urlscan.io logo urlscan.io
SecurityTrails logo

jknhu.usa.cc Open in urlscan Pro
217.61.6.49  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://jknhu.usa.cc/at&tadminfile/AT&T/index.php
Submission: On May 07 via automatic, source phishtank
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 4 countries across 14 domains to perform 43 HTTP transactions. The main IP is 217.61.6.49, located in Frankfurt, Germany and belongs to XANDMAIL-ASN, DE. The main domain is jknhu.usa.cc.
This is the only time jknhu.usa.cc was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: AT&T (Telecommunication)

Domain & IP information

IP Address AS Autonomous System
2 217.61.6.49 200185 (XANDMAIL-ASN)
1 15 216.77.188.90 6389 (BELLSOUTH...)
1 69.168.102.75 36271 (SYNACOR-C...)
4 104.109.72.38 20940 (AKAMAI-ASN1)
1 144.160.147.53 797 (AMERITECH-AS)
1 4 172.217.17.66 15169 (GOOGLE)
4 216.58.206.2 15169 (GOOGLE)
1 31.186.231.25 15570 (Internap ...)
3 216.58.207.34 15169 (GOOGLE)
1 13.107.21.200 8068 (MICROSOFT...)
1 1 216.58.206.4 15169 (GOOGLE)
1 216.58.206.3 15169 (GOOGLE)
1 34.197.34.89 14618 (AMAZON-AES)
2 206.17.25.188 17231 (ATT-CERFN...)
4 216.58.206.1 15169 (GOOGLE)
1 172.217.20.67 15169 (GOOGLE)
43 16
2    217.61.6.49 (Frankfurt, Germany)

ASN200185 (XANDMAIL-ASN, DE)
PTR: host49-6-61-217.static.arubacloud.de
jknhu.usa.cc
15    216.77.188.90 (United States)

ASN6389 (BELLSOUTH-NET-BLK - BellSouth.net Inc., US)
PTR: home.secureapp.att.net
home.secureapp.att.net
1    69.168.102.75 (Buffalo, United States)

ASN36271 (SYNACOR-CLUSTER - Synacor, Inc., US)
sadlib.static-app.synacor.com
4    104.109.72.38 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-72-38.deploy.static.akamaitechnologies.com
www.att.com
1    144.160.147.53 (United States)

ASN797 (AMERITECH-AS - AT&T Services, Inc., US)
PTR: loginprodxff.att.net
loginprodx.att.net
4    172.217.17.66 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: ams16s30-in-f66.1e100.net
www.googletagservices.com
adservice.google.nl
adservice.google.com
googleads.g.doubleclick.net
4    216.58.206.2 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s20-in-f2.1e100.net
securepubads.g.doubleclick.net
1    31.186.231.25 (United Kingdom)

ASN15570 (Internap European Autonomous System, GB)
PTR: statse.webtrendslive.com
statse.webtrendslive.com
3    216.58.207.34 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s24-in-f2.1e100.net
pagead2.googlesyndication.com
1    13.107.21.200 (Redmond, United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
bat.bing.com
1    216.58.206.4 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s20-in-f4.1e100.net
www.google.com
1    216.58.206.3 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s20-in-f3.1e100.net
www.google.nl
1    34.197.34.89 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-197-34-89.compute-1.amazonaws.com
rc.rlcdn.com
2    206.17.25.188 (United States)

ASN17231 (ATT-CERFNET-BLOCK - AT&T Enhanced Network Services, US)
att.inq.com
4    216.58.206.1 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s20-in-f1.1e100.net
tpc.googlesyndication.com
1    172.217.20.67 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: ams15s33-in-f3.1e100.net
csi.gstatic.com
Domain Requested by
15 home.secureapp.att.net 1 redirects jknhu.usa.cc
home.secureapp.att.net
4 tpc.googlesyndication.com securepubads.g.doubleclick.net
jknhu.usa.cc
4 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
jknhu.usa.cc
4 www.att.com jknhu.usa.cc
3 pagead2.googlesyndication.com securepubads.g.doubleclick.net
2 att.inq.com www.att.com
att.inq.com
2 jknhu.usa.cc att.inq.com
1 csi.gstatic.com tpc.googlesyndication.com
1 rc.rlcdn.com
1 www.google.nl
1 www.google.com 1 redirects
1 googleads.g.doubleclick.net 1 redirects
1 bat.bing.com
1 statse.webtrendslive.com loginprodx.att.net
1 adservice.google.com www.googletagservices.com
1 adservice.google.nl www.googletagservices.com
1 www.googletagservices.com sadlib.static-app.synacor.com
1 loginprodx.att.net jknhu.usa.cc
1 sadlib.static-app.synacor.com jknhu.usa.cc
43 19

This site contains links to these domains. Also see Links.

Domain
www.att.net
www.att.com
uverseonline.att.net
elportal.att.net
home.secureapp.att.net
Subject Issuer Validity Valid

This page contains 3 frames:

Primary Page: http://jknhu.usa.cc/at&tadminfile/AT&T/index.php
Frame ID: FB2E20221CFCFCF787AEF0B346CB7515
Requests: 36 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20180502/r20110914/activeview/osd_listener.js
Frame ID: 032178B5236F7C317D67EF6B85DD515A
Requests: 7 HTTP requests in this frame

Frame: http://jknhu.usa.cc/inqChat.html?IFRAME
Frame ID: 980FC2394C66C416EB543B09D1F0B918
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
  • env /^google_ad_/i
  • env /^__google_ad_/i
  • env /^Goog_AdSense_/i
Overall confidence: 100%
Detected patterns
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • env /^googletag$/i
Overall confidence: 100%
Detected patterns
  • html /<img[^>]+id="DCSIMG"[^>]+webtrends/i
  • env /^(?:WTOptimize|WebTrends)/i
Overall confidence: 100%
Detected patterns
  • script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

43
Requests

0 %
HTTPS

0 %
IPv6

14
Domains

19
Subdomains

16
IPs

4
Countries

939 kB
Transfer

1708 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • http://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-5902439064746d5a880062b0.js?5a5ef010 HTTP 307
  • https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-5902439064746d5a880062b0.js?5a5ef010
Request Chain 22
  • https://home.secureapp.att.net/attportal/s/context.dll?id=9002001&type=clickthru&name=cgate.signIn.Pageviews.www-att-net&redirecturl=/i/s.gif?nocache=6649 HTTP 302
  • https://home.secureapp.att.net/i/s.gif?nocache=6649
Request Chain 23
  • http://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-5824e59764746d0663001815.js?df20bd64 HTTP 307
  • https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-5824e59764746d0663001815.js?df20bd64
Request Chain 24
  • http://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-583d593b64746d1bdc003fe1.js?1456be05 HTTP 307
  • https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-583d593b64746d1bdc003fe1.js?1456be05
Request Chain 26
  • http://bat.bing.com/action/0?ti=5423872&Ver=2 HTTP 307
  • https://bat.bing.com/action/0?ti=5423872&Ver=2
Request Chain 27
  • http://googleads.g.doubleclick.net/pagead/viewthroughconversion/1070858700/?value=0&guid=ON&script=0 HTTP 302
  • http://www.google.com/ads/user-lists/1070858700/?value=0&guid=ON&script=0&cdct=2&is_vtc=1&random=2316816137 HTTP 302
  • http://www.google.nl/ads/user-lists/1070858700/?value=0&guid=ON&script=0&cdct=2&is_vtc=1&random=2316816137&ipr=y&ulfeg=n

