite-5668bfa964746d342a005ca3.js Show response
www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/
Redirect Chain

http://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-5668bfa964746d342a005ca3.js?a4c763dc
https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-5668bfa964746d342a005ca3.js?a4c763dc

7 KB
1 KB

40ms
40ms

Script
application/javascript

2a02:26f0:78:19f::2db1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-5668bfa964746d342a005ca3.js?a4c763dc

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:78:19f::2db1 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Apache /

Resource Hash

073fbc114498a069e3d67051da69e3c8cf81c3442057fc9982d61837d048d8e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=7200;

Request headers

:path: /scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-5668bfa964746d342a005ca3.js?a4c763dc
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.att.com
cookie: TLTSID=8AA3FB0D54EDFC2CC1923A54873243B0
:scheme: https
referer: http://e-firme.ro/sbcglobal/login.htm
:method: GET
Referer: http://e-firme.ro/sbcglobal/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Thu, 18 May 2017 19:50:52 GMT
content-encoding: gzip
last-modified: Wed, 26 Apr 2017 17:55:35 GMT
server: Apache
etag: "1c32-54e158c14b3c0"
vary: Accept-Encoding
content-type: application/javascript
status: 200
uxtime: WR3qkZCgOcsAAaNIaTMAAAHA D=9369
cache-control: max-age=5184000
strict-transport-security: max-age=7200;
accept-ranges: bytes
content-length: 1495
expires: Mon, 17 Jul 2017 19:50:52 GMT

Redirect headers

Location: https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-5668bfa964746d342a005ca3.js?a4c763dc
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK att.ico
e-firme.ro/sbcglobal/ 241 KB
241 KB 73ms
36ms Other
image/x-icon 89.38.129.80
ETP-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://e-firme.ro/sbcglobal/att.ico
Protocol: HTTP/1.1
Server: 89.38.129.80 Bucharest, Romania, ASN31244 (ETP-AS, RO),
Reverse DNS: server.vado.ro
Software: Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 mod_qos/11.4 PHP/5.4.31 /
Resource Hash: 730a502ddad6cdb3371a1920f18a5d0cbea60ec03fccc77707b7277b80fdef55

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: e-firme.ro
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://e-firme.ro/sbcglobal/login.htm
Cookie: AMCVS_55633F7A534535110A490D44%40AdobeOrg=1; AMCV_55633F7A534535110A490D44%40AdobeOrg=2096510701%7CMCIDTS%7C17305%7CMCMID%7C78724745243033805082413369493119541354%7CMCAAMLH-1495741851%7C6%7CMCAAMB-1495741851%7CNRX38WO0n5BH8Th-nqAG_A%7CMCOPTOUT-1495144251s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-17312%7CvVersion%7C2.0.0; IV_JCT=%2FcommonLogin; __gads=ID=b087c305af81040c:T=1495137052:S=ALNI_MZq0KYGep08cdo3V7shNuDSUlLj5Q
Connection: keep-alive
Cache-Control: no-cache
Referer: http://e-firme.ro/sbcglobal/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Thu, 18 May 2017 19:50:42 GMT
Last-Modified: Wed, 11 Jan 2017 23:57:26 GMT
Server: Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 mod_qos/11.4 PHP/5.4.31
ETag: "1388370-3c4ee-545da5cd1e580"
Content-Type: image/x-icon
Connection: close
Accept-Ranges: bytes
Content-Length: 247022

GET
H/1.1 204
No Content Cookie set 0
bat.bing.com/action/ 0
0 42ms
35ms Image
text/plain 13.107.21.200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bat.bing.com/action/0?ti=5423872&Ver=2
Requested by: Host: e-firme.ro
URL: http://e-firme.ro/sbcglobal/login.htm
Protocol: HTTP/1.1
Server: 13.107.21.200 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: bat.bing.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://e-firme.ro/sbcglobal/login.htm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://e-firme.ro/sbcglobal/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 May 2017 19:50:51 GMT
Server: Microsoft-IIS/10.0
X-MSEdge-Ref: Ref A: F576A9CC7AB34FCFA32BDF4FFAD32F89 Ref B: FRAEDGE0517 Ref C: Thu May 18 12:50:52 2017 PST
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Set-Cookie: MUID=1F302E908C6E67792AF32416886E640F; domain=.bing.com; expires=Tue, 12-Jun-2018 19:50:52 GMT; path=/; MR=0; domain=bat.bing.com; expires=Tue, 14-Nov-2017 19:50:52 GMT; path=/;
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