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.php
jknhu.usa.cc/at&tadminfile/AT&T/ 		7 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://jknhu.usa.cc/at&tadminfile/AT&T/index.php
Protocol
HTTP/1.1
Server
217.61.6.49 Frankfurt, Germany, ASN200185 (XANDMAIL-ASN, DE),
Reverse DNS
host49-6-61-217.static.arubacloud.de
Software
Apache /
Resource Hash
a24f75c771ff8e958aa0a8cd32398f414526b371239ea07ae3b1db2f08368e09

Request headers

Host
jknhu.usa.cc
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
FB2E20221CFCFCF787AEF0B346CB7515

Response headers

Date
Mon, 07 May 2018 21:21:07 GMT
Server
Apache
Content-Length
7128
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
main.css
home.secureapp.att.net/css/sso/slid/1201/ 		28 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://home.secureapp.att.net/css/sso/slid/1201/main.css
Requested by
Host: jknhu.usa.cc
URL: http://jknhu.usa.cc/at&tadminfile/AT&T/index.php
Protocol
HTTP/1.0
Server
216.77.188.90 , United States, ASN6389 (BELLSOUTH-NET-BLK - BellSouth.net Inc., US),
Reverse DNS
home.secureapp.att.net
Software
"" /
Resource Hash
dfa2be020e3374a4b1c871c88ada990120fb198d4e8ff685ad35cfae88ad3466

Request headers

Referer
http://jknhu.usa.cc/at&tadminfile/AT&T/index.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Mon, 07 May 2018 21:18:27 GMT
Last-modified
Tue, 24 Oct 2017 04:39:16 GMT
Server
""
Etag
"6fd5-59eec3f4"
Content-type
text/css
Connection
keep-alive
Accept-ranges
bytes
Content-length
28629
jquery-1.5.1.min.js
home.secureapp.att.net/js/jquery/ 		83 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://home.secureapp.att.net/js/jquery/jquery-1.5.1.min.js
Requested by
Host: jknhu.usa.cc
URL: http://jknhu.usa.cc/at&tadminfile/AT&T/index.php
Protocol
HTTP/1.0
Server
216.77.188.90 , United States, ASN6389 (BELLSOUTH-NET-BLK - BellSouth.net Inc., US),
Reverse DNS
home.secureapp.att.net
Software
"" /
Resource Hash
764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b

Request headers

Referer
http://jknhu.usa.cc/at&tadminfile/AT&T/index.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Mon, 07 May 2018 21:18:27 GMT
Last-modified
Fri, 11 Mar 2011 22:40:27 GMT
Server
""
Etag
"14d0c-4d7aa4db"
Content-type
application/x-javascript
Connection
keep-alive
Accept-ranges
bytes
Content-length
85260
jquery.simplemodal.js
home.secureapp.att.net/js/jquery/simplemodal/ 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://home.secureapp.att.net/js/jquery/simplemodal/jquery.simplemodal.js
Requested by
Host: jknhu.usa.cc
URL: http://jknhu.usa.cc/at&tadminfile/AT&T/index.php
Protocol
HTTP/1.0
Server
216.77.188.90 , United States, ASN6389 (BELLSOUTH-NET-BLK - BellSouth.net Inc., US),
Reverse DNS
home.secureapp.att.net
Software
"" /
Resource Hash
da0f28b0d18d448b29cb3ee6e742952e7247c627d3800d045ba1573ca1fc07f4

Request headers

Referer
http://jknhu.usa.cc/at&tadminfile/AT&T/index.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Mon, 07 May 2018 21:18:27 GMT
Last-modified
Tue, 27 Mar 2018 20:03:41 GMT
Server
""
Etag
"255a-5abaa39d"
Content-type
application/x-javascript
Connection
keep-alive
Accept-ranges
bytes
Content-length
9562
script.js
home.secureapp.att.net/js/sso/slid/1201/ 		47 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://home.secureapp.att.net/js/sso/slid/1201/script.js
Requested by
Host: jknhu.usa.cc
URL: http://jknhu.usa.cc/at&tadminfile/AT&T/index.php
Protocol
HTTP/1.0
Server
216.77.188.90 , United States, ASN6389 (BELLSOUTH-NET-BLK - BellSouth.net Inc., US),
Reverse DNS
home.secureapp.att.net
Software
"" /
Resource Hash
db2a3260d580716fb8dae973b1b994f799f545d520b7a1636d473ecbdbdd2223

Request headers

Referer
http://jknhu.usa.cc/at&tadminfile/AT&T/index.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Mon, 07 May 2018 21:18:27 GMT
Last-modified
Fri, 29 Dec 2017 04:07:49 GMT
Server
""
Etag
"bdff-5a45bf95"
Content-type
application/x-javascript
Connection
keep-alive
Accept-ranges
bytes
Content-length
48639
att.js
sadlib.static-app.synacor.com/client/att/ 		54 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sadlib.static-app.synacor.com/client/att/att.js
Requested by
Host: jknhu.usa.cc
URL: http://jknhu.usa.cc/at&tadminfile/AT&T/index.php
Protocol
HTTP/1.1
Server
69.168.102.75 Buffalo, United States, ASN36271 (SYNACOR-CLUSTER - Synacor, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
09bb2f30e60d6bd89520a6a0581108447039c697f7864037d4d892a14bf200e2

Request headers

Referer
http://jknhu.usa.cc/at&tadminfile/AT&T/index.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Mon, 07 May 2018 21:21:10 GMT
Content-Encoding
gzip
Age
208
P3P
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
Connection
keep-alive
Content-Length
15474
Access-Control-Allow-Origin
*
Last-Modified
Mon, 23 Apr 2018 17:13:45 GMT
Server
nginx
ETag
"d922-56a872906e440"
Vary
Accept-Encoding
X-Varnish
763077755 762737994
Via
1.1 varnish
Cache-Control
max-age=300
Accept-Ranges
bytes
Content-Type
text/javascript
Expires
Mon, 07 May 2018 21:22:41 GMT
satelliteLib-bee1ce9b89e943a46b1dfd167adc564fe75eef37.js
www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/ 		418 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/satelliteLib-bee1ce9b89e943a46b1dfd167adc564fe75eef37.js
Requested by
Host: jknhu.usa.cc
URL: http://jknhu.usa.cc/at&tadminfile/AT&T/index.php
Protocol
SPDY
Server
104.109.72.38 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-72-38.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
07409fcceec3b3e64da1a1abc33bec344fb36fbcdf7e391fa0533df531818c82
Security Headers
Name Value
Strict-Transport-Security max-age=15811200;

Request headers

Referer
http://jknhu.usa.cc/at&tadminfile/AT&T/index.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Mon, 07 May 2018 21:21:08 GMT
content-encoding
gzip
last-modified
Thu, 03 May 2018 18:10:22 GMT
server
Apache
etag
"687c0-56b511deabf80"
vary
Accept-Encoding
content-type
application/javascript
status
200
uxtime
WvC3EZCgOd4AAaCHoP4AAAOF D=43286
cache-control
max-age=900
strict-transport-security
max-age=15811200;
accept-ranges
bytes
content-length
78392
expires
Mon, 07 May 2018 21:36:08 GMT
mobile.css
home.secureapp.att.net/css/sso/slid/1201/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://home.secureapp.att.net/css/sso/slid/1201/mobile.css
Requested by
Host: jknhu.usa.cc
URL: http://jknhu.usa.cc/at&tadminfile/AT&T/index.php
Protocol
HTTP/1.0
Server
216.77.188.90 , United States, ASN6389 (BELLSOUTH-NET-BLK - BellSouth.net Inc., US),
Reverse DNS
home.secureapp.att.net
Software
"" /
Resource Hash
30a949cc26cd4f709fa897313f8d448b2cb724a40a170c4b8e8ce6b3aa890fd1

Request headers

Referer
http://jknhu.usa.cc/at&tadminfile/AT&T/index.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Mon, 07 May 2018 21:18:28 GMT
Last-modified
Wed, 21 Dec 2016 10:14:45 GMT
Server
""
Etag
"fa3-585a5615"
Content-type
text/css
Connection
keep-alive
Accept-ranges
bytes
Content-length
4003
webtrends.min.js
loginprodx.att.net/commonLogin/igate_edam/staticContent/images/SLID/js/ 		22 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://loginprodx.att.net/commonLogin/igate_edam/staticContent/images/SLID/js/webtrends.min.js
Requested by
Host: jknhu.usa.cc
URL: http://jknhu.usa.cc/at&tadminfile/AT&T/index.php
Protocol
HTTP/1.1
Server
144.160.147.53 , United States, ASN797 (AMERITECH-AS - AT&T Services, Inc., US),
Reverse DNS
loginprodxff.att.net
Software
/
Resource Hash
50de74141721246d0341cbeea72a1e69a3363af1659a4171ef5e3200c9f8eda6

Request headers

Referer
http://jknhu.usa.cc/at&tadminfile/AT&T/index.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Mon, 07 May 2018 21:21:11 GMT
last-modified
Thu, 22 Feb 2018 01:33:50 GMT
content-type
application/x-javascript
content-length
22315
content-language
en-US
p3p
CP="NON CUR OTPi OUR NOR UNI"
footerBg.png
home.secureapp.att.net/design/CDLS10/img/ui/ 		560 B
788 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://home.secureapp.att.net/design/CDLS10/img/ui/footerBg.png
Requested by
Host: jknhu.usa.cc
URL: http://jknhu.usa.cc/at&tadminfile/AT&T/index.php
Protocol
HTTP/1.0
Server
216.77.188.90 , United States, ASN6389 (BELLSOUTH-NET-BLK - BellSouth.net Inc., US),
Reverse DNS
home.secureapp.att.net
Software
"" /
Resource Hash
61e91515aaf72cba3014a136331a138eca6b27831c8f2e6b0c128825243f5263

Request headers

Referer
https://home.secureapp.att.net/css/sso/slid/1201/main.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Mon, 07 May 2018 21:18:28 GMT
Last-modified
Fri, 17 Jul 2009 17:05:33 GMT
Server
""
Etag
"230-4a60af5d"
Content-type
image/png
Connection
keep-alive
Accept-ranges
bytes
Content-length
560
pageBg.png
home.secureapp.att.net/design/cdls10/img/ui/ 		169 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://home.secureapp.att.net/design/cdls10/img/ui/pageBg.png
Requested by
Host: jknhu.usa.cc
URL: http://jknhu.usa.cc/at&tadminfile/AT&T/index.php
Protocol
HTTP/1.0
Server
216.77.188.90 , United States, ASN6389 (BELLSOUTH-NET-BLK - BellSouth.net Inc., US),
Reverse DNS
home.secureapp.att.net
Software
"" /
Resource Hash
c537cf7e2770d1b4953255dfccff8e0bdbfd4adb4e88d868e353208ae7ff13c1

Request headers

Referer
https://home.secureapp.att.net/css/sso/slid/1201/main.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Mon, 07 May 2018 21:18:28 GMT
Last-modified
Tue, 11 Aug 2009 21:10:32 GMT
Server
""
Etag
"a9-4a81de48"
Content-type
image/png
Connection
keep-alive
Accept-ranges
bytes
Content-length
169
btnSumbit.png
home.secureapp.att.net/img/sso/slid/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://home.secureapp.att.net/img/sso/slid/btnSumbit.png
Requested by
Host: jknhu.usa.cc
URL: http://jknhu.usa.cc/at&tadminfile/AT&T/index.php
Protocol
HTTP/1.0
Server
216.77.188.90 , United States, ASN6389 (BELLSOUTH-NET-BLK - BellSouth.net Inc., US),
Reverse DNS
home.secureapp.att.net
Software
"" /
Resource Hash
27da51ec2023f96407f92161ddda0e290b0661a765822ff03e5d61f3aecf8aa0

Request headers

Referer
https://home.secureapp.att.net/css/sso/slid/1201/main.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Mon, 07 May 2018 21:18:28 GMT
Last-modified
Tue, 21 Sep 2010 15:06:50 GMT
Server
""
Etag
"573-4c98ca0a"
Content-type
image/png
Connection
keep-alive
Accept-ranges
bytes
Content-length
1395
satellite-5902439064746d5a880062b0.js
www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/
Redirect Chain
  • http://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-5902439064746d5a880062b0.js?5a5ef010
  • https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-5902439064746d5a880062b0.js?5a5ef010
4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-5902439064746d5a880062b0.js?5a5ef010
Requested by
Host: jknhu.usa.cc
URL: http://jknhu.usa.cc/at&tadminfile/AT&T/index.php
Protocol
SPDY
Server
104.109.72.38 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-72-38.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
864ff7035b5847ca82257fc69f4227c6cb3dee652878f7a9b89084bacf5dc5d0
Security Headers
Name Value
Strict-Transport-Security max-age=15811200;

Request headers

Referer
http://jknhu.usa.cc/at&tadminfile/AT&T/index.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Mon, 07 May 2018 21:21:10 GMT
content-encoding
gzip
last-modified
Thu, 03 May 2018 18:10:22 GMT
server
Apache
etag
"ec1-56b511deabf80"
vary
Accept-Encoding
content-type
application/javascript
status
200
uxtime
WvC3EAoVAVcAAHigpAYAAABQ D=28969
cache-control
max-age=5184000
strict-transport-security
max-age=15811200;
accept-ranges
bytes
content-length
877
expires
Fri, 06 Jul 2018 21:21:10 GMT

Redirect headers

Location
https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-5902439064746d5a880062b0.js?5a5ef010
Non-Authoritative-Reason
HSTS
txt-clear.png
home.secureapp.att.net/img/sso/slid/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://home.secureapp.att.net/img/sso/slid/txt-clear.png
Requested by
Host: home.secureapp.att.net
URL: https://home.secureapp.att.net/js/jquery/jquery-1.5.1.min.js
Protocol
HTTP/1.0
Server
216.77.188.90 , United States, ASN6389 (BELLSOUTH-NET-BLK - BellSouth.net Inc., US),
Reverse DNS
home.secureapp.att.net
Software
"" /
Resource Hash
fdee766a03e4032897a2cd75326c135d8e938592bfb00f12ed5b4eb223f54c3f