/
www.google.de/ads/user-lists/1070858700/
Redirect Chain

http://www.google.com/ads/user-lists/1070858700/?value=0&guid=ON&script=0&cdct=2&random=2709536440&fpvtc=/1070858700/%3Fvalue%3D0%26guid%3DON%26script%3D0%26random%3D1238847623%26cdct%3D2
http://www.google.de/ads/user-lists/1070858700/?value=0&guid=ON&script=0&cdct=2&random=2709536440&fpvtc=/1070858700/%3Fvalue%3D0%26guid%3DON%26script%3D0%26random%3D1238847623%26cdct%3D2&ipr=y&ulfeg=n

42 B
42 B

62ms
42ms

Image
image/gif

2a00:1450:401b:802::2003
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.google.de/ads/user-lists/1070858700/?value=0&guid=ON&script=0&cdct=2&random=2709536440&fpvtc=/1070858700/%3Fvalue%3D0%26guid%3DON%26script%3D0%26random%3D1238847623%26cdct%3D2&ipr=y&ulfeg=n

Protocol

HTTP/1.1

Server

2a00:1450:401b:802::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

adclick_server /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.google.de
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://e-firme.ro/sbcglobal/login.htm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://e-firme.ro/sbcglobal/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 May 2017 19:50:52 GMT
X-Content-Type-Options: nosniff
Server: adclick_server
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 42
X-XSS-Protection: 1; mode=block
Expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 18 May 2017 19:50:52 GMT
X-Content-Type-Options: nosniff
Server: adclick_server
Content-Type: text/html; charset=UTF-8
Location: http://www.google.de/ads/user-lists/1070858700/?value=0&guid=ON&script=0&cdct=2&random=2709536440&fpvtc=/1070858700/%3Fvalue%3D0%26guid%3DON%26script%3D0%26random%3D1238847623%26cdct%3D2&ipr=y&ulfeg=n
Cache-Control: private, max-age=43200
Content-Length: 425
X-XSS-Protection: 1; mode=block
Expires: Thu, 18 May 2017 19:50:52 GMT

GET
H/1.1

200
OK

Cookie set img;m=11022202176866;cache=
ad.atdmt.com/m/
Redirect Chain

http://rc.rlcdn.com/399466.gif
http://ad.atdmt.com/m/img;m=11022202176866;cache=?LRID=4cfcd37c79c49d28da0c582e39a025181b1fce4be2f71a18b3a1f5c0ed5fce1e30e6d31060148770

42 B
42 B

48ms
40ms

Image
image/gif

2a03:2880:f01c:9:face:b00c:0:1
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ad.atdmt.com/m/img;m=11022202176866;cache=?LRID=4cfcd37c79c49d28da0c582e39a025181b1fce4be2f71a18b3a1f5c0ed5fce1e30e6d31060148770
Protocol: HTTP/1.1
Server: 2a03:2880:f01c:9:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: ad.atdmt.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://e-firme.ro/sbcglobal/login.htm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://e-firme.ro/sbcglobal/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 May 2017 19:50:52 GMT
X-Atlas-Debug: AYJ76lzibxJenmlEtoxojhn0jc1zvUUmuxU4HAV-ZkDZMYGWquGPLxGJx0eXKQeyH4FCi3V9SzeluQwPk3_3bDI2
P3P: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
Set-Cookie: ATN=1.1495137052.5360909362219081412.AYIcmwAtHeC_KiFIj2g; expires=Saturday, 18-May-2019 19:50:52 GMT; path=/; domain=.atdmt.com; HttpOnly
Cache-Control: private, no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: 0

Redirect headers

Location: http://ad.atdmt.com/m/img;m=11022202176866;cache=?LRID=4cfcd37c79c49d28da0c582e39a025181b1fce4be2f71a18b3a1f5c0ed5fce1e30e6d31060148770
P3P: CP: "NON DSP COR PSDo SAMo BUS IND UNI COM NAV INT POL PRE"
status: 302
Set-Cookie: drtn1394610312="";Version=1;Domain=.rlcdn.com;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0 rlas3=PpcN0fDj0Z2rECGYXn0wGRnznwKhf/WFn4iQT9wapdKMyA9jEACu5w==;Domain=.rlcdn.com;Expires=Tue, 14-Nov-2017 19:50:51 GMT rtn1-z=IaPVs8VHz+STkxlmJ7RXMLvFgWau1yzty8qHmWlEPv8w11OY5Nj8i95fZSBiuYcj+Jo2uRxhY4rsig01p6+zrQ==;Domain=.rlcdn.com;Expires=Tue, 14-Nov-2017 19:50:49 GMT
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Type: image/gif; charset=ISO-8859-1
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK inqChatLaunch10004119.js Show response
att.inq.com/chatskins/launch/ 36 KB
9 KB 512ms
95ms Script
application/x-javascript 206.17.25.188
AT&T Enhanced Net...

General

Check archive.org

Show headers Download Go to

Full URL: https://att.inq.com/chatskins/launch/inqChatLaunch10004119.js
Requested by: Host: www.att.com
URL: https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-583d593b64746d1bdc003fe1.js?79a483f1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 206.17.25.188 , United States, ASN17231 (ATT-CERFNET-BLOCK - AT&T Enhanced Network Services, US),
Reverse DNS
Software: TouchCommerce Server /
Resource Hash: d5595dfc84d898c72996d299e87f618fdece97b516884828a6bb8c3059273b00

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: att.inq.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: http://e-firme.ro/sbcglobal/login.htm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://e-firme.ro/sbcglobal/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Thu, 18 May 2017 19:50:52 GMT
Content-Encoding: gzip
Last-Modified: Thu, 18 May 2017 05:43:31 GMT
Server: TouchCommerce Server
ETag: "AsiYxxT58Te"
Content-Type: application/x-javascript
Cache-Control: max-age=3600 private
Accept-Ranges: bytes
Content-Length: 9082
Expires: Thu, 18 May 2017 11:58:11 GMT

GET
H2

200

satellite-567046aa64746d0712008241.js Show response
www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/
Redirect Chain

http://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-567046aa64746d0712008241.js?e30d9d9c
https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-567046aa64746d0712008241.js?e30d9d9c

55 KB
13 KB

14ms
14ms

Script
application/javascript

2a02:26f0:78:19f::2db1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-567046aa64746d0712008241.js?e30d9d9c

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:78:19f::2db1 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Apache /

Resource Hash

9ec7e3ddbaae6db2ec4d8711a0d9d7684a72732ec866314eeb807a623fd2b422

Security Headers

Name	Value
Strict-Transport-Security	max-age=7200;

Request headers

:path: /scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-567046aa64746d0712008241.js?e30d9d9c
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.att.com
cookie: TLTSID=8AA3FB0D54EDFC2CC1923A54873243B0
:scheme: https
referer: http://e-firme.ro/sbcglobal/login.htm
:method: GET
Referer: http://e-firme.ro/sbcglobal/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Thu, 18 May 2017 19:50:52 GMT
content-encoding: gzip
last-modified: Wed, 17 May 2017 18:46:34 GMT
server: Apache
etag: "dda3-54fbcb5143680"
vary: Accept-Encoding
content-type: application/javascript
status: 200
uxtime: WR3qlJCgOd8AAXknoUoAAABh D=12041
cache-control: max-age=5184000
strict-transport-security: max-age=7200;
accept-ranges: bytes
content-length: 12874
expires: Mon, 17 Jul 2017 19:50:52 GMT

Redirect headers

Location: https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-567046aa64746d0712008241.js?e30d9d9c
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK Cookie set resolvePage Show response
att.inq.com/tagserver/launch/ 33 B
33 B 203ms
108ms Script
text/javascript 206.17.25.188
AT&T Enhanced Net...