Request headers

Referer
https://home.secureapp.att.net/css/sso/slid/1201/main.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Mon, 07 May 2018 21:18:29 GMT
Last-modified
Tue, 29 Jul 2014 15:04:17 GMT
Server
""
Etag
"cda-53d7b7f1"
Content-type
image/png
Connection
keep-alive
Accept-ranges
bytes
Content-length
3290
support-icon.jpg
home.secureapp.att.net/img/sso/slid/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://home.secureapp.att.net/img/sso/slid/support-icon.jpg
Requested by
Host: home.secureapp.att.net
URL: https://home.secureapp.att.net/js/jquery/jquery-1.5.1.min.js
Protocol
HTTP/1.0
Server
216.77.188.90 , United States, ASN6389 (BELLSOUTH-NET-BLK - BellSouth.net Inc., US),
Reverse DNS
home.secureapp.att.net
Software
"" /
Resource Hash
01a7e22fd83c617ff55898233518c54a9ecce7e0de3e8a63c4fa59315b029c6b

Request headers

Referer
https://home.secureapp.att.net/css/sso/slid/1201/main.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Mon, 07 May 2018 21:18:29 GMT
Last-modified
Mon, 26 Jul 2010 21:26:50 GMT
Server
""
Etag
"615-4c4dfd9a"
Content-type
image/jpeg
Connection
keep-alive
Accept-ranges
bytes
Content-length
1557
att_globe_blue_80x80.png
home.secureapp.att.net/design/CDLS10/img/logos/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://home.secureapp.att.net/design/CDLS10/img/logos/att_globe_blue_80x80.png
Requested by
Host: home.secureapp.att.net
URL: https://home.secureapp.att.net/js/jquery/jquery-1.5.1.min.js
Protocol
HTTP/1.0
Server
216.77.188.90 , United States, ASN6389 (BELLSOUTH-NET-BLK - BellSouth.net Inc., US),
Reverse DNS
home.secureapp.att.net
Software
"" /
Resource Hash
dfa35aa4643a991e1d2ec6e3562e1a0465174c7200a7572c92619904bb08530f

Request headers

Referer
https://home.secureapp.att.net/css/sso/slid/1201/main.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Mon, 07 May 2018 21:18:28 GMT
Last-modified
Fri, 20 May 2016 12:43:47 GMT
Server
""
Etag
"40c4-573f0683"
Content-type
image/png
Connection
keep-alive
Accept-ranges
bytes
Content-length
16580
attGlobalNavHeader-bg.gif
home.secureapp.att.net/design/cdls20/img/ui/ 		149 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://home.secureapp.att.net/design/cdls20/img/ui/attGlobalNavHeader-bg.gif
Requested by
Host: home.secureapp.att.net
URL: https://home.secureapp.att.net/js/jquery/jquery-1.5.1.min.js
Protocol
HTTP/1.0
Server
216.77.188.90 , United States, ASN6389 (BELLSOUTH-NET-BLK - BellSouth.net Inc., US),
Reverse DNS
home.secureapp.att.net
Software
"" /
Resource Hash
9880eb5b6a6b1dec8f568c14a1a5be755c460d2ea2df66fa7b5e6b99227f7128

Request headers

Referer
https://home.secureapp.att.net/css/sso/slid/1201/main.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Mon, 07 May 2018 21:18:28 GMT
Last-modified
Thu, 26 Apr 2012 21:04:53 GMT
Server
""
Etag
"95-4f99b875"
Content-type
image/gif
Connection
keep-alive
Accept-ranges
bytes
Content-length
149
ques.png
home.secureapp.att.net/img/sso/slid/ 		363 B
591 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://home.secureapp.att.net/img/sso/slid/ques.png
Requested by
Host: home.secureapp.att.net
URL: https://home.secureapp.att.net/js/sso/slid/1201/script.js
Protocol
HTTP/1.0
Server
216.77.188.90 , United States, ASN6389 (BELLSOUTH-NET-BLK - BellSouth.net Inc., US),
Reverse DNS
home.secureapp.att.net
Software
"" /
Resource Hash
5fd69c4fa9f1a2a6fbdab11ff45053dbd08237e6190dfc9c071fadd08fe9b7d5

Request headers

Referer
https://home.secureapp.att.net/css/sso/slid/1201/main.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Mon, 07 May 2018 21:18:28 GMT
Last-modified
Mon, 19 Jul 2010 03:35:58 GMT
Server
""
Etag
"16b-4c43c81e"
Content-type
image/png
Connection
keep-alive
Accept-ranges
bytes
Content-length
363
gpt.js
www.googletagservices.com/tag/js/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: sadlib.static-app.synacor.com
URL: https://sadlib.static-app.synacor.com/client/att/att.js
Protocol
HTTP/1.1
Server
172.217.17.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
ams16s30-in-f66.1e100.net
Software
sffe /
Resource Hash
697806bc4f970b07972e7a9f0c3536d46aa630753fb25e766810dbd6dbb12130
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://jknhu.usa.cc/at&tadminfile/AT&T/index.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Mon, 07 May 2018 21:21:10 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
ETag
"4 / 280 of 1000 / last-modified: 1525470303"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin
*
Content-Length
5568
X-XSS-Protection
1; mode=block
Expires
Mon, 07 May 2018 21:21:10 GMT
integrator.js
adservice.google.nl/adsid/ 		111 B
662 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=jknhu.usa.cc
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
SPDY
Server
172.217.17.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
ams16s30-in-f66.1e100.net
Software
cafe /
Resource Hash
207461e411e1ff6d6c5b0dd702d26031adb86de86ed3f571baa5a6fc498fc4b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://jknhu.usa.cc/at&tadminfile/AT&T/index.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 May 2018 21:21:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
105
x-xss-protection
1; mode=block
integrator.js
adservice.google.com/adsid/ 		111 B
662 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=jknhu.usa.cc
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
SPDY
Server
172.217.17.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
ams16s30-in-f66.1e100.net
Software
cafe /
Resource Hash
207461e411e1ff6d6c5b0dd702d26031adb86de86ed3f571baa5a6fc498fc4b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://jknhu.usa.cc/at&tadminfile/AT&T/index.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 May 2018 21:21:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
105
x-xss-protection
1; mode=block
pubads_impl_203.js
securepubads.g.doubleclick.net/gpt/ 		163 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_203.js
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
SPDY
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
sffe /
Resource Hash
56845977a56747959a170550b800acd5b5ec5db345d953c1f4b8d94feac234e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://jknhu.usa.cc/at&tadminfile/AT&T/index.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Mon, 07 May 2018 21:21:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 02 May 2018 15:23:17 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
58861
x-xss-protection
1; mode=block
expires
Mon, 07 May 2018 21:21:10 GMT
wtid.js
statse.webtrendslive.com/dcsdjtdi8wz5bdo7rtxv6ly3m_4s9j/ 		10 B
195 B 		Script
General
Check archive.org
Download Go to
Full URL
http://statse.webtrendslive.com/dcsdjtdi8wz5bdo7rtxv6ly3m_4s9j/wtid.js?callback=Webtrends.dcss.dcsobj_0.dcsGetIdCallback
Requested by
Host: loginprodx.att.net
URL: https://loginprodx.att.net/commonLogin/igate_edam/staticContent/images/SLID/js/webtrends.min.js
Protocol
HTTP/1.1
Server
31.186.231.25 , United Kingdom, ASN15570 (Internap European Autonomous System, GB),
Reverse DNS
statse.webtrendslive.com
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
d3f45949797ac9329127b9e128b0e0656aa48d5dbd8d5e8e42c8b451780c34f2

Request headers

Referer
http://jknhu.usa.cc/at&tadminfile/AT&T/index.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Mon, 07 May 2018 21:21:11 GMT
Server
Microsoft-IIS/7.5
Connection
close
X-Powered-By
ASP.NET
Content-Length
10
Content-Type
application/x-javascript
s.gif
home.secureapp.att.net/i/
Redirect Chain
  • https://home.secureapp.att.net/attportal/s/context.dll?id=9002001&type=clickthru&name=cgate.signIn.Pageviews.www-att-net&redirecturl=/i/s.gif?nocache=6649
  • https://home.secureapp.att.net/i/s.gif?nocache=6649
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://home.secureapp.att.net/i/s.gif?nocache=6649
Protocol
HTTP/1.0
Server
216.77.188.90 , United States, ASN6389 (BELLSOUTH-NET-BLK - BellSouth.net Inc., US),
Reverse DNS
home.secureapp.att.net
Software
"" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
http://jknhu.usa.cc/at&tadminfile/AT&T/index.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Mon, 07 May 2018 21:18:30 GMT
Last-modified
Thu, 25 Sep 2003 20:17:53 GMT
Server
""
Etag
"2b-3f734d71"
Content-type
image/gif
Connection
keep-alive
Accept-ranges
bytes
Content-length
43

Redirect headers

Location
https://home.secureapp.att.net/i/s.gif?nocache=6649
Date
Mon, 07 May 2018 21:18:30 GMT
Server
""
Connection
keep-alive
Content-length
0
satellite-5824e59764746d0663001815.js
www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/
Redirect Chain
  • http://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-5824e59764746d0663001815.js?df20bd64
  • https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-5824e59764746d0663001815.js?df20bd64
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-5824e59764746d0663001815.js?df20bd64
Protocol
SPDY
Server
104.109.72.38 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-72-38.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6ac0a7523db651441699a1082d951ebd88dd49d29f785c15a63d65824e71f754
Security Headers
Name Value
Strict-Transport-Security max-age=15811200;

Request headers

Referer
http://jknhu.usa.cc/at&tadminfile/AT&T/index.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Mon, 07 May 2018 21:21:11 GMT
content-encoding
gzip
last-modified
Thu, 03 May 2018 18:10:22 GMT
server
Apache
etag
"f36-56b511deabf80"
vary
Accept-Encoding
content-type
application/javascript
status
200
uxtime
WvC3EAoVAVcAAHigo-MAAABQ D=25713
cache-control
max-age=5184000
strict-transport-security
max-age=15811200;
accept-ranges
bytes
content-length
1549
expires
Fri, 06 Jul 2018 21:21:11 GMT

Redirect headers

Location
https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-5824e59764746d0663001815.js?df20bd64
Non-Authoritative-Reason
HSTS
satellite-583d593b64746d1bdc003fe1.js
www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/
Redirect Chain
  • http://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-583d593b64746d1bdc003fe1.js?1456be05
  • https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-583d593b64746d1bdc003fe1.js?1456be05
11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-583d593b64746d1bdc003fe1.js?1456be05
Protocol
SPDY
Server
104.109.72.38 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-72-38.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d88dbdc5d0151ceba7292f7a484ddd0aa265e11dc2cca91978b7631d4372ac5
Security Headers
Name Value
Strict-Transport-Security max-age=15811200;

Request headers

Referer
http://jknhu.usa.cc/at&tadminfile/AT&T/index.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Mon, 07 May 2018 21:21:11 GMT
content-encoding
gzip
last-modified
Thu, 03 May 2018 18:10:22 GMT
server
Apache
etag
"2b84-56b511deabf80"
vary
Accept-Encoding
content-type
application/javascript
status
200
uxtime
WvC3EAoVAZAAAAVsGK8AAAPD D=73062
cache-control
max-age=5184000
strict-transport-security
max-age=15811200;
accept-ranges
bytes
content-length
2373
expires
Fri, 06 Jul 2018 21:21:11 GMT

Redirect headers

Location
https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-583d593b64746d1bdc003fe1.js?1456be05
Non-Authoritative-Reason
HSTS
show_companion_ad.js
pagead2.googlesyndication.com/pagead/ 		165 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/show_companion_ad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_203.js
Protocol
HTTP/1.1
Server
216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s24-in-f2.1e100.net
Software
cafe /
Resource Hash
a5f609200852bd13460fd2e721c952e6910ed75cd192c4dd5436017689e0571c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://jknhu.usa.cc/at&tadminfile/AT&T/index.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Mon, 07 May 2018 20:34:00 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
Age
2831
ETag
16202949419406574537
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
public, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
61782
X-XSS-Protection
1; mode=block
Expires
Mon, 07 May 2018 21:34:00 GMT
0
bat.bing.com/action/
Redirect Chain
  • http://bat.bing.com/action/0?ti=5423872&Ver=2
  • https://bat.bing.com/action/0?ti=5423872&Ver=2
0
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5423872&Ver=2
Protocol
SPDY
Server
13.107.21.200 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://jknhu.usa.cc/at&tadminfile/AT&T/index.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