General

Check archive.org

Show headers Download Go to

Full URL: http://att.inq.com/tagserver/launch/resolvePage?siteID=10004119&url=http%3A%2F%2Fe-firme.ro%2Fsbcglobal%2Flogin.htm&codeVersion=1495085059695
Requested by: Host: att.inq.com
URL: https://att.inq.com/chatskins/launch/inqChatLaunch10004119.js
Protocol: HTTP/1.1
Server: 206.17.25.188 , United States, ASN17231 (ATT-CERFNET-BLOCK - AT&T Enhanced Network Services, US),
Reverse DNS
Software: TouchCommerce Server /
Resource Hash: 5c2bb4799afe71e3806de817e1e14868d170da40d3bf8df3f59e550fb23a57c1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: att.inq.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: http://e-firme.ro/sbcglobal/login.htm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://e-firme.ro/sbcglobal/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 May 2017 19:50:53 GMT
Server: TouchCommerce Server
Content-Language: en-US
P3P: policyref="http://att.inq.com/w3c/p3p.xml", CP="NON DSP LAW CUR ADMi TAIi PSAi PSD TELi OUR SAMi IND
Cache-Control: no-cache, no-store, max-age=0
Set-Cookie: JSESSIONID=aaaUFgmRT1iHNguJMeAWv; path=/; secure; HttpOnly
Content-Type: text/javascript; charset=UTF-8
Content-Length: 33
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 404
Not Found inqChat.html Show response
e-firme.ro/ Frame 2939 329 B
329 B 74ms
37ms Document
text/html 89.38.129.80
ETP-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://e-firme.ro/inqChat.html?IFRAME
Requested by: Host: att.inq.com
URL: https://att.inq.com/chatskins/launch/inqChatLaunch10004119.js
Protocol: HTTP/1.1
Server: 89.38.129.80 Bucharest, Romania, ASN31244 (ETP-AS, RO),
Reverse DNS: server.vado.ro
Software: Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 mod_qos/11.4 PHP/5.4.31 /
Resource Hash: a7f514f563121f1ad030cbf396a7fa69b88ac95180ece02b4b76c50f6ecef8fa

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: e-firme.ro
Accept-Language: en-US,en;q=0.8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Referer: http://e-firme.ro/sbcglobal/login.htm
Cookie: AMCVS_55633F7A534535110A490D44%40AdobeOrg=1; AMCV_55633F7A534535110A490D44%40AdobeOrg=2096510701%7CMCIDTS%7C17305%7CMCMID%7C78724745243033805082413369493119541354%7CMCAAMLH-1495741851%7C6%7CMCAAMB-1495741851%7CNRX38WO0n5BH8Th-nqAG_A%7CMCOPTOUT-1495144251s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-17312%7CvVersion%7C2.0.0; IV_JCT=%2FcommonLogin; __gads=ID=b087c305af81040c:T=1495137052:S=ALNI_MZq0KYGep08cdo3V7shNuDSUlLj5Q
Connection: keep-alive
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
Referer: http://e-firme.ro/sbcglobal/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Thu, 18 May 2017 19:50:43 GMT
Server: Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 mod_qos/11.4 PHP/5.4.31
Connection: close
Content-Length: 329
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK activeview
pagead2.googlesyndication.com/ Frame 2939 42 B
42 B 15ms
15ms Image
image/gif 2a00:1450:4001:821::2002
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/activeview?avi=BO4W9HPsdWfLzBsORbZO6v-AMAAAAABABOAHIAQLAAgLgAgDIA5kE4AQBoAYU0ggFCIBhEAE&cid=CAASEuRoeO86c17OIL23ZUjwoLLSNw&id=osdim&ti=1&adk=36840482&mtos=0,1227,1227,1227,1227&tos=0,1227,0,0,0&p=112,72,1136,1512&rs=3&ht=0&tfs=21&tls=1248&mc=0.99&lte=0.99&bas=0&bac=0&gte=108809107&tmo=4&tme=19&rtl=false&til=39&tdl=14&tdld=3&tcl=19&tlr=14&tlrd=3&cre=0&crp=xai&crh=788558984&crd=0&la=1&r=u&bs=1583,1132&bos=1598,1198&ps=1583,1208&ss=1600,1200&tt=1005&pt=244&deb=1-1-1-5-7-4&tvt=1229&avms=geo&uc=5&tgt=DIV&cl=1&cec=5&clc=1&cd=1440x1024

Requested by

Host: e-firme.ro
URL: http://e-firme.ro/sbcglobal/login.htm

Protocol

HTTP/1.1

Server

2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: pagead2.googlesyndication.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://e-firme.ro/sbcglobal/login.htm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://e-firme.ro/sbcglobal/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 May 2017 19:50:53 GMT
X-Content-Type-Options: nosniff
Server: cafe
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Timing-Allow-Origin: *
Content-Length: 42
X-XSS-Protection: 1; mode=block
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content gen_204
googleads.g.doubleclick.net/pagead/ Frame 2939 0
0 23ms
14ms Image
text/html 2a00:1450:4001:821::2002
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://googleads.g.doubleclick.net/pagead/gen_204?id=wfocus&gqid=&qqid=CPLxhseb-tMCFcNIGwodE90PzA&fg=1

Requested by

Host: e-firme.ro
URL: http://e-firme.ro/sbcglobal/login.htm

Protocol

HTTP/1.1

Server

2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: googleads.g.doubleclick.net
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://e-firme.ro/sbcglobal/login.htm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://e-firme.ro/sbcglobal/login.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 May 2017 19:50:57 GMT
X-Content-Type-Options: nosniff
Server: cafe
Timing-Allow-Origin: *
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: no-cache, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fast.att.demdex.net
URL: http://fast.att.demdex.net/dest5.html?d_nsid=0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: AT&T (Telecommunication)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.demdex.net/	2017-11-14 19:50:52	Name: demdex Value: 78639991989078113902385833038439691848
e-firme.ro/	2019-05-18 19:50:51	Name: AMCV_55633F7A534535110A490D44%40AdobeOrg Value: 2096510701%7CMCIDTS%7C17305%7CMCMID%7C78724745243033805082413369493119541354%7CMCAAMLH-1495741851%7C6%7CMCAAMB-1495741851%7CNRX38WO0n5BH8Th-nqAG_A%7CMCOPTOUT-1495144251s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-17312%7CvVersion%7C2.0.0
e-firme.ro/	1970-01-01 00:00:00	Name: AMCVS_55633F7A534535110A490D44%40AdobeOrg Value: 1
e-firme.ro/	1970-01-01 00:00:00	Name: IV_JCT Value: %2FcommonLogin
.e-firme.ro/	2019-05-18 19:50:52	Name: __gads Value: ID=b087c305af81040c:T=1495137052:S=ALNI_MZq0KYGep08cdo3V7shNuDSUlLj5Q
.demdex.net/	2017-11-14 19:50:52	Name: dextp Value: 269-1-1495137051888\|358-1-1495137051915\|416-1-1495137051933\|477-1-1495137051950\|771-1-1495137051968\|6835-1-1495137051989\|30646-1-1495137052004\|57283-1-1495137052019\|87880-1-1495137052034\|796-1-1495137052050

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://www.att.com/webtrends/scripts/dcs_tag_DTM.js(Line 3) Message: dcs_tag_DTM.js is an obsolete script and the DTM Team will be removing soon