status
204
pragma
no-cache
date
Mon, 07 May 2018 21:21:11 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 88173550F46842EC951F181F1B489809 Ref B: FRAEDGE0909 Ref C: 2018-05-07T21:21:11Z
access-control-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://bat.bing.com/action/0?ti=5423872&Ver=2
Non-Authoritative-Reason
HSTS
/
www.google.nl/ads/user-lists/1070858700/
Redirect Chain
  • http://googleads.g.doubleclick.net/pagead/viewthroughconversion/1070858700/?value=0&guid=ON&script=0
  • http://www.google.com/ads/user-lists/1070858700/?value=0&guid=ON&script=0&cdct=2&is_vtc=1&random=2316816137
  • http://www.google.nl/ads/user-lists/1070858700/?value=0&guid=ON&script=0&cdct=2&is_vtc=1&random=2316816137&ipr=y&ulfeg=n
42 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.google.nl/ads/user-lists/1070858700/?value=0&guid=ON&script=0&cdct=2&is_vtc=1&random=2316816137&ipr=y&ulfeg=n
Protocol
HTTP/1.1
Server
216.58.206.3 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f3.1e100.net
Software
adclick_server /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://jknhu.usa.cc/at&tadminfile/AT&T/index.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 May 2018 21:21:11 GMT
X-Content-Type-Options
nosniff
Server
adclick_server
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
42
X-XSS-Protection
1; mode=block
Expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 07 May 2018 21:21:11 GMT
X-Content-Type-Options
nosniff
Server
adclick_server
Content-Type
text/html; charset=UTF-8
Location
http://www.google.nl/ads/user-lists/1070858700/?value=0&guid=ON&script=0&cdct=2&is_vtc=1&random=2316816137&ipr=y&ulfeg=n
Cache-Control
private, max-age=43200
Content-Length
345
X-XSS-Protection
1; mode=block
Expires
Mon, 07 May 2018 21:21:11 GMT
399466.gif
rc.rlcdn.com/ 		42 B
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://rc.rlcdn.com/399466.gif
Protocol
HTTP/1.1
Server
34.197.34.89 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-197-34-89.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://jknhu.usa.cc/at&tadminfile/AT&T/index.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Mon, 07 May 2018 21:21:12 GMT
Cache-Control
no-cache, no-store
Content-Type
image/gif
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
42
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
inqChatLaunch10004119.js
att.inq.com/chatskins/launch/ 		36 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://att.inq.com/chatskins/launch/inqChatLaunch10004119.js
Requested by
Host: www.att.com
URL: https://www.att.com/scripts/satellite/prod/8bb7555f31d461fe2aef4e2d53a11a03e7f9a04c/scripts/satellite-583d593b64746d1bdc003fe1.js?1456be05
Protocol
HTTP/1.1
Server
206.17.25.188 , United States, ASN17231 (ATT-CERFNET-BLOCK - AT&T Enhanced Network Services, US),
Reverse DNS
Software
TouchCommerce Server /
Resource Hash
0d4a2bf40ff8652b0262925ca2a3fba97e8b857720400c7710c47bef18b2b0b3

Request headers

Referer
http://jknhu.usa.cc/at&tadminfile/AT&T/index.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Mon, 07 May 2018 21:21:12 GMT
Content-Encoding
gzip
Last-Modified
Thu, 03 May 2018 14:18:48 GMT
Server
TouchCommerce Server
ETag
"4z2SHSmKYSZ"
Content-Type
application/javascript
Cache-Control
max-age=3600, private
Accept-Ranges
bytes
Content-Length
9076
Expires
Sun, 06 May 2018 14:45:19 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		6 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=2796058840194065&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21061277%2C21061149%2C21061764&vrg=203&guci=1.2.0.0.2.2&sc=0&sfv=1-0-23&iu_parts=5284%2Csyn.att%2Clogin&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1440x1024%7C1440x800%7C300x250%7C300x600%7C640x450&eri=4&cookie_enabled=1&bc=7&abxe=1&lmt=1525728071&dt=1525728071913&frm=20&biw=1585&bih=1200&oid=3&adxs=73&adys=112&adks=2565056540&gut=v2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&loc=http%3A%2F%2Fjknhu.usa.cc%2Fat%26tadminfile%2FAT%26T%2Findex.php&dssz=21&icsg=2281701504&std=0&vis=1&scr_x=0&scr_y=0&psz=1440x-1&ga_vid=295588159.1525728072&ga_sid=1525728072&ga_hid=1470790442
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_203.js
Protocol
SPDY
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
cafe /
Resource Hash
289a7e41cff4ab2b41a1974ff2e5fab22fdc56b7f9d60e5138e3a3c1d1f7d147
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer
http://jknhu.usa.cc/at&tadminfile/AT&T/index.php
Origin
http://jknhu.usa.cc

Response headers

date
Mon, 07 May 2018 21:21:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
3365
x-xss-protection
1; mode=block
google-lineitem-id
4636644463
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138230569541
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
http://jknhu.usa.cc
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_203.js
securepubads.g.doubleclick.net/gpt/ 		43 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_203.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_203.js
Protocol
SPDY
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
sffe /
Resource Hash
a9f7e804bc04fde0a1d57e54f53b9db40da92751fa660e843d9834720c1fd494
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://jknhu.usa.cc/at&tadminfile/AT&T/index.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Mon, 07 May 2018 21:21:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 02 May 2018 15:23:17 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
16616
x-xss-protection
1; mode=block
expires
Mon, 07 May 2018 21:21:11 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-23/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
http://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_203.js
Protocol
HTTP/1.1
Server
216.58.206.1 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f1.1e100.net
Software
/
Resource Hash

Request headers

Purpose
prefetch
Referer
http://jknhu.usa.cc/at&tadminfile/AT&T/index.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Expires
Tue, 30 Apr 2019 21:47:29 GMT
Cache-Control
public, immutable, max-age=31536000
Last-Modified
Tue, 10 Apr 2018 14:51:09 GMT
Content-Type
text/html
osd_listener.js
tpc.googlesyndication.com/pagead/js/r20180502/r20110914/activeview/ Frame 0321 		70 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20180502/r20110914/activeview/osd_listener.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_203.js
Protocol
SPDY
Server
216.58.206.1 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f1.1e100.net
Software
cafe /
Resource Hash
2e6adc45495a3dce89cd1edec83715f36a9820996774ff14e0e900173811c851
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://jknhu.usa.cc/at&tadminfile/AT&T/index.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Wed, 02 May 2018 21:49:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
430292
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
25791
x-xss-protection
1; mode=block
server
cafe
etag
6494073687872998152
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 May 2018 21:49:40 GMT
imgad
tpc.googlesyndication.com/pagead/ Frame 0321 		388 KB
389 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDrgJSJ-AEQARgBMggZjcKAwyv4Wg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_203.js
Protocol
SPDY
Server
216.58.206.1 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f1.1e100.net
Software
cafe /
Resource Hash
e158cc07eaace7542992b0b5a27b6bacb79680edd3554cc80641a75c2d933dcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://jknhu.usa.cc/at&tadminfile/AT&T/index.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Fri, 04 May 2018 11:31:15 GMT
x-content-type-options
nosniff
server
cafe
age
294597
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/jpeg
status
200
cache-control
public, max-age=604800
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
397802
x-xss-protection
1; mode=block
expires
Fri, 11 May 2018 11:31:15 GMT
osd.js
pagead2.googlesyndication.com/pagead/ 		67 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_203.js
Protocol
HTTP/1.1
Server
216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s24-in-f2.1e100.net
Software
cafe /
Resource Hash
0b8f0144dab06f6ddd139221924d86370aacbbde30b136f556f6a8c45cf7a423
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://jknhu.usa.cc/at&tadminfile/AT&T/index.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Mon, 07 May 2018 20:48:54 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
Age
1938
ETag
12221944481654968339
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
public, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
25193
X-XSS-Protection
1; mode=block
Expires
Mon, 07 May 2018 21:48:54 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0321 		0
83 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvrkShCbJbxhIETaoZajNkDMEfJZc-Zdgl8JMRIZoQkM5-DTj2BFiIFWyKqO23zUy_92s26mC4Y-lo3iyl8RUjBWpzGffZbem79yJbOTMxTWveZ0bSMGSI0MLRiHKB-IlEYlaaykpDlT8GuJnVw_6zp3sxBjPSWECYLzlJj_f9jj5xrg_0UOqj1iUUfKU-P5H2-yvEwFxXbG4hyyFj8-i5ne3MhgUL6htNPaYTX7F3t9q3t-A0gDQ&sai=AMfl-YRvUpwE59JvbyTj40M7ngQ2Oq1SsJsQoDCHnB1-QsXsWIsLfSUPf442p1XIvT59WhR3r7yXfCb8b5NgrWu781kSJPCj8HxSaFRLKJEZOQvjSpwRfPotHTegoMfZ&sig=Cg0ArKJSzJq1AP16tkUaEAE&urlfix=1&adurl=
Requested by
Host: jknhu.usa.cc
URL: http://jknhu.usa.cc/at&tadminfile/AT&T/index.php
Protocol
SPDY
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://jknhu.usa.cc/at&tadminfile/AT&T/index.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

cache-control
private
content-type
text/html; charset=UTF-8
truncated
/ Frame 0321 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4b45c0c6b010a5248ddd38d7655ce7ca9660e4bf8dad3111c35bddac858a2342