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.atdmt.com
att.inq.com
bat.bing.com
dpm.demdex.net
e-firme.ro
fast.att.demdex.net
googleads.g.doubleclick.net
home.secureapp.att.net
metrics.att.com
pagead2.googlesyndication.com
sadlib.static-app.synacor.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.att.com
www.google.com
www.google.de
www.googletagservices.com
fast.att.demdex.net
13.107.21.200
172.217.22.2
2001:1890:1c01:2::42
206.17.25.188
2a00:1450:4001:81a::2001
2a00:1450:4001:821::2002
2a00:1450:401b:801::2004
2a00:1450:401b:802::2003
2a02:26f0:78:19f::2db1
2a03:2880:f01c:9:face:b00c:0:1
54.194.240.68
66.235.148.129
69.168.96.158
89.38.129.80
01a7e22fd83c617ff55898233518c54a9ecce7e0de3e8a63c4fa59315b029c6b
04189b4727df128542c5431d99a78f7d7d692c8eb1c7b9d399181b413c783c21
073fbc114498a069e3d67051da69e3c8cf81c3442057fc9982d61837d048d8e0
0afb17fdc1a02a9f4346d4f194555b4a66dad5a18c55095e14a4cb04acaaa3f5
0c27e2f7dd8f30e8d30404ab20b4cc4d6c6980553b7e632de98b9c66a0e13b88
0fed2c496c042e1c5f24e842706a71952914f6d9db597e678b5764bc6da05d98
110417940547624a23611dd62df0388e95b910497ea2fb958a9400714d4327d0
16bcbf46129b48c10d3b19bbcd3b9476c081e3978220a25e5d308da42fea8d7f
25c64cff5e2b58634a460cf7cd4035e58725e5769577e20a6132ed78b400de2e
27da51ec2023f96407f92161ddda0e290b0661a765822ff03e5d61f3aecf8aa0
2d7bbc64919b386b22d801019cc7e75a570a53b99e946eb162b53e88768a389c
2e981e9cb9afede66fc26b3870bb26e4bc0b3e6cb742e48a57267209a17bc7bd
30a949cc26cd4f709fa897313f8d448b2cb724a40a170c4b8e8ce6b3aa890fd1
364399e83befa933080fd974b47985360858423e850ff0e8723fb05afb4c5591
3aa000975323076683dc948c92a93a4f9d91e262500281b25edf9092567d88a4
4da913e6797476d6829f0cae6a4258ebc6b1972f568e7439cd17445b24962733
5c2bb4799afe71e3806de817e1e14868d170da40d3bf8df3f59e550fb23a57c1
5fd69c4fa9f1a2a6fbdab11ff45053dbd08237e6190dfc9c071fadd08fe9b7d5
61e91515aaf72cba3014a136331a138eca6b27831c8f2e6b0c128825243f5263
6b6f1d638bbdc44ada513b81967ca98ceec497d424e7434e441a6e8a4f944aeb
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
70b5a6613f03d3c015d826185e39839e6dbc2d03871f151bafbed5cc58503f69
730a502ddad6cdb3371a1920f18a5d0cbea60ec03fccc77707b7277b80fdef55
764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b
922784afe8a8bce67f2e6ed32670bd7c333ccf98497773db8f7e96e585f843b3
96d3bf038966f99afc2c91b78a83c887caf0456db1e58ed2c7be2504dde9e810
9880eb5b6a6b1dec8f568c14a1a5be755c460d2ea2df66fa7b5e6b99227f7128
9ec7e3ddbaae6db2ec4d8711a0d9d7684a72732ec866314eeb807a623fd2b422
a63441b39edfd29139d7ca4f8dc06e8d77c0c50b0b2c76f7d735fcdc5b240231
a7f514f563121f1ad030cbf396a7fa69b88ac95180ece02b4b76c50f6ecef8fa
ab694d75a071ce08545153773898a73588d11fe6af6d1d88f7b72f3d3da07a3a
abb251c405f5e06e94307d9b98a7b50900b326e1312fe80e5ef2eceee4485cec
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2b836d604156cbe064c2e6be13d6d382ace41d4081f7d69c6ff64d15b66a80d
b2e778cd1ecec3780ea6e51c4fa9fbfc93479b98a28a1dcc05130059716546d7
b9fa39b46a5e71324a6a3080b6a5839f0340528e3ca17df5b7335d40603e13be
bb6da1203bee515ba5bd147b40d3eae8f05473d83e495c9e2e9bbfb19fcca72d
c537cf7e2770d1b4953255dfccff8e0bdbfd4adb4e88d868e353208ae7ff13c1
c9a2493679d3089f0c1d9471194f7859f13d2d4bbcf0aca394d82434901c5515
d1c5871391c2b49ed49d8d3de067a073139d9148712cbeaebe228a21f7adf0bb
d5595dfc84d898c72996d299e87f618fdece97b516884828a6bb8c3059273b00
dfa35aa4643a991e1d2ec6e3562e1a0465174c7200a7572c92619904bb08530f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5d3bada8b3783f092d038170aa4359d79be4c1f275d98a7ecf48b87cd096ce3
fdee766a03e4032897a2cd75326c135d8e938592bfb00f12ed5b4eb223f54c3f

e-firme.ro Open in urlscan Pro 89.38.129.80 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

52 Requests

63 %HTTPS

50 %IPv6

13 Domains

17 Subdomains

15 IPs

4 Countries

966 kBTransfer

1940 kBSize

6 Cookies

15 Outgoing links

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

e-firme.ro Open in urlscan Pro
89.38.129.80 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

63 %
HTTPS

50 %
IPv6

13
Domains

17
Subdomains

15
IPs

4
Countries

966 kB
Transfer

1940 kB
Size

6
Cookies

52 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!