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
rum.js
tpc.googlesyndication.com/pagead/js/r20180502/r20110914/ Frame 0321 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20180502/r20110914/rum.js
Requested by
Host: jknhu.usa.cc
URL: http://jknhu.usa.cc/at&tadminfile/AT&T/index.php
Protocol
SPDY
Server
216.58.206.1 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f1.1e100.net
Software
cafe /
Resource Hash
5f3a574107d3802b7aeb502c12bbb29609280718d8223db7e1d44013188d07be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://jknhu.usa.cc/at&tadminfile/AT&T/index.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Wed, 02 May 2018 21:56:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
429886
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
15354
x-xss-protection
1; mode=block
server
cafe
etag
5529136530536903089
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 May 2018 21:56:26 GMT
csi
csi.gstatic.com/ Frame 0321 		0
277 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&puid=1~jgwr3mwr&chm=1&ctx=2&qqid=CLrTgf7D9NoCFYOJdwodyGoE4Q&met.4=fb.2g~lb.4l~ol.5k~dt.6&met.3=123.4e_5~121.4l~118.4n~117.5k~118.5n_1~113.60_3~112.5z_4&met.1=1.jgwr3mqr~14.f~15.f~16.f~17.f~18.f~19.f~20.f~21.f~22.3h~23.3h&met.7=CAcQChgBIFgoWDCOATg2QFtIXlBeWGxgY2hwcHd4j80BgAG_yQGIAZ6sBLABAbgBAw~CAQQBhgBIFkoWTCeAThFaHBwf3i5phiAAeqjGIgB6qMYsAEBuAED~CCIQBhgBIGcoZzCPATgn~CBgQChgBIMwBKMwBMNMBOAZozQFw0gF46HiAAfp3iAGvwQKwAQG4AQM&met.2=15.4~16.9fe8
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20180502/r20110914/rum.js
Protocol
SPDY
Server
172.217.20.67 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
ams15s33-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Cache-Control
max-age=0
Origin
http://jknhu.usa.cc
Referer
http://jknhu.usa.cc/at&tadminfile/AT&T/index.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 07 May 2018 21:21:12 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
status
204
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
resolvePage
att.inq.com/tagserver/launch/ 		33 B
493 B 		Script
General
Check archive.org
Download Go to
Full URL
https://att.inq.com/tagserver/launch/resolvePage?siteID=10004119&url=http%3A%2F%2Fjknhu.usa.cc%2Fat%26tadminfile%2FAT%26T%2Findex.php&codeVersion=1525355948173
Requested by
Host: att.inq.com
URL: https://att.inq.com/chatskins/launch/inqChatLaunch10004119.js
Protocol
HTTP/1.1
Server
206.17.25.188 , United States, ASN17231 (ATT-CERFNET-BLOCK - AT&T Enhanced Network Services, US),
Reverse DNS
Software
TouchCommerce Server /
Resource Hash
5c2bb4799afe71e3806de817e1e14868d170da40d3bf8df3f59e550fb23a57c1

Request headers

Referer
http://jknhu.usa.cc/at&tadminfile/AT&T/index.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 May 2018 21:21:13 GMT
Server
TouchCommerce Server
Content-Language
en-US
P3P
policyref="http://att.inq.com/w3c/p3p.xml", CP="NON DSP LAW CUR ADMi TAIi PSAi PSD TELi OUR SAMi IND
Cache-Control
no-cache, no-store, max-age=0
Content-Type
text/javascript; charset=UTF-8
Content-Length
33
Expires
Thu, 01 Jan 1970 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0321 		42 B
605 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvBt4wLN3u8pHD0cGtXprlTXooXbV5MK-0QlHgiv18V90OwV8qT0BANpETKJhxYwUD9d2Yq_Op_ROak162Oeqcot6_WihNJpgA&sig=Cg0ArKJSzBIONyJ5sKd6EAE&id=osdim&ti=1&adk=2565056540&tt=1036&bs=1585,1200&mtos=1015,1015,1015,1015,1015&tos=1015,0,0,0,0&p=112,73,1136,1513&mcvt=1015&rs=3&ht=0&tfs=22&tls=1037&mc=1&lte=1&bas=0&bac=0&la=1&avms=geo&bos=1600,1200&ps=1585,1208&ss=1600,1200&pt=1&deb=1-1-1-3-12-15-19-10&tvt=1022&op=1&r=v&uc=19&tgt=DIV&cl=1&cec=6&clc=1&cac=0&cd=1440x1028&v=r20180502
Protocol
SPDY
Server
216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s24-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://jknhu.usa.cc/at&tadminfile/AT&T/index.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 May 2018 21:21:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
inqChat.html
jknhu.usa.cc/ Frame 980F 		329 B
529 B 		Document
General
Check archive.org
Download Go to
Full URL
http://jknhu.usa.cc/inqChat.html?IFRAME
Requested by
Host: att.inq.com
URL: https://att.inq.com/chatskins/launch/inqChatLaunch10004119.js
Protocol
HTTP/1.1
Server
217.61.6.49 Frankfurt, Germany, ASN200185 (XANDMAIL-ASN, DE),
Reverse DNS
host49-6-61-217.static.arubacloud.de
Software
Apache /
Resource Hash
a7f514f563121f1ad030cbf396a7fa69b88ac95180ece02b4b76c50f6ecef8fa

Request headers

Host
jknhu.usa.cc
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://jknhu.usa.cc/at&tadminfile/AT&T/index.php
Accept-Encoding
gzip, deflate
Cookie
IV_JCT=%2FcommonLogin; __gads=ID=bd79812708ffc4a6:T=1525728071:S=ALNI_MZIipTnzjvaF54cNW75HiWMDCU5fg
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
FB2E20221CFCFCF787AEF0B346CB7515
Referer
http://jknhu.usa.cc/at&tadminfile/AT&T/index.php

Response headers

Date
Mon, 07 May 2018 21:21:12 GMT
Server
Apache
Content-Length
329
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: AT&T (Telecommunication)

150 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| antiClickjack undefined| noFrameBusting function| $ function| jQuery string| agent string| ORIGINATION_POINT_URL string| RETURN_URL string| CANCEL_URL function| getWindowWidth function| getWindowHeight function| setRegURL function| logPgvw function| refer function| submitForm function| trimAll function| chkTick function| unchkTick function| getElementsByClassName function| btnChange function| acctSelBtnEnable function| ie6Img function| getYadContents function| init undefined| countdownElement function| overlay function| cancelLoad function| Redirecturl string| focusableElementsString function| trapTabKey function| supportRedirect object| _satellite function| webtrendsAsyncInit string| q1Zidx string| q2Zidx string| funnelDomainCheck string| funnelPathCheck object| funnelCondition number| fpc string| evtAction string| evtCode string| successFlag string| statusMessage string| errorType string| linkName string| linkPosition string| linkDestinationUrl string| chatInviteType string| chatSessionId string| chatBusinessUnit string| chatAgentGroup object| chatLaunchedListener object| chatEngagedListener object| c2cStateChanged object| InqRegistry object| Sadlib_Config object| TN8 object| SW_Config object| rubicontag object| googletag object| sadlib object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken object| GPT_jstiming undefined| google_measure_js_timing function| dcsMultiTrack object| Webtrends object| WebTrends object| WT function| dcsDebug string| key object| s object| s2 boolean| google_noFetch boolean| google_DisableInitialLoad number| __google_ad_urls_id function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| googleCompanionsServicePresent function| googleGetCompanionAdSlots function| googleSetCompanionAdContents function| google_show_companion_ad function| google_show_companion_ad_in_slot function| google_get_companion_slot_params function| google_companion_error function| google_companion_loaded function| google_increment_num_ad_mouseovers string| google_ad_output string| google_ad_client string| google_flash_version boolean| google_webgl_support string| google_ad_section string| google_country string| tcPageParms string| tcOrderNumber string| tcFAN string| tcRegionID string| tcChatEnabled string| tcCustomerRegion string| tcTroubleshooting_Transcript string| tcWirelessNumber string| tcSkill string| tcUnit string| tcRegionId string| tcChatEligibility string| tcFirstName string| tcLastName string| tcATTUID string| tcauthState string| tcBAN string| tcCustomerCity string| tcCustomerState string| tcCustomerZip string| tcLanguage string| tcMigTgt string| tcFccTrial string| tcPortingNoInd string| tcProductsInCart string| tcPromotions string| tcProductSelection string| tcProductDeSelection string| tcCartTotalRMR string| tcCartTotal string| tcWhpElig string| tcVisitorType string| tcContractTermSelected string| tcDeviceType string| tcPageName string| tcSessionParms object| inqCustData object| tc_div object| touchcommerce number| google_unique_id object| closure_memoize_cache_ object| gaGlobal object| __google_ad_urls object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb undefined| host undefined| url undefined| params undefined| src object| v3LanderConfig object| v3Lander

1 Cookies

Domain/Path Name / Value
jknhu.usa.cc/ Name: IV_JCT
Value: %2FcommonLogin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.nl
att.inq.com
bat.bing.com
csi.gstatic.com
googleads.g.doubleclick.net
home.secureapp.att.net
jknhu.usa.cc
loginprodx.att.net
pagead2.googlesyndication.com
rc.rlcdn.com
sadlib.static-app.synacor.com
securepubads.g.doubleclick.net
statse.webtrendslive.com
tpc.googlesyndication.com
www.att.com
www.google.com
www.google.nl
www.googletagservices.com
104.109.72.38
13.107.21.200
144.160.147.53
172.217.17.66
172.217.20.67
206.17.25.188
216.58.206.1
216.58.206.2
216.58.206.3
216.58.206.4
216.58.207.34
216.77.188.90
217.61.6.49
31.186.231.25
34.197.34.89
69.168.102.75
01a7e22fd83c617ff55898233518c54a9ecce7e0de3e8a63c4fa59315b029c6b
07409fcceec3b3e64da1a1abc33bec344fb36fbcdf7e391fa0533df531818c82
09bb2f30e60d6bd89520a6a0581108447039c697f7864037d4d892a14bf200e2
0b8f0144dab06f6ddd139221924d86370aacbbde30b136f556f6a8c45cf7a423
0d4a2bf40ff8652b0262925ca2a3fba97e8b857720400c7710c47bef18b2b0b3
207461e411e1ff6d6c5b0dd702d26031adb86de86ed3f571baa5a6fc498fc4b6
27da51ec2023f96407f92161ddda0e290b0661a765822ff03e5d61f3aecf8aa0
289a7e41cff4ab2b41a1974ff2e5fab22fdc56b7f9d60e5138e3a3c1d1f7d147
2e6adc45495a3dce89cd1edec83715f36a9820996774ff14e0e900173811c851
30a949cc26cd4f709fa897313f8d448b2cb724a40a170c4b8e8ce6b3aa890fd1
4b45c0c6b010a5248ddd38d7655ce7ca9660e4bf8dad3111c35bddac858a2342
50de74141721246d0341cbeea72a1e69a3363af1659a4171ef5e3200c9f8eda6
56845977a56747959a170550b800acd5b5ec5db345d953c1f4b8d94feac234e5
5c2bb4799afe71e3806de817e1e14868d170da40d3bf8df3f59e550fb23a57c1
5f3a574107d3802b7aeb502c12bbb29609280718d8223db7e1d44013188d07be
5fd69c4fa9f1a2a6fbdab11ff45053dbd08237e6190dfc9c071fadd08fe9b7d5
61e91515aaf72cba3014a136331a138eca6b27831c8f2e6b0c128825243f5263
697806bc4f970b07972e7a9f0c3536d46aa630753fb25e766810dbd6dbb12130
6ac0a7523db651441699a1082d951ebd88dd49d29f785c15a63d65824e71f754
764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b
864ff7035b5847ca82257fc69f4227c6cb3dee652878f7a9b89084bacf5dc5d0
9880eb5b6a6b1dec8f568c14a1a5be755c460d2ea2df66fa7b5e6b99227f7128
9d88dbdc5d0151ceba7292f7a484ddd0aa265e11dc2cca91978b7631d4372ac5
a24f75c771ff8e958aa0a8cd32398f414526b371239ea07ae3b1db2f08368e09
a5f609200852bd13460fd2e721c952e6910ed75cd192c4dd5436017689e0571c
a7f514f563121f1ad030cbf396a7fa69b88ac95180ece02b4b76c50f6ecef8fa
a9f7e804bc04fde0a1d57e54f53b9db40da92751fa660e843d9834720c1fd494
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c537cf7e2770d1b4953255dfccff8e0bdbfd4adb4e88d868e353208ae7ff13c1
d3f45949797ac9329127b9e128b0e0656aa48d5dbd8d5e8e42c8b451780c34f2
da0f28b0d18d448b29cb3ee6e742952e7247c627d3800d045ba1573ca1fc07f4
db2a3260d580716fb8dae973b1b994f799f545d520b7a1636d473ecbdbdd2223
dfa2be020e3374a4b1c871c88ada990120fb198d4e8ff685ad35cfae88ad3466
dfa35aa4643a991e1d2ec6e3562e1a0465174c7200a7572c92619904bb08530f
e158cc07eaace7542992b0b5a27b6bacb79680edd3554cc80641a75c2d933dcb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fdee766a03e4032897a2cd75326c135d8e938592bfb00f12ed5b4eb223f54c3